Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.mft
File:                     zltbNMXCbMP9SuDC5VH3ks7LbFM.mft (raw, json)
Hash identifier:          IRKv35bEoy0UYmKGULKAOAb/QJNJ9LHg/v6shllMJ0U=
Subject key identifier:   D7:DB:6A:96:99:04:22:06:C7:03:47:FC:DC:1C:19:F1:F5:75:A1:0D
Authority key identifier: CE:5B:5B:34:C5:C2:6C:C3:FD:4A:E0:C2:E5:51:F7:92:CE:CB:6C:53
Certificate issuer:       /CN=ce5b5b34c5c26cc3fd4ae0c2e551f792cecb6c53
Certificate serial:       01964D7EF2CE4CA2C4987491FF70514178F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zltbNMXCbMP9SuDC5VH3ks7LbFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.mft
Manifest number:          0D16
Signing time:             Sat 19 Apr 2025 10:01:27 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:27 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:27 +0000
Files and hashes:         1: zltbNMXCbMP9SuDC5VH3ks7LbFM.crl (hash: hhaU5vcyubdQmprjeL1sDiCmllQlDPdoYwame8fQ3vg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zltbNMXCbMP9SuDC5VH3ks7LbFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:f2:ce:4c:a2:c4:98:74:91:ff:70:51:41:78:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce5b5b34c5c26cc3fd4ae0c2e551f792cecb6c53
        Validity
            Not Before: Apr 19 10:01:27 2025 GMT
            Not After : Apr 20 10:01:27 2025 GMT
        Subject: CN=d7db6a9699042206c70347fcdc1c19f1f575a10d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a4:f7:2e:5c:04:4a:f0:1a:8d:98:85:2d:c2:
                    13:51:77:15:0e:2f:8c:17:93:3b:f7:44:6e:6d:b8:
                    22:bb:b8:b2:92:3c:d5:5a:56:6f:cf:ef:d4:9e:b8:
                    93:ee:05:68:b2:cf:fd:c5:67:1a:da:f7:a6:70:e3:
                    5b:f7:2d:7f:69:f5:3d:fb:48:ec:e4:c7:fc:d7:fb:
                    64:9c:40:34:d9:12:81:95:e2:4e:44:1c:83:10:cb:
                    92:87:22:d0:e4:03:8b:79:cf:9a:cf:89:4b:eb:a2:
                    c0:7b:7d:ca:0a:5f:d8:e8:7b:28:e9:56:2a:65:c6:
                    2a:e4:c2:79:73:54:b8:5b:3d:11:22:46:9d:7d:f3:
                    8f:a6:ec:a8:e9:04:1e:6c:18:04:10:3d:a3:c7:e6:
                    5b:5b:97:2f:a9:ec:93:4f:15:5e:74:5a:2b:49:99:
                    da:93:29:53:3a:f6:11:a5:9a:81:4a:22:0a:a5:8b:
                    da:0a:1a:ac:9c:6c:ea:52:12:e0:44:b6:a0:fb:b5:
                    95:4b:fe:7d:46:34:2c:7f:ea:e4:17:83:cc:d6:5d:
                    1d:39:20:6a:45:09:2a:d6:65:50:0c:20:eb:c3:32:
                    6f:fe:71:0e:62:a6:cb:9b:a1:b4:35:60:99:c2:36:
                    25:68:38:4a:6b:ec:e9:78:14:e3:b1:35:5a:40:80:
                    b8:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:DB:6A:96:99:04:22:06:C7:03:47:FC:DC:1C:19:F1:F5:75:A1:0D
            X509v3 Authority Key Identifier:
