Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
File:                     ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft (raw, json)
Hash identifier:          1c5iOsF9vN5f6P6EO9VrLqmtguHh9DfJ5BCFa3P03CQ=
Subject key identifier:   FC:3A:02:75:A3:45:33:C5:A4:A0:DB:9C:23:BF:B8:3F:65:06:AF:78
Authority key identifier: 65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B
Certificate issuer:       /CN=654364d0c6c93df28027488afcbfcf329726392b
Certificate serial:       019A4EF49BF9A7DDEC7A9E6FF4876A28E2B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
Manifest number:          0AA0
Signing time:             Tue 04 Nov 2025 13:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:44 +0000
Files and hashes:         1: ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl (hash: Jp0VDSUxaXwfkdrwSM7NqWKD6Z21RwBbiwH/mrsLHf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:9b:f9:a7:dd:ec:7a:9e:6f:f4:87:6a:28:e2:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654364d0c6c93df28027488afcbfcf329726392b
        Validity
            Not Before: Nov  4 13:00:44 2025 GMT
            Not After : Nov  5 13:00:44 2025 GMT
        Subject: CN=fc3a0275a34533c5a4a0db9c23bfb83f6506af78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7e:e8:15:60:04:b5:3f:5a:2a:d2:a3:43:36:
                    31:76:e8:18:99:a7:c8:96:55:00:63:3a:62:d4:86:
                    0c:2d:8e:68:53:8e:ce:1c:45:02:4b:50:0d:8d:7e:
                    34:ce:37:05:6b:c8:36:7b:b4:35:27:03:0d:0d:90:
                    5a:88:de:bc:6b:a1:78:5c:46:30:ef:2a:5b:9b:1c:
                    77:96:57:60:f0:93:49:90:fe:ff:57:73:7b:4f:b1:
                    19:84:90:62:d3:a3:92:91:bf:8e:86:b9:a9:f8:6e:
                    a9:07:a2:63:36:9a:e8:0c:62:2d:2a:bb:fe:c5:04:
                    a7:5b:c8:ae:1e:2e:4e:ac:b2:84:6f:93:aa:57:d0:
                    4c:fc:e5:13:b0:9a:12:53:12:07:96:78:9e:f8:20:
                    c5:26:0c:28:00:5c:34:81:5c:5f:8c:8e:f5:98:c4:
                    51:96:94:fe:76:50:ee:b0:75:f1:8d:03:6a:6e:c6:
                    18:2a:80:db:93:92:fb:50:25:01:86:2e:d2:b2:37:
                    9c:52:43:eb:bf:f5:c1:3d:c7:4f:a2:ee:97:32:d0:
                    68:18:b3:a5:31:37:72:c7:55:ce:92:af:d1:b8:42:
                    87:f8:47:87:37:22:88:70:f6:f4:3c:e1:bf:86:d3:
                    f8:b8:3d:e0:e6:95:fb:b4:59:60:c6:0e:e9:d2:8a:
                    04:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:3A:02:75:A3:45:33:C5:A4:A0:DB:9C:23:BF:B8:3F:65:06:AF:78
            X509v3 Authority Key Identifier:
                keyid:65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:f0:d7:58:9f:d9:12:1e:54:bb:5c:29:2d:ee:cb:3b:5e:1b:
         36:6e:e2:74:c3:81:2e:43:6d:18:37:11:d8:5a:a6:0c:4b:51:
         c3:fc:fa:91:00:50:af:18:ba:aa:14:76:29:2d:69:77:24:9f:
         62:ff:bb:5a:67:8b:c6:e6:ad:01:70:71:7d:39:f2:ef:47:db:
         57:ef:1e:b3:3d:34:24:67:76:d7:b3:e5:80:e3:04:b6:e5:e5:
         2e:2b:99:3b:c8:b6:87:ff:29:cf:04:91:1d:f1:77:e6:cd:22:
         6d:4b:a2:77:90:e8:8d:54:91:8a:fd:5b:a8:21:e3:c2:a7:c5:
         85:3d:bd:bf:f3:90:f1:f9:5d:e2:b0:71:c3:be:5a:69:23:be:
         ae:cd:ab:97:f6:7a:d2:47:58:ec:f8:ed:2c:1a:11:29:d6:08:
         b6:fd:b0:16:8d:2a:8c:40:60:40:2e:4b:a6:57:84:11:2a:89:
         c1:20:b8:ee:6a:b6:d1:79:76:b6:41:73:1d:8d:75:6f:53:06:
         02:3b:bf:d1:a4:8e:98:aa:fd:1f:d3:f1:39:9c:f0:6c:1f:c9:
         25:a1:59:06:9b:74:e9:41:49:f6:3a:84:aa:ef:87:9e:a0:07:
         38:f7:80:e0:6e:85:90:fb:e8:4f:d0:fd:07:27:4c:f7:4a:59:
         00:6a:3a:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Jv5p93sep5v9IdqKOKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDM2NGQwYzZjOTNkZjI4MDI3NDg4YWZjYmZjZjMyOTcy
NjM5MmIwHhcNMjUxMTA0MTMwMDQ0WhcNMjUxMTA1MTMwMDQ0WjAzMTEwLwYDVQQD
EyhmYzNhMDI3NWEzNDUzM2M1YTRhMGRiOWMyM2JmYjgzZjY1MDZhZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq37oFWAEtT9aKtKjQzYxdugYmafI
llUAYzpi1IYMLY5oU47OHEUCS1ANjX40zjcFa8g2e7Q1JwMNDZBaiN68a6F4XEYw
7ypbmxx3lldg8JNJkP7/V3N7T7EZhJBi06OSkb+Ohrmp+G6pB6JjNproDGItKrv+
xQSnW8iuHi5OrLKEb5OqV9BM/OUTsJoSUxIHlnie+CDFJgwoAFw0gVxfjI71mMRR
lpT+dlDusHXxjQNqbsYYKoDbk5L7UCUBhi7SsjecUkPrv/XBPcdPou6XMtBoGLOl
MTdyx1XOkq/RuEKH+EeHNyKIcPb0POG/htP4uD3g5pX7tFlgxg7p0ooE9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPw6AnWjRTPFpKDbnCO/uD9lBq94MB8GA1UdIwQY
MBaAFGVDZNDGyT3ygCdIivy/zzKXJjkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTct
YjZlOGVhOTEyNDgwLzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTctYjZlOGVhOTEyNDgw
LzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/DXWJ/Z
Eh5Uu1wpLe7LO14bNm7idMOBLkNtGDcR2FqmDEtRw/z6kQBQrxi6qhR2KS1pdySf
Yv+7WmeLxuatAXBxfTny70fbV+8esz00JGd217PlgOMEtuXlLiuZO8i2h/8pzwSR
HfF35s0ibUuid5DojVSRiv1bqCHjwqfFhT29v/OQ8fld4rBxw75aaSO+rs2rl/Z6
0kdY7PjtLBoRKdYItv2wFo0qjEBgQC5LpleEESqJwSC47mq20Xl2tkFzHY11b1MG
Aju/0aSOmKr9H9PxOZzwbB/JJaFZBpt06UFJ9jqEqu+HnqAHOPeA4G6FkPvoT9D9
BydM90pZAGo6NA==
-----END CERTIFICATE-----