Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
File:                     Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft (raw, json)
Hash identifier:          PxtGYinxMUwbW/oQMD92gKtrNWmlIrRxAl/bjTVliZY=
Subject key identifier:   37:36:9A:4F:4B:C4:E8:8E:2F:C1:D9:38:D7:DD:B2:E9:11:01:01:AD
Authority key identifier: 67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56
Certificate issuer:       /CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
Certificate serial:       019748FA3CD5FC19E11B6518F62D21460DF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
Manifest number:          0BFD
Signing time:             Sat 07 Jun 2025 06:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:48 +0000
Files and hashes:         1: Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl (hash: IIZLssll2fzekXqav5d0CZkDTBQ3cnXI2SK/1R2Z4rc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:3c:d5:fc:19:e1:1b:65:18:f6:2d:21:46:0d:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
        Validity
            Not Before: Jun  7 06:00:48 2025 GMT
            Not After : Jun  8 06:00:48 2025 GMT
        Subject: CN=37369a4f4bc4e88e2fc1d938d7ddb2e9110101ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b4:7d:1d:c0:d8:15:ca:f7:7e:98:92:64:5c:
                    be:45:c5:ce:44:75:d0:43:ae:01:56:bf:b9:2f:e7:
                    e8:9d:ed:d0:8f:54:01:57:53:9e:66:0c:4f:a3:08:
                    c5:c2:5b:e5:95:88:2f:fb:72:30:45:e9:c4:9a:81:
                    82:bb:1a:5f:69:0b:f7:fa:62:32:3a:0d:f6:bb:27:
                    25:2c:6e:19:cc:d9:f3:77:23:21:0f:72:a1:14:1d:
                    e3:3a:49:f9:cb:c2:ff:9c:cf:a0:e6:77:78:4a:52:
                    02:1c:63:9b:ec:5a:19:a5:33:e1:f6:30:2a:95:65:
                    15:67:22:a1:d8:8e:86:bb:d3:89:66:33:c0:6f:22:
                    5f:9c:c2:cd:07:1d:c1:3c:dc:3f:8f:a5:a4:24:4c:
                    db:fb:b2:5c:0a:f1:a2:b8:86:56:69:b9:5e:42:8b:
                    9a:9a:12:eb:1c:68:54:61:8d:72:04:08:f8:13:69:
                    c8:58:88:a7:8d:11:26:31:2b:d9:52:01:e4:8f:6f:
                    5f:57:c1:2d:02:73:81:5b:53:06:7a:cd:87:31:b2:
                    72:de:c6:f9:e3:d5:88:3e:c6:eb:54:16:0b:cf:1d:
                    d3:3f:e5:69:38:21:73:ab:0b:1e:e6:3d:e5:48:be:
                    5d:e1:3a:72:6a:6c:a4:b9:31:81:ca:52:1b:53:e3:
                    d4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:36:9A:4F:4B:C4:E8:8E:2F:C1:D9:38:D7:DD:B2:E9:11:01:01:AD
            X509v3 Authority Key Identifier:
                keyid:67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:ff:a0:3a:cc:e9:08:74:94:64:c2:00:52:fe:aa:4f:7f:d6:
         28:50:e4:f1:7d:29:75:6c:fe:d2:de:d1:86:b1:c2:95:d1:e8:
         5e:4a:27:e0:9f:54:16:be:67:e3:4d:bb:9b:bd:15:b5:45:d7:
         f2:ef:85:43:99:36:45:b6:db:3a:fe:07:31:3e:b1:ad:ed:43:
         61:39:7c:ae:1d:fe:51:06:de:24:2d:04:a9:2a:bc:6f:34:56:
         cb:d2:fe:ad:62:27:e3:d8:d6:d1:4e:c1:9c:b4:53:bc:27:ee:
         91:06:28:f5:f7:dc:82:61:74:32:9c:74:95:44:24:86:3c:19:
         0b:d1:49:18:8c:5d:06:ad:1c:07:e3:58:9f:66:8f:68:21:a8:
         92:f9:c6:62:fa:49:bf:d2:8a:97:94:2b:f8:f8:f3:b7:47:4b:
         33:65:4c:cf:61:5b:ad:b5:47:3e:49:36:97:e2:21:45:a5:8c:
         9a:76:73:85:bf:91:e6:15:34:7d:3e:0d:bd:86:de:06:28:63:
         af:bf:6d:bb:05:d8:6a:c3:bd:7d:a0:87:ca:c7:ee:96:b3:16:
         ea:1a:e8:29:52:47:0f:7c:d3:6c:e6:21:41:9c:b3:c7:65:2b:
         f7:f2:84:a0:5b:c9:f6:fa:17:92:5e:e5:c7:98:74:af:1e:a2:
         3f:95:ea:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+jzV/BnhG2UY9i0hRg32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NmZiYjU3N2M5M2RjNDVkNDhmMDE5OWIxOWQxY2E3YTIx
MzdjNTYwHhcNMjUwNjA3MDYwMDQ4WhcNMjUwNjA4MDYwMDQ4WjAzMTEwLwYDVQQD
EygzNzM2OWE0ZjRiYzRlODhlMmZjMWQ5MzhkN2RkYjJlOTExMDEwMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLR9HcDYFcr3fpiSZFy+RcXORHXQ
Q64BVr+5L+fone3Qj1QBV1OeZgxPowjFwlvllYgv+3IwRenEmoGCuxpfaQv3+mIy
Og32uyclLG4ZzNnzdyMhD3KhFB3jOkn5y8L/nM+g5nd4SlICHGOb7FoZpTPh9jAq
lWUVZyKh2I6Gu9OJZjPAbyJfnMLNBx3BPNw/j6WkJEzb+7JcCvGiuIZWableQoua
mhLrHGhUYY1yBAj4E2nIWIinjREmMSvZUgHkj29fV8EtAnOBW1MGes2HMbJy3sb5
49WIPsbrVBYLzx3TP+VpOCFzqwse5j3lSL5d4TpyamykuTGBylIbU+PU4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDc2mk9LxOiOL8HZONfdsukRAQGtMB8GA1UdIwQY
MBaAFGdvu1d8k9xF1I8BmbGdHKeiE3xWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYt
MWNkZTczMWU2ZmRmLzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYtMWNkZTczMWU2ZmRm
LzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARf+gOszp
CHSUZMIAUv6qT3/WKFDk8X0pdWz+0t7RhrHCldHoXkon4J9UFr5n4027m70VtUXX
8u+FQ5k2RbbbOv4HMT6xre1DYTl8rh3+UQbeJC0EqSq8bzRWy9L+rWIn49jW0U7B
nLRTvCfukQYo9ffcgmF0Mpx0lUQkhjwZC9FJGIxdBq0cB+NYn2aPaCGokvnGYvpJ
v9KKl5Qr+Pjzt0dLM2VMz2FbrbVHPkk2l+IhRaWMmnZzhb+R5hU0fT4NvYbeBihj
r79tuwXYasO9faCHysfulrMW6hroKVJHD3zTbOYhQZyzx2Ur9/KEoFvJ9voXkl7l
x5h0rx6iP5XqQA==
-----END CERTIFICATE-----