Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          CN8dx9S+9PlV+Th3M39Btd7NGTqnSim2PxP87vP6BOY=
Subject key identifier:   D4:27:5B:67:57:BC:63:C3:F1:28:33:EF:AA:EE:15:E8:30:05:38:90
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       0198835618C3CDC3EAFBECE832AC1D1734C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0E87
Signing time:             Thu 07 Aug 2025 07:01:54 +0000
Manifest this update:     Thu 07 Aug 2025 07:01:54 +0000
Manifest next update:     Fri 08 Aug 2025 07:01:54 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: xYuPTBSov46o/aVFYtoUdoI7zjtmKWYuU4q1+Y/p0qI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 07:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:56:18:c3:cd:c3:ea:fb:ec:e8:32:ac:1d:17:34:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Aug  7 07:01:54 2025 GMT
            Not After : Aug  8 07:01:54 2025 GMT
        Subject: CN=d4275b6757bc63c3f12833efaaee15e830053890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3b:64:45:9c:a4:cb:6c:aa:fa:5c:e6:2b:70:
                    db:f9:ab:59:e3:a2:e2:f6:4d:8d:a1:d5:79:a5:ad:
                    a7:26:63:21:aa:db:f1:eb:cb:9e:b3:08:4e:e2:81:
                    bf:e1:5f:f4:66:c1:e5:bf:d8:3a:c8:56:1e:63:7c:
                    84:07:93:2e:25:57:04:67:52:05:cd:94:4d:39:9b:
                    1f:df:1b:40:c8:7e:72:be:a3:95:a8:a5:3a:4b:91:
                    d6:fd:44:6f:86:5d:ef:51:a0:1e:c2:3a:cf:9e:ba:
                    b0:c0:8f:53:a6:7b:aa:a5:d2:a3:71:75:72:78:0b:
                    ba:1c:cb:30:16:3d:45:9e:16:0d:46:58:b0:a5:37:
                    03:6a:ee:6e:3d:63:13:d5:6f:d9:c1:43:86:34:d0:
                    86:86:d2:fa:9d:17:3a:6d:f1:6d:fd:a2:c3:fc:3e:
                    66:4c:da:58:53:54:0d:dc:27:12:bb:6b:88:90:ab:
                    71:69:58:e2:08:b5:03:46:ae:ae:75:a8:dc:6c:0f:
                    d5:98:c2:79:49:76:60:14:0f:30:ed:dc:cd:ec:49:
                    05:30:1b:5d:b8:0d:01:75:d5:dc:4c:0d:d6:94:96:
                    26:5d:e1:91:bb:5b:e9:f2:ff:64:3f:8b:3a:02:79:
                    31:21:73:16:58:d5:85:5e:88:03:bd:0f:98:12:80:
                    dc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:27:5B:67:57:BC:63:C3:F1:28:33:EF:AA:EE:15:E8:30:05:38:90
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:eb:7d:b4:c2:a2:c2:0a:13:64:8e:a2:cd:5d:7f:11:0e:d6:
         99:d9:30:1a:27:c0:9a:11:df:aa:97:20:8a:8c:b5:23:b2:52:
         de:4c:4b:fc:3c:f6:b8:7b:55:f1:4d:ce:61:29:6a:4d:14:b5:
         a5:d1:52:a1:bf:e0:1a:30:60:0f:2c:89:41:2b:57:d1:15:b7:
         71:0c:25:70:cc:ea:9e:ea:72:e5:f4:f1:8c:db:21:3e:da:c8:
         4f:65:5c:2c:7d:7e:2e:02:89:a2:a9:8a:94:fc:ba:49:6d:42:
         33:0d:08:87:be:e1:7e:97:34:09:bc:9b:c8:8e:fa:59:74:9b:
         da:28:05:5c:71:3d:2c:43:cb:b3:d9:f3:bf:dd:4f:1e:e1:0a:
         10:37:05:bc:cb:42:93:12:36:cf:63:f5:db:f6:23:fb:73:18:
         40:12:c2:89:a6:3a:41:fe:f6:f9:a0:66:18:1c:e5:16:8b:21:
         8a:44:c2:8f:9b:5b:1c:70:24:37:4e:04:42:dd:90:48:78:81:
         bb:84:78:41:b2:ac:86:f9:55:66:13:7f:59:49:3f:90:1d:2d:
         d1:d9:b0:c2:0b:b7:1b:df:c9:da:fa:71:29:89:b1:4b:6a:11:
         dd:a2:0e:54:79:8d:7b:54:94:9e:2f:2e:8b:ef:21:ad:57:51:
         35:a9:2c:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiDVhjDzcPq++zoMqwdFzTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUwODA3MDcwMTU0WhcNMjUwODA4MDcwMTU0WjAzMTEwLwYDVQQD
EyhkNDI3NWI2NzU3YmM2M2MzZjEyODMzZWZhYWVlMTVlODMwMDUzODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtztkRZyky2yq+lzmK3Db+atZ46Li
9k2NodV5pa2nJmMhqtvx68ueswhO4oG/4V/0ZsHlv9g6yFYeY3yEB5MuJVcEZ1IF
zZRNOZsf3xtAyH5yvqOVqKU6S5HW/URvhl3vUaAewjrPnrqwwI9TpnuqpdKjcXVy
eAu6HMswFj1FnhYNRliwpTcDau5uPWMT1W/ZwUOGNNCGhtL6nRc6bfFt/aLD/D5m
TNpYU1QN3CcSu2uIkKtxaVjiCLUDRq6udajcbA/VmMJ5SXZgFA8w7dzN7EkFMBtd
uA0BddXcTA3WlJYmXeGRu1vp8v9kP4s6AnkxIXMWWNWFXogDvQ+YEoDcUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQnW2dXvGPD8Sgz76ruFegwBTiQMB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARut9tMKi
wgoTZI6izV1/EQ7WmdkwGifAmhHfqpcgioy1I7JS3kxL/Dz2uHtV8U3OYSlqTRS1
pdFSob/gGjBgDyyJQStX0RW3cQwlcMzqnupy5fTxjNshPtrIT2VcLH1+LgKJoqmK
lPy6SW1CMw0Ih77hfpc0CbybyI76WXSb2igFXHE9LEPLs9nzv91PHuEKEDcFvMtC
kxI2z2P12/Yj+3MYQBLCiaY6Qf72+aBmGBzlFoshikTCj5tbHHAkN04EQt2QSHiB
u4R4QbKshvlVZhN/WUk/kB0t0dmwwgu3G9/J2vpxKYmxS2oR3aIOVHmNe1SUni8u
i+8hrVdRNaksWg==
-----END CERTIFICATE-----