Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          Gbgl/pJAoXwc0fCl4DEDcaKwStpoqGFGm5qgogLGV6A=
Subject key identifier:   6E:C6:AC:A0:15:C1:E1:88:64:B1:89:DC:A7:A1:65:96:A9:F5:55:4F
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       01965349C197CD08B979154C24C3FCC48812
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          0476
Signing time:             Sun 20 Apr 2025 13:01:04 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:04 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:04 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: ECJUO1/+QlTdQtiXNBJ0QC+6z2XhuvRUBVgcmBHthmk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:c1:97:cd:08:b9:79:15:4c:24:c3:fc:c4:88:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Apr 20 13:01:04 2025 GMT
            Not After : Apr 21 13:01:04 2025 GMT
        Subject: CN=6ec6aca015c1e18864b189dca7a16596a9f5554f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:dc:5d:20:c9:ee:f5:d5:76:6c:ea:2b:f3:54:
                    8f:2e:64:24:f8:3e:ca:39:de:af:17:95:9b:11:ef:
                    1b:f5:cd:e3:a8:d5:e0:2d:3f:63:e1:43:4f:e7:dd:
                    03:0f:79:8b:32:f9:07:ef:e7:91:ff:37:a4:be:2d:
                    45:84:96:74:81:36:24:4c:44:a6:10:5d:aa:e9:4d:
                    76:f1:b8:01:bf:64:cd:82:bd:a2:76:f7:91:cf:00:
                    3c:56:6c:33:8c:c4:68:2f:a1:44:03:38:1c:8a:1b:
                    af:86:eb:2a:6e:ee:49:6d:2c:b5:67:70:a4:42:b4:
                    db:e3:a5:fa:cf:38:b9:61:a7:20:0a:93:af:e6:0b:
                    8a:61:bc:12:bf:23:c7:46:33:7e:a8:46:cc:58:39:
                    e4:e8:cd:44:a8:8d:a6:46:93:1d:2f:8a:1c:28:c3:
                    db:46:97:5c:1b:3f:7e:d0:11:a2:f0:83:4c:2c:d8:
                    cb:cf:1c:52:f2:cf:21:c6:76:71:7a:69:ba:d9:fc:
                    95:ba:4d:f1:f5:ad:fd:aa:32:f1:3c:12:f1:7b:d5:
                    1a:e3:50:a6:48:f3:81:7f:be:ca:3d:93:dc:0b:74:
                    68:28:86:a9:e8:2f:14:47:7b:cd:2e:ec:91:4c:f6:
                    16:ab:35:08:58:11:09:53:e0:1e:a5:f7:f6:4d:27:
                    84:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:C6:AC:A0:15:C1:E1:88:64:B1:89:DC:A7:A1:65:96:A9:F5:55:4F
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:70:99:cf:ce:ef:48:28:45:73:4f:45:72:19:a5:49:71:08:
         56:b0:27:14:0c:6e:f3:de:98:1b:e7:19:87:7f:6c:10:27:b2:
         32:f1:ed:59:e9:85:6b:67:e5:7b:db:58:9f:05:06:aa:80:a0:
         1b:f2:45:b9:89:07:a3:94:6f:6f:af:dd:ec:2c:1d:b0:e4:62:
         f9:71:43:58:62:b3:7b:4a:ee:f5:a4:d4:05:dc:c1:18:a0:22:
         4d:ad:01:b8:2c:da:2f:27:c8:eb:2a:0e:f6:24:ca:d7:70:b8:
         30:58:f9:1e:d6:00:83:c7:6a:60:ec:1c:71:de:ed:f8:a1:99:
         99:5e:0c:db:22:da:9c:77:fb:d4:2f:43:77:bc:c6:03:b7:b5:
         d8:56:f4:ee:33:f6:d6:09:57:5c:ae:9f:7e:50:d8:a5:49:26:
         3b:a4:61:8c:ed:73:e1:99:00:c7:f7:68:0f:f9:78:60:9b:11:
         6e:50:7e:b7:6d:90:a3:41:a3:9e:4a:33:7a:80:63:ba:9b:45:
         c1:54:59:22:46:8b:df:8c:27:24:69:24:f1:e7:0a:7c:93:60:
         a4:a5:aa:38:98:bd:b6:2a:1d:0e:88:79:a4:18:d0:fc:4f:54:
         8d:79:7b:0d:16:33:28:22:3d:c2:ee:54:b4:ee:f1:6c:97:76:
         19:91:10:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTScGXzQi5eRVMJMP8xIgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjUwNDIwMTMwMTA0WhcNMjUwNDIxMTMwMTA0WjAzMTEwLwYDVQQD
Eyg2ZWM2YWNhMDE1YzFlMTg4NjRiMTg5ZGNhN2ExNjU5NmE5ZjU1NTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9xdIMnu9dV2bOor81SPLmQk+D7K
Od6vF5WbEe8b9c3jqNXgLT9j4UNP590DD3mLMvkH7+eR/zekvi1FhJZ0gTYkTESm
EF2q6U128bgBv2TNgr2idveRzwA8VmwzjMRoL6FEAzgcihuvhusqbu5JbSy1Z3Ck
QrTb46X6zzi5YacgCpOv5guKYbwSvyPHRjN+qEbMWDnk6M1EqI2mRpMdL4ocKMPb
RpdcGz9+0BGi8INMLNjLzxxS8s8hxnZxemm62fyVuk3x9a39qjLxPBLxe9Ua41Cm
SPOBf77KPZPcC3RoKIap6C8UR3vNLuyRTPYWqzUIWBEJU+Aepff2TSeE3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7GrKAVweGIZLGJ3KehZZap9VVPMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl3CZz87v
SChFc09FchmlSXEIVrAnFAxu896YG+cZh39sECeyMvHtWemFa2fle9tYnwUGqoCg
G/JFuYkHo5Rvb6/d7CwdsORi+XFDWGKze0ru9aTUBdzBGKAiTa0BuCzaLyfI6yoO
9iTK13C4MFj5HtYAg8dqYOwccd7t+KGZmV4M2yLanHf71C9Dd7zGA7e12Fb07jP2
1glXXK6fflDYpUkmO6RhjO1z4ZkAx/doD/l4YJsRblB+t22Qo0GjnkozeoBjuptF
wVRZIkaL34wnJGkk8ecKfJNgpKWqOJi9tiodDoh5pBjQ/E9UjXl7DRYzKCI9wu5U
tO7xbJd2GZEQAg==
-----END CERTIFICATE-----