Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          LJEj0ziadLEBooLBHlb/dtzCUzWY+eol35firhzaqVU=
Subject key identifier:   D3:3A:6F:2A:D4:59:F8:12:2C:FB:D9:68:97:77:0D:06:A8:C8:6F:BE
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       0196579397725D0D369043187EA0F6BC6AC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          010E
Signing time:             Mon 21 Apr 2025 09:00:12 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:12 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:12 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: yKTtrggb7grLibookOOh6kgJvnUsSg5bgM26PeljWlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:97:72:5d:0d:36:90:43:18:7e:a0:f6:bc:6a:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Apr 21 09:00:12 2025 GMT
            Not After : Apr 22 09:00:12 2025 GMT
        Subject: CN=d33a6f2ad459f8122cfbd96897770d06a8c86fbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e0:a5:46:a6:19:fe:60:dc:1c:03:31:e9:7c:
                    8f:11:35:36:52:80:18:46:39:9a:0e:26:60:27:41:
                    73:db:49:d2:c0:9a:ff:90:99:9a:28:68:47:fc:00:
                    51:af:c8:6c:23:17:b7:30:cd:88:4c:57:28:f7:d3:
                    04:c5:51:32:77:a5:5f:70:c7:3a:d2:ea:06:2b:ef:
                    20:e1:f7:ec:75:27:fb:4a:61:d9:f7:e9:66:1d:38:
                    cd:ba:67:e1:b3:24:72:8c:79:8b:35:12:85:73:55:
                    51:5d:f7:20:f1:62:33:6a:cc:8e:2b:af:0e:cc:87:
                    a5:42:42:fb:12:0f:3b:7b:5f:6c:47:d9:4d:9e:8d:
                    8d:b9:0e:8d:b0:cf:14:d2:5f:12:8e:ad:ff:0f:fa:
                    a6:cc:a0:5d:ab:a2:f1:37:ce:9a:34:7a:b8:b2:55:
                    62:ec:fc:b6:ba:84:f2:a5:d3:e0:d8:38:c4:f6:ec:
                    58:01:a3:94:0a:94:b0:96:a1:be:55:b6:1a:cc:ec:
                    df:06:e4:72:ca:e1:c9:60:ef:6c:52:a2:6a:fd:67:
                    27:14:43:cd:2a:8a:b2:15:6c:e1:c4:54:1f:47:18:
                    74:9e:60:77:19:b2:5f:42:13:1b:8b:bc:f4:87:b0:
                    69:f6:ec:ac:51:81:ee:9a:a3:83:ad:12:64:03:63:
                    25:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:3A:6F:2A:D4:59:F8:12:2C:FB:D9:68:97:77:0D:06:A8:C8:6F:BE
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:ba:9f:a6:3f:5c:77:a0:c1:00:c9:00:8f:16:07:3f:a9:83:
         ee:e2:ad:62:09:49:a6:e9:d8:28:84:26:93:e8:f1:b6:6a:e6:
         b7:95:41:8b:ae:17:c1:31:90:09:de:22:6a:42:16:eb:ea:36:
         5d:f7:4a:89:fe:5b:e8:29:69:a6:b8:41:91:02:7b:57:f7:98:
         64:c7:f3:53:46:26:79:82:a4:31:31:2e:84:e2:4c:17:14:91:
         32:b2:52:7a:d2:f6:ae:23:2e:3b:bc:0e:f6:0d:77:90:a7:48:
         7c:d8:0c:0a:11:2f:50:64:9e:ed:d8:ca:1f:ce:3e:5c:ba:4e:
         df:16:0c:d5:a0:12:f0:44:d6:9f:d6:d8:f4:aa:3a:8a:ee:03:
         2d:bc:a5:eb:c0:99:60:58:d3:4b:96:8d:67:d2:09:5b:34:f2:
         f5:37:1f:77:e5:32:12:d5:5a:df:63:37:27:00:69:99:77:72:
         32:06:ed:c2:b0:37:68:2a:80:3a:78:ac:f6:75:85:79:0e:7c:
         a3:b1:d4:44:16:3a:89:d6:67:00:8d:c7:d6:4a:35:66:64:4b:
         20:71:9b:03:f8:70:94:a0:0e:fe:ec:dc:30:12:d8:55:92:1e:
         b2:f9:cf:a6:a5:89:64:ad:b8:68:d1:b3:34:08:e3:d1:fc:86:
         a7:ec:6d:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk5dyXQ02kEMYfqD2vGrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUwNDIxMDkwMDEyWhcNMjUwNDIyMDkwMDEyWjAzMTEwLwYDVQQD
EyhkMzNhNmYyYWQ0NTlmODEyMmNmYmQ5Njg5Nzc3MGQwNmE4Yzg2ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeClRqYZ/mDcHAMx6XyPETU2UoAY
RjmaDiZgJ0Fz20nSwJr/kJmaKGhH/ABRr8hsIxe3MM2ITFco99MExVEyd6VfcMc6
0uoGK+8g4ffsdSf7SmHZ9+lmHTjNumfhsyRyjHmLNRKFc1VRXfcg8WIzasyOK68O
zIelQkL7Eg87e19sR9lNno2NuQ6NsM8U0l8Sjq3/D/qmzKBdq6LxN86aNHq4slVi
7Py2uoTypdPg2DjE9uxYAaOUCpSwlqG+VbYazOzfBuRyyuHJYO9sUqJq/WcnFEPN
KoqyFWzhxFQfRxh0nmB3GbJfQhMbi7z0h7Bp9uysUYHumqODrRJkA2MlkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNM6byrUWfgSLPvZaJd3DQaoyG++MB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARrqfpj9c
d6DBAMkAjxYHP6mD7uKtYglJpunYKIQmk+jxtmrmt5VBi64XwTGQCd4iakIW6+o2
XfdKif5b6ClpprhBkQJ7V/eYZMfzU0YmeYKkMTEuhOJMFxSRMrJSetL2riMuO7wO
9g13kKdIfNgMChEvUGSe7djKH84+XLpO3xYM1aAS8ETWn9bY9Ko6iu4DLbyl68CZ
YFjTS5aNZ9IJWzTy9Tcfd+UyEtVa32M3JwBpmXdyMgbtwrA3aCqAOnis9nWFeQ58
o7HURBY6idZnAI3H1ko1ZmRLIHGbA/hwlKAO/uzcMBLYVZIesvnPpqWJZK24aNGz
NAjj0fyGp+xtZQ==
-----END CERTIFICATE-----