Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5e3c0f-f8f6-4d3e-b531-9f6eabc0e843/1/ZAu20bLSfK4nWGXG1czH-KdXt_U.mft
File:                     ZAu20bLSfK4nWGXG1czH-KdXt_U.mft (raw, json)
Hash identifier:          4/GZgfuEwqaGAd0uJJJ6ziegvKv9Nck78Xbr997KddA=
Subject key identifier:   3A:29:52:9F:9B:38:D2:60:C2:C3:AD:29:B4:F1:D6:91:A1:0F:3B:1C
Authority key identifier: 64:0B:B6:D1:B2:D2:7C:AE:27:58:65:C6:D5:CC:C7:F8:A7:57:B7:F5
Certificate issuer:       /CN=640bb6d1b2d27cae275865c6d5ccc7f8a757b7f5
Certificate serial:       019659B9A6104D8D1ACFCABFE20DAF0B87F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZAu20bLSfK4nWGXG1czH-KdXt_U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/5e3c0f-f8f6-4d3e-b531-9f6eabc0e843/1/ZAu20bLSfK4nWGXG1czH-KdXt_U.mft
Manifest number:          0B4D
Signing time:             Mon 21 Apr 2025 19:01:00 +0000
Manifest this update:     Mon 21 Apr 2025 19:01:00 +0000
Manifest next update:     Tue 22 Apr 2025 19:01:00 +0000
Files and hashes:         1: ZAu20bLSfK4nWGXG1czH-KdXt_U.crl (hash: rP7yfDK+TRqiaFxDaC8Yb0k8i1/G3lUD78fj51Mn1us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/5e3c0f-f8f6-4d3e-b531-9f6eabc0e843/1/ZAu20bLSfK4nWGXG1czH-KdXt_U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/5e3c0f-f8f6-4d3e-b531-9f6eabc0e843/1/ZAu20bLSfK4nWGXG1czH-KdXt_U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZAu20bLSfK4nWGXG1czH-KdXt_U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:b9:a6:10:4d:8d:1a:cf:ca:bf:e2:0d:af:0b:87:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=640bb6d1b2d27cae275865c6d5ccc7f8a757b7f5
        Validity
            Not Before: Apr 21 19:01:00 2025 GMT
            Not After : Apr 22 19:01:00 2025 GMT
        Subject: CN=3a29529f9b38d260c2c3ad29b4f1d691a10f3b1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0b:86:a1:01:a6:5a:21:ae:01:c2:f1:53:5c:
                    a0:34:56:5a:9c:56:6e:ab:ca:bc:83:70:f6:c1:82:
                    f3:91:6d:fb:62:93:e8:bf:5a:db:04:e2:b1:66:16:
                    e8:dd:73:eb:e5:66:f1:c5:4e:01:da:89:01:6d:12:
                    e4:83:34:a2:7d:e7:b5:4b:34:7e:59:ad:b9:38:70:
                    ca:3a:be:f6:0d:f3:47:e7:ee:8d:00:75:a5:08:01:
                    28:55:15:bf:ba:f5:4e:bc:4e:ba:b8:33:8d:a0:9e:
                    79:3c:6b:44:5f:b4:db:71:f8:69:6b:37:12:02:dd:
                    a5:f1:67:16:6b:0d:90:d6:d7:f9:75:ef:17:49:c0:
                    f4:5c:c8:6b:d9:2e:2f:16:67:d2:17:b5:14:8e:a8:
                    52:4e:05:25:7b:cf:38:4e:ba:07:38:d9:9d:ec:f6:
                    4b:ab:21:49:7f:0b:e3:b1:99:55:9b:d0:a0:0d:5a:
                    b1:7b:79:ee:11:f0:18:1c:cd:c7:88:42:0d:bf:79:
                    f1:da:b7:c1:6d:ef:4d:c1:c3:17:4a:91:1a:92:f7:
                    54:e7:ba:02:87:38:e8:42:73:d8:de:d4:13:f3:66:
                    08:83:a4:2b:65:39:7d:95:95:35:ee:10:a0:b4:bc:
                    ee:c6:23:68:15:97:65:de:fb:29:e3:e9:71:ff:c2:
                    b9:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:29:52:9F:9B:38:D2:60:C2:C3:AD:29:B4:F1:D6:91:A1:0F:3B:1C
