Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
File:                     sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft (raw, json)
Hash identifier:          F+b4bmIgfZMonRKrmI66aRV5aYSm18qMVUyqv6QQbFE=
Subject key identifier:   45:62:70:56:03:1F:44:ED:D8:51:6B:CE:6F:46:48:B1:42:1C:02:1D
Authority key identifier: B1:9D:46:A6:A3:36:35:3A:90:F1:74:FA:99:0F:C2:24:12:01:EB:1C
Certificate issuer:       /CN=b19d46a6a336353a90f174fa990fc2241201eb1c
Certificate serial:       019A4E18FBC682659C1DA939C6AAED44D1BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
Manifest number:          0693
Signing time:             Tue 04 Nov 2025 09:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:51 +0000
Files and hashes:         1: sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl (hash: 70Q60uPBtFGsx5L3utcqhjJ5ip0HR/qNrsSVtMv/UQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:fb:c6:82:65:9c:1d:a9:39:c6:aa:ed:44:d1:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b19d46a6a336353a90f174fa990fc2241201eb1c
        Validity
            Not Before: Nov  4 09:00:51 2025 GMT
            Not After : Nov  5 09:00:51 2025 GMT
        Subject: CN=45627056031f44edd8516bce6f4648b1421c021d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:55:df:90:1e:9d:e0:66:97:72:86:04:10:38:
                    f8:7d:e1:7e:d5:57:f3:6b:95:43:c0:e4:ec:2f:9f:
                    fa:4f:07:c6:76:d4:15:77:db:6f:72:cd:7a:c7:5f:
                    a6:7f:c2:52:67:de:27:b8:0a:ae:63:7e:40:b2:bb:
                    d3:16:2e:f4:f4:6d:3c:bf:86:f9:2b:da:d5:0f:f1:
                    27:23:70:cb:30:fe:72:69:4c:a1:75:ff:de:e8:ec:
                    21:2a:bb:2f:e6:6d:dd:cc:ca:de:1d:ed:a7:f7:fe:
                    9b:bf:85:9d:05:47:4e:d0:81:e6:99:dc:ae:34:8e:
                    c5:8b:bf:fa:16:1a:5a:cb:96:68:87:02:8a:37:3f:
                    99:89:12:ac:40:a5:e0:dc:f5:6a:99:8a:ae:fd:9c:
                    78:12:1c:4f:9b:0c:ae:d6:bb:a7:54:92:40:e6:72:
                    ef:e2:c1:dd:4a:a1:3e:3c:18:e7:97:a5:c6:35:82:
                    48:72:4a:c9:04:64:76:ee:5e:4e:a7:93:c9:65:6b:
                    90:9c:0e:e5:fa:06:ed:2a:7b:a2:97:0a:09:bc:c7:
                    1e:ed:af:52:f1:a5:32:e9:ef:e1:03:a5:e7:12:54:
                    21:43:03:81:2d:4a:27:72:53:c6:02:de:50:1b:73:
                    b3:1f:7e:85:05:36:dc:a0:75:58:28:58:8c:09:e1:
                    dc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:62:70:56:03:1F:44:ED:D8:51:6B:CE:6F:46:48:B1:42:1C:02:1D
