Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          hNQyDDIKq4uXjMTycjkBpzmWcjZRoH3ZbXFRtHDhLRI=
Subject key identifier:   40:A3:03:6E:B5:AD:60:B6:06:78:4C:08:AF:51:39:48:5E:A4:4F:58
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       019A4EF54BBCBC577E6D257B30EE4CD30B3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          106D
Signing time:             Tue 04 Nov 2025 13:01:29 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:29 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:29 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: EoxJ/tZfRCpOcFGW0lbdlQCRG6YR2dFXB67fSjT0yrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:4b:bc:bc:57:7e:6d:25:7b:30:ee:4c:d3:0b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: Nov  4 13:01:29 2025 GMT
            Not After : Nov  5 13:01:29 2025 GMT
        Subject: CN=40a3036eb5ad60b606784c08af5139485ea44f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:9d:0b:cf:1f:57:87:13:7f:49:f4:6b:7a:41:
                    38:e6:02:b5:3c:15:b8:4c:8b:04:bc:c5:00:92:ee:
                    b2:31:c2:5d:86:12:bb:df:07:be:b8:69:84:3a:f9:
                    77:e7:85:e4:83:e5:81:31:5f:b0:c8:39:6c:93:77:
                    e1:02:6e:f2:0d:a1:3a:81:d8:4c:78:9c:ea:2e:ed:
                    0e:f2:fa:0c:01:cf:02:5b:60:5b:4d:31:75:19:f9:
                    38:65:c7:93:23:a8:4f:63:8d:7f:36:6e:6c:de:1d:
                    11:14:23:74:44:f6:74:20:95:c0:f7:48:c9:3f:5c:
                    8b:5f:e0:37:9b:0e:8c:06:d3:ec:b6:9b:b0:74:c9:
                    3d:51:1a:c0:fc:ff:22:35:73:b1:d6:1c:2b:29:08:
                    5e:6a:24:a3:86:d2:24:ef:c3:a2:40:38:71:e1:8d:
                    ad:48:2f:f4:2c:52:fb:3f:8a:78:0b:bb:6d:10:0e:
                    bf:fb:a3:76:04:c3:2a:48:30:75:fe:d7:76:19:c0:
                    65:a0:5b:d2:22:65:47:b4:d4:8f:a6:83:cc:24:57:
                    05:2e:3c:80:02:03:f1:55:73:01:5b:a7:0c:43:c4:
                    96:b0:b7:13:d2:13:6a:72:fe:f3:4e:54:f0:e8:63:
                    31:aa:4c:2d:d4:74:9c:ce:c3:6d:3b:50:c4:39:85:
                    b0:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A3:03:6E:B5:AD:60:B6:06:78:4C:08:AF:51:39:48:5E:A4:4F:58
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:65:2b:5c:b6:83:50:06:09:0e:9e:98:0a:7d:ba:a3:35:6b:
         20:74:f5:cc:c7:35:2c:56:a2:28:65:56:92:10:eb:62:21:60:
         04:78:bb:df:d9:f9:4d:58:f3:67:15:61:f8:23:48:6d:0a:7d:
         37:f4:1a:5c:28:95:99:39:54:44:ec:b4:c3:73:83:2e:f0:5d:
         e9:c8:94:82:72:3b:5d:4c:09:08:01:3c:7f:9d:28:a6:9e:90:
         29:5b:dc:4d:b1:e5:97:29:e0:da:a8:1c:66:ec:aa:1f:dd:b2:
         af:87:69:59:55:5e:8f:05:16:1f:31:5d:94:7b:70:ad:c9:06:
         03:93:f0:44:ee:f1:a7:4b:83:68:10:c6:64:9a:55:7a:95:f0:
         54:22:73:9e:f8:d8:10:de:6a:1d:9b:9c:18:81:bf:63:f5:61:
         1c:57:79:7a:81:af:9c:9f:e8:74:a6:37:cd:8f:aa:09:ef:f9:
         df:54:d6:9f:82:2d:8f:f7:40:78:6c:9e:35:bd:6a:a8:bd:f9:
         fa:4a:9c:40:d6:ab:74:de:04:de:da:8a:73:72:01:2c:d7:80:
         2b:11:e5:57:97:7b:4b:f1:ac:b3:c0:31:69:27:24:7b:e0:c1:
         0f:a5:69:77:e8:19:1b:52:a5:3b:5e:75:98:11:50:fd:bf:26:
         f5:2c:e3:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Uu8vFd+bSV7MO5M0ws9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjUxMTA0MTMwMTI5WhcNMjUxMTA1MTMwMTI5WjAzMTEwLwYDVQQD
Eyg0MGEzMDM2ZWI1YWQ2MGI2MDY3ODRjMDhhZjUxMzk0ODVlYTQ0ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm50Lzx9XhxN/SfRrekE45gK1PBW4
TIsEvMUAku6yMcJdhhK73we+uGmEOvl354Xkg+WBMV+wyDlsk3fhAm7yDaE6gdhM
eJzqLu0O8voMAc8CW2BbTTF1Gfk4ZceTI6hPY41/Nm5s3h0RFCN0RPZ0IJXA90jJ
P1yLX+A3mw6MBtPstpuwdMk9URrA/P8iNXOx1hwrKQheaiSjhtIk78OiQDhx4Y2t
SC/0LFL7P4p4C7ttEA6/+6N2BMMqSDB1/td2GcBloFvSImVHtNSPpoPMJFcFLjyA
AgPxVXMBW6cMQ8SWsLcT0hNqcv7zTlTw6GMxqkwt1HSczsNtO1DEOYWwmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECjA261rWC2BnhMCK9ROUhepE9YMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWUrXLaD
UAYJDp6YCn26ozVrIHT1zMc1LFaiKGVWkhDrYiFgBHi739n5TVjzZxVh+CNIbQp9
N/QaXCiVmTlUROy0w3ODLvBd6ciUgnI7XUwJCAE8f50opp6QKVvcTbHllyng2qgc
ZuyqH92yr4dpWVVejwUWHzFdlHtwrckGA5PwRO7xp0uDaBDGZJpVepXwVCJznvjY
EN5qHZucGIG/Y/VhHFd5eoGvnJ/odKY3zY+qCe/531TWn4Itj/dAeGyeNb1qqL35
+kqcQNardN4E3tqKc3IBLNeAKxHlV5d7S/Gss8AxaScke+DBD6Vpd+gZG1KlO151
mBFQ/b8m9SzjHQ==
-----END CERTIFICATE-----