            X509v3 Authority Key Identifier:
                keyid:64:0B:B6:D1:B2:D2:7C:AE:27:58:65:C6:D5:CC:C7:F8:A7:57:B7:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAu20bLSfK4nWGXG1czH-KdXt_U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5e3c0f-f8f6-4d3e-b531-9f6eabc0e843/1/ZAu20bLSfK4nWGXG1czH-KdXt_U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5e3c0f-f8f6-4d3e-b531-9f6eabc0e843/1/ZAu20bLSfK4nWGXG1czH-KdXt_U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:c2:7a:2f:b9:38:5e:7e:5b:01:27:7f:f2:49:83:82:80:c9:
         6d:38:1e:b5:71:e7:2c:a4:67:27:72:39:83:d8:3d:eb:32:13:
         1a:53:08:30:0c:10:8a:ce:ad:fd:22:e3:94:ab:93:d8:00:83:
         3e:70:c2:8c:17:59:97:1d:aa:f5:7b:b9:55:c0:3d:28:3a:2b:
         e7:49:80:95:f2:d5:aa:fb:d6:8e:35:cd:8c:98:6a:a8:b5:58:
         ad:cb:e4:83:bb:93:41:8d:42:4e:2c:1b:ad:70:8f:8d:72:2a:
         b3:fc:f6:b9:eb:a4:d8:cb:72:f9:9d:51:92:dc:bb:de:69:8e:
         23:45:5e:a9:5e:43:d0:2a:4f:3a:8c:ce:78:30:ce:ae:5a:2a:
         0b:29:eb:1e:15:b7:1b:b2:a8:63:a7:3e:af:4c:f9:75:9f:4f:
         13:b5:b4:50:f8:d6:7f:2d:c1:66:4f:a7:44:2b:eb:a7:24:07:
         82:f0:d3:d5:3c:97:ca:34:5b:1f:66:a9:27:84:a1:2b:0a:78:
         1d:33:46:19:22:05:ae:5e:72:80:af:a3:db:d5:b0:87:3d:54:
         3c:8b:4c:b9:1c:e2:a7:dc:d4:43:b7:ea:cc:8f:84:3b:4b:68:
         15:de:3f:6b:a2:1a:3f:af:7b:f4:50:b0:72:89:1f:45:98:1d:
         84:99:42:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZuaYQTY0az8q/4g2vC4f3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MGJiNmQxYjJkMjdjYWUyNzU4NjVjNmQ1Y2NjN2Y4YTc1
N2I3ZjUwHhcNMjUwNDIxMTkwMTAwWhcNMjUwNDIyMTkwMTAwWjAzMTEwLwYDVQQD
EygzYTI5NTI5ZjliMzhkMjYwYzJjM2FkMjliNGYxZDY5MWExMGYzYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wuGoQGmWiGuAcLxU1ygNFZanFZu
q8q8g3D2wYLzkW37YpPov1rbBOKxZhbo3XPr5WbxxU4B2okBbRLkgzSifee1SzR+
Wa25OHDKOr72DfNH5+6NAHWlCAEoVRW/uvVOvE66uDONoJ55PGtEX7TbcfhpazcS
At2l8WcWaw2Q1tf5de8XScD0XMhr2S4vFmfSF7UUjqhSTgUle884TroHONmd7PZL
qyFJfwvjsZlVm9CgDVqxe3nuEfAYHM3HiEINv3nx2rfBbe9NwcMXSpEakvdU57oC
hzjoQnPY3tQT82YIg6QrZTl9lZU17hCgtLzuxiNoFZdl3vsp4+lx/8K5AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDopUp+bONJgwsOtKbTx1pGhDzscMB8GA1UdIwQY
MBaAFGQLttGy0nyuJ1hlxtXMx/inV7f1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkF1MjBiTFNmSzRuV0dYRzFjekgtS2RYdF9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81ZTNjMGYtZjhmNi00ZDNlLWI1MzEt
OWY2ZWFiYzBlODQzLzEvWkF1MjBiTFNmSzRuV0dYRzFjekgtS2RYdF9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81ZTNjMGYtZjhmNi00ZDNlLWI1MzEtOWY2ZWFiYzBlODQz
LzEvWkF1MjBiTFNmSzRuV0dYRzFjekgtS2RYdF9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ8J6L7k4
Xn5bASd/8kmDgoDJbTgetXHnLKRnJ3I5g9g96zITGlMIMAwQis6t/SLjlKuT2ACD
PnDCjBdZlx2q9Xu5VcA9KDor50mAlfLVqvvWjjXNjJhqqLVYrcvkg7uTQY1CTiwb
rXCPjXIqs/z2ueuk2Mty+Z1Rkty73mmOI0VeqV5D0CpPOozOeDDOrloqCynrHhW3
G7KoY6c+r0z5dZ9PE7W0UPjWfy3BZk+nRCvrpyQHgvDT1TyXyjRbH2apJ4ShKwp4
HTNGGSIFrl5ygK+j29Wwhz1UPItMuRzip9zUQ7fqzI+EO0toFd4/a6IaP6979FCw
cokfRZgdhJlCPQ==
-----END CERTIFICATE-----