            X509v3 Authority Key Identifier:
                keyid:B1:9D:46:A6:A3:36:35:3A:90:F1:74:FA:99:0F:C2:24:12:01:EB:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:60:79:79:4a:2d:78:ce:bf:fd:f0:0f:03:3e:9d:b2:9e:7b:
         a7:59:40:71:0f:5e:b5:82:ae:a3:27:27:df:cf:fd:d4:9d:0e:
         ba:e5:d2:8f:8b:8a:9e:63:c2:98:0d:e5:71:50:96:43:89:e8:
         07:9c:90:09:8d:d6:9a:d7:d3:6d:8a:4a:d6:49:07:3d:fd:2c:
         af:c8:9d:51:37:fc:31:ec:f2:73:b4:ed:05:ce:e1:9b:ea:54:
         d6:d3:ac:c1:aa:5f:32:ed:80:0a:5f:be:03:71:77:2b:b9:7e:
         8b:7e:53:ad:b8:73:03:bb:27:3f:d4:23:85:2e:cc:c9:b4:b6:
         7e:e4:c1:54:84:1d:3f:c1:4e:50:a7:78:78:c0:3b:8d:d9:66:
         d7:3d:4b:0d:e1:1e:25:7f:2e:94:0d:1a:1c:ac:40:60:76:e0:
         4d:70:73:a5:1c:d7:5c:e9:ea:5f:17:6d:9f:1b:10:da:9a:4e:
         07:b8:71:fb:65:f5:20:ba:90:8a:65:4f:b4:ea:8f:27:cb:aa:
         c6:1a:32:a6:bc:6e:d7:f7:be:6e:54:b3:fd:64:43:23:1f:2b:
         cd:cf:86:18:3c:9e:ec:90:e1:f1:82:ce:28:e2:a7:11:29:81:
         ba:37:2b:c5:78:8b:40:8e:d4:41:46:63:19:9d:c9:ae:5c:fc:
         f6:87:35:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGPvGgmWcHak5xqrtRNG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOWQ0NmE2YTMzNjM1M2E5MGYxNzRmYTk5MGZjMjI0MTIw
MWViMWMwHhcNMjUxMTA0MDkwMDUxWhcNMjUxMTA1MDkwMDUxWjAzMTEwLwYDVQQD
Eyg0NTYyNzA1NjAzMWY0NGVkZDg1MTZiY2U2ZjQ2NDhiMTQyMWMwMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslXfkB6d4GaXcoYEEDj4feF+1Vfz
a5VDwOTsL5/6TwfGdtQVd9tvcs16x1+mf8JSZ94nuAquY35AsrvTFi709G08v4b5
K9rVD/EnI3DLMP5yaUyhdf/e6OwhKrsv5m3dzMreHe2n9/6bv4WdBUdO0IHmmdyu
NI7Fi7/6Fhpay5ZohwKKNz+ZiRKsQKXg3PVqmYqu/Zx4EhxPmwyu1runVJJA5nLv
4sHdSqE+PBjnl6XGNYJIckrJBGR27l5Op5PJZWuQnA7l+gbtKnuilwoJvMce7a9S
8aUy6e/hA6XnElQhQwOBLUonclPGAt5QG3OzH36FBTbcoHVYKFiMCeHcRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVicFYDH0Tt2FFrzm9GSLFCHAIdMB8GA1UdIwQY
MBaAFLGdRqajNjU6kPF0+pkPwiQSAescMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lMmY0ZTEtYTcwYS00Y2ExLTkyMWMt
NTk0YzY5ZmIwNzExLzEvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lMmY0ZTEtYTcwYS00Y2ExLTkyMWMtNTk0YzY5ZmIwNzEx
LzEvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJWB5eUot
eM6//fAPAz6dsp57p1lAcQ9etYKuoycn38/91J0OuuXSj4uKnmPCmA3lcVCWQ4no
B5yQCY3WmtfTbYpK1kkHPf0sr8idUTf8Mezyc7TtBc7hm+pU1tOswapfMu2ACl++
A3F3K7l+i35TrbhzA7snP9QjhS7MybS2fuTBVIQdP8FOUKd4eMA7jdlm1z1LDeEe
JX8ulA0aHKxAYHbgTXBzpRzXXOnqXxdtnxsQ2ppOB7hx+2X1ILqQimVPtOqPJ8uq
xhoyprxu1/e+blSz/WRDIx8rzc+GGDye7JDh8YLOKOKnESmBujcrxXiLQI7UQUZj
GZ3Jrlz89oc1SA==
-----END CERTIFICATE-----