Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          KDToCTrMPPf0/F/qanAIw6p4hnBMByckGNNon8DJ3Pc=
Subject key identifier:   D0:F6:DA:FE:1A:20:43:DD:CE:65:8A:8D:A7:2C:F6:3F:E8:3C:08:CE
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019894B80ECBFCDC83CA69C301BE067ECA8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          1443
Signing time:             Sun 10 Aug 2025 16:02:26 +0000
Manifest this update:     Sun 10 Aug 2025 16:02:26 +0000
Manifest next update:     Mon 11 Aug 2025 16:02:26 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: V+9LpjWgNvsHnM8jHlKseB4Y4cH5Hmmw7bNpWIRFwh8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b8:0e:cb:fc:dc:83:ca:69:c3:01:be:06:7e:ca:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Aug 10 16:02:26 2025 GMT
            Not After : Aug 11 16:02:26 2025 GMT
        Subject: CN=d0f6dafe1a2043ddce658a8da72cf63fe83c08ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ce:dd:c0:ac:ec:0f:8a:3e:1c:9b:95:79:dc:
                    29:b6:f0:9f:a4:e8:4d:1c:a0:d0:9b:ea:87:b8:72:
                    10:d3:12:4b:9a:43:10:d5:33:92:21:3f:3a:17:41:
                    84:83:4b:a6:11:b3:fc:af:b7:35:71:7f:9a:8e:95:
                    97:d3:64:7f:a1:4f:76:1b:1d:0b:14:e9:b4:e2:41:
                    bf:1f:63:fd:07:26:2f:72:cc:9d:2c:1a:0a:96:ef:
                    64:0d:a1:29:39:e7:74:63:7e:f4:da:b7:6f:b8:98:
                    6f:e7:34:b6:00:db:4f:08:1d:23:c2:b2:52:fb:5f:
                    e0:6d:f0:44:d3:bd:74:4e:bf:8b:7e:fb:19:45:2c:
                    75:f0:76:90:ad:ee:3f:c3:16:99:6d:87:30:cc:a6:
                    14:51:df:96:24:fb:a3:57:ed:1d:65:52:ea:90:1b:
                    f8:87:67:ee:d2:c8:fb:9b:98:3e:be:3f:1c:48:76:
                    1e:76:78:aa:3a:c2:dc:81:6e:83:72:97:53:e8:f8:
                    da:09:a4:fe:bf:3d:ee:f4:ad:ef:70:33:42:0b:23:
                    ee:e6:09:3b:cc:af:62:3a:57:67:5d:23:e3:7d:dd:
                    c0:0c:5f:b2:6c:fe:0c:47:76:86:a5:8f:d8:46:a0:
                    09:f1:e1:49:6b:ee:bb:a4:ba:71:89:c1:0e:14:7e:
                    4f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F6:DA:FE:1A:20:43:DD:CE:65:8A:8D:A7:2C:F6:3F:E8:3C:08:CE
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:e1:59:ea:48:28:62:b1:ea:81:f5:46:78:0e:c7:a1:f7:9f:
         1f:5b:8a:b7:1e:6e:3f:43:64:29:79:dd:59:ba:d0:cb:ec:d6:
         c7:4b:81:9f:b7:e7:0f:85:9d:ba:69:14:63:63:11:1c:61:82:
         51:1b:64:b9:e8:d8:68:ed:aa:c2:b3:6c:a8:b2:15:eb:1d:bb:
         a5:f8:30:20:37:8a:b5:a7:75:8d:96:d7:ac:03:3e:28:22:4d:
         b4:90:58:0e:fe:81:ab:c1:a8:cb:86:cc:73:53:1f:a0:65:c9:
         b5:e0:6b:e4:15:d3:40:d8:37:64:74:52:12:a4:14:81:74:d9:
         61:51:51:82:52:fa:3b:e8:9b:b6:5f:0f:f0:a9:48:f2:8e:1e:
         29:dc:26:9b:8e:69:23:67:dc:4e:e1:c2:ec:38:21:ec:a1:1f:
         c8:f4:21:84:42:8d:4b:f4:86:d3:9e:a5:29:64:b0:6b:84:c6:
         eb:0c:c1:bb:1b:65:20:2d:59:25:11:b0:ec:59:d4:df:21:b6:
         36:6f:78:ac:66:df:78:42:95:35:f7:8a:c5:18:12:17:82:4b:
         22:49:d5:3d:85:91:7d:b3:99:13:83:09:aa:73:7e:05:30:c7:
         ef:fb:b6:56:f3:72:66:7b:ee:7b:aa:e8:1b:74:8e:b9:a9:8c:
         21:fb:4e:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUuA7L/NyDymnDAb4GfsqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwODEwMTYwMjI2WhcNMjUwODExMTYwMjI2WjAzMTEwLwYDVQQD
EyhkMGY2ZGFmZTFhMjA0M2RkY2U2NThhOGRhNzJjZjYzZmU4M2MwOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks7dwKzsD4o+HJuVedwptvCfpOhN
HKDQm+qHuHIQ0xJLmkMQ1TOSIT86F0GEg0umEbP8r7c1cX+ajpWX02R/oU92Gx0L
FOm04kG/H2P9ByYvcsydLBoKlu9kDaEpOed0Y3702rdvuJhv5zS2ANtPCB0jwrJS
+1/gbfBE0710Tr+LfvsZRSx18HaQre4/wxaZbYcwzKYUUd+WJPujV+0dZVLqkBv4
h2fu0sj7m5g+vj8cSHYedniqOsLcgW6DcpdT6PjaCaT+vz3u9K3vcDNCCyPu5gk7
zK9iOldnXSPjfd3ADF+ybP4MR3aGpY/YRqAJ8eFJa+67pLpxicEOFH5PcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFND22v4aIEPdzmWKjacs9j/oPAjOMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeFZ6kgo
YrHqgfVGeA7HofefH1uKtx5uP0NkKXndWbrQy+zWx0uBn7fnD4WdumkUY2MRHGGC
URtkuejYaO2qwrNsqLIV6x27pfgwIDeKtad1jZbXrAM+KCJNtJBYDv6Bq8Goy4bM
c1MfoGXJteBr5BXTQNg3ZHRSEqQUgXTZYVFRglL6O+ibtl8P8KlI8o4eKdwmm45p
I2fcTuHC7Dgh7KEfyPQhhEKNS/SG056lKWSwa4TG6wzBuxtlIC1ZJRGw7FnU3yG2
Nm94rGbfeEKVNfeKxRgSF4JLIknVPYWRfbOZE4MJqnN+BTDH7/u2VvNyZnvue6ro
G3SOuamMIftO2g==
-----END CERTIFICATE-----