                keyid:CE:5B:5B:34:C5:C2:6C:C3:FD:4A:E0:C2:E5:51:F7:92:CE:CB:6C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zltbNMXCbMP9SuDC5VH3ks7LbFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:f0:19:f8:b6:38:64:ac:8c:e3:87:a3:af:1b:2d:89:97:20:
         c2:f5:be:37:66:19:bf:fe:9d:e8:20:3b:fd:5e:bb:c2:be:6b:
         91:aa:99:8c:8f:2d:0b:4b:f3:09:21:92:ab:13:cb:08:20:86:
         e0:c3:14:c0:49:de:57:2d:75:55:1e:6c:f0:fd:87:9c:0e:25:
         d5:4f:d7:2d:04:9e:f1:a1:82:b0:7e:84:85:e4:e6:af:dd:fe:
         40:8b:c6:64:84:b5:0d:d7:e9:9e:b2:38:cf:69:1b:23:6a:24:
         fd:cd:fd:e4:8e:47:de:22:ff:d4:f2:8d:a8:1f:e2:2c:02:ad:
         bc:c3:86:7d:f6:15:99:bf:d6:2e:2c:e5:eb:a1:11:d3:d0:25:
         40:d0:95:1f:78:98:69:a8:8c:07:46:e9:31:ae:50:1e:97:6f:
         33:40:13:d7:bf:73:10:12:42:03:9c:a2:d4:7f:bb:2c:82:b5:
         cd:bd:45:15:b6:92:14:47:e0:c3:33:f8:80:b9:a2:7d:96:4b:
         66:07:ca:c6:b9:da:71:51:cb:a1:50:30:f0:26:6a:f8:30:12:
         22:ad:67:9b:c1:d9:2a:98:cd:ee:48:45:dd:63:de:0f:b3:f5:
         a2:80:6d:ff:82:ac:65:e2:88:da:8e:07:dc:cb:a8:06:f7:c5:
         05:1b:57:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfvLOTKLEmHSR/3BRQXj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWI1YjM0YzVjMjZjYzNmZDRhZTBjMmU1NTFmNzkyY2Vj
YjZjNTMwHhcNMjUwNDE5MTAwMTI3WhcNMjUwNDIwMTAwMTI3WjAzMTEwLwYDVQQD
EyhkN2RiNmE5Njk5MDQyMjA2YzcwMzQ3ZmNkYzFjMTlmMWY1NzVhMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqT3LlwESvAajZiFLcITUXcVDi+M
F5M790Rubbgiu7iykjzVWlZvz+/UnriT7gVoss/9xWca2vemcONb9y1/afU9+0js
5Mf81/tknEA02RKBleJORByDEMuShyLQ5AOLec+az4lL66LAe33KCl/Y6Hso6VYq
ZcYq5MJ5c1S4Wz0RIkadffOPpuyo6QQebBgEED2jx+ZbW5cvqeyTTxVedForSZna
kylTOvYRpZqBSiIKpYvaChqsnGzqUhLgRLag+7WVS/59RjQsf+rkF4PM1l0dOSBq
RQkq1mVQDCDrwzJv/nEOYqbLm6G0NWCZwjYlaDhKa+zpeBTjsTVaQIC4AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfbapaZBCIGxwNH/NwcGfH1daENMB8GA1UdIwQY
MBaAFM5bWzTFwmzD/UrgwuVR95LOy2xTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemx0Yk5NWENiTVA5U3VEQzVWSDNrczdMYkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lNTNhYTAtNTA0OC00MDhmLWEzYTgt
MDljYmY3YjI0MmMzLzEvemx0Yk5NWENiTVA5U3VEQzVWSDNrczdMYkZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lNTNhYTAtNTA0OC00MDhmLWEzYTgtMDljYmY3YjI0MmMz
LzEvemx0Yk5NWENiTVA5U3VEQzVWSDNrczdMYkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/AZ+LY4
ZKyM44ejrxstiZcgwvW+N2YZv/6d6CA7/V67wr5rkaqZjI8tC0vzCSGSqxPLCCCG
4MMUwEneVy11VR5s8P2HnA4l1U/XLQSe8aGCsH6EheTmr93+QIvGZIS1DdfpnrI4
z2kbI2ok/c395I5H3iL/1PKNqB/iLAKtvMOGffYVmb/WLizl66ER09AlQNCVH3iY
aaiMB0bpMa5QHpdvM0AT179zEBJCA5yi1H+7LIK1zb1FFbaSFEfgwzP4gLmifZZL
ZgfKxrnacVHLoVAw8CZq+DASIq1nm8HZKpjN7khF3WPeD7P1ooBt/4KsZeKI2o4H
3MuoBvfFBRtXtQ==
-----END CERTIFICATE-----