Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
File:                     ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft (raw, json)
Hash identifier:          E/jbThLiKID5EF+5m29TBoo/c0VetQ6qJuSlUal6cYA=
Subject key identifier:   90:F3:1E:CB:E0:DA:C5:43:B6:9F:3C:F3:15:EB:D5:1E:1C:5A:AC:5C
Authority key identifier: 64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9
Certificate issuer:       /CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
Certificate serial:       019A4EF434F09E7604AC2EC6EAA85C3F1ED9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
Manifest number:          169B
Signing time:             Tue 04 Nov 2025 13:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:18 +0000
Files and hashes:         1: ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl (hash: SS1uwYJDUuPavzfBXQVO2433m4QoIF0Z4Zyb8UsMAVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:34:f0:9e:76:04:ac:2e:c6:ea:a8:5c:3f:1e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
        Validity
            Not Before: Nov  4 13:00:18 2025 GMT
            Not After : Nov  5 13:00:18 2025 GMT
        Subject: CN=90f31ecbe0dac543b69f3cf315ebd51e1c5aac5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b5:16:2f:dc:7c:93:37:8d:7c:a9:b6:b4:89:
                    f9:81:40:cb:98:ad:7d:73:94:e8:b8:c2:e3:f8:7d:
                    76:2b:06:e7:ac:d4:3e:58:5e:11:00:4c:f0:95:27:
                    46:1f:c9:b9:c8:6d:0d:3b:46:61:e9:b2:81:4a:ec:
                    d0:4d:8c:11:40:68:f5:05:ef:29:6d:6b:4c:2c:6a:
                    c5:35:c5:c3:49:a1:ce:0f:c8:7f:2c:f2:f6:da:62:
                    a0:a7:b5:8e:8c:a3:cc:40:01:29:9d:33:17:37:23:
                    b1:08:a8:d9:f6:f8:a0:1b:ed:03:93:3d:ac:34:3d:
                    bf:65:88:2c:de:3c:f4:4d:b0:cf:98:f3:e1:a7:45:
                    8b:04:89:ea:2c:96:42:fe:2c:49:cb:ea:7d:8f:83:
                    e9:51:8f:dd:92:d2:d0:eb:ba:f9:d1:a2:aa:f2:a6:
                    6e:e0:1d:c3:2f:4f:7f:fa:0b:e0:71:37:56:91:10:
                    77:bf:a0:f9:83:80:42:ff:f9:a2:36:ea:39:85:75:
                    ae:79:f8:46:3a:f4:a8:46:13:c2:b1:1a:7e:34:e6:
                    03:3e:f9:e0:ff:36:c1:06:b9:30:88:6c:f2:ff:25:
                    a3:b5:fe:1b:d5:74:35:43:28:20:17:7e:76:e3:6b:
                    35:b1:bf:c4:67:a3:28:08:6a:53:20:76:3f:a5:d2:
                    67:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:F3:1E:CB:E0:DA:C5:43:B6:9F:3C:F3:15:EB:D5:1E:1C:5A:AC:5C
            X509v3 Authority Key Identifier:
                keyid:64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:70:60:4c:3a:38:4a:b0:da:ca:2c:01:88:90:ac:f6:d1:7f:
         a6:86:54:30:6a:2f:8c:66:b3:23:79:79:97:1b:59:c6:15:6a:
         2e:1d:cb:10:22:e5:62:e3:96:28:f9:16:7a:a0:e4:cb:4b:3d:
         b7:4c:fd:b0:5f:b2:53:0b:6a:c8:fb:a0:cc:b4:45:f2:7a:a1:
         30:b6:db:c6:52:43:f1:f1:54:d5:7a:77:93:6f:f5:3a:b5:eb:
         8d:e3:f5:f2:53:cd:2c:57:02:ff:1f:32:b7:f8:78:8a:4d:5f:
         dc:c8:d2:6b:d7:cf:65:02:ca:bd:43:3f:43:0b:de:3d:10:15:
         7b:26:d0:6a:fd:3d:b9:eb:95:6d:f1:64:12:a1:9c:24:a1:09:
         33:af:bc:2b:eb:57:84:78:d6:01:33:28:82:e1:70:f0:bb:5d:
         ca:47:f1:ad:89:d5:83:7e:08:e8:d1:d3:69:29:1f:8d:78:8d:
         86:d3:47:f1:dd:8f:b8:7e:b2:f1:a4:a4:d5:d0:fc:4f:78:c3:
         63:2b:44:24:50:c5:a4:5f:aa:a0:da:c6:18:b6:18:01:6e:7b:
         0b:09:6e:c1:73:fb:84:b3:38:7c:04:38:d7:0c:56:fc:53:1e:
         d7:2e:05:65:d2:94:25:d2:02:11:d7:b4:4e:66:2d:0a:2e:1f:
         fd:b8:f3:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9DTwnnYErC7G6qhcPx7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFlYWUyOGE0MWZjNzQwMTBkMGJmYjgzZmQ4MGNhMzQ1
YzU3ZjkwHhcNMjUxMTA0MTMwMDE4WhcNMjUxMTA1MTMwMDE4WjAzMTEwLwYDVQQD
Eyg5MGYzMWVjYmUwZGFjNTQzYjY5ZjNjZjMxNWViZDUxZTFjNWFhYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbUWL9x8kzeNfKm2tIn5gUDLmK19
c5TouMLj+H12KwbnrNQ+WF4RAEzwlSdGH8m5yG0NO0Zh6bKBSuzQTYwRQGj1Be8p
bWtMLGrFNcXDSaHOD8h/LPL22mKgp7WOjKPMQAEpnTMXNyOxCKjZ9vigG+0Dkz2s
ND2/ZYgs3jz0TbDPmPPhp0WLBInqLJZC/ixJy+p9j4PpUY/dktLQ67r50aKq8qZu
4B3DL09/+gvgcTdWkRB3v6D5g4BC//miNuo5hXWuefhGOvSoRhPCsRp+NOYDPvng
/zbBBrkwiGzy/yWjtf4b1XQ1QyggF35242s1sb/EZ6MoCGpTIHY/pdJnqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDzHsvg2sVDtp888xXr1R4cWqxcMB8GA1UdIwQY
MBaAFGTa6uKKQfx0AQ0L+4P9gMo0XFf5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYt
NjVhMjQyMDAyMjcwLzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYtNjVhMjQyMDAyMjcw
LzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnBgTDo4
SrDayiwBiJCs9tF/poZUMGovjGazI3l5lxtZxhVqLh3LECLlYuOWKPkWeqDky0s9
t0z9sF+yUwtqyPugzLRF8nqhMLbbxlJD8fFU1Xp3k2/1OrXrjeP18lPNLFcC/x8y
t/h4ik1f3MjSa9fPZQLKvUM/QwvePRAVeybQav09ueuVbfFkEqGcJKEJM6+8K+tX
hHjWATMoguFw8LtdykfxrYnVg34I6NHTaSkfjXiNhtNH8d2PuH6y8aSk1dD8T3jD
YytEJFDFpF+qoNrGGLYYAW57CwluwXP7hLM4fAQ41wxW/FMe1y4FZdKUJdICEde0
TmYtCi4f/bjzRQ==
-----END CERTIFICATE-----