Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          JxKrqqXd9B5GDFN6Yfq1uaEDyvjy78qBXQ2QD+8VLIo=
Subject key identifier:   67:D3:41:67:4F:A2:1D:E2:38:FC:02:84:0D:B5:64:E4:F4:43:92:1E
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       01964E2383A09882C8332D8494C88202EF3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          1367
Signing time:             Sat 19 Apr 2025 13:01:12 +0000
Manifest this update:     Sat 19 Apr 2025 13:01:12 +0000
Manifest next update:     Sun 20 Apr 2025 13:01:12 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: zhEhVINev3kPUbWQ0hZA5pz+//KJIu2CqDZLBxbycHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:83:a0:98:82:c8:33:2d:84:94:c8:82:02:ef:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Apr 19 13:01:12 2025 GMT
            Not After : Apr 20 13:01:12 2025 GMT
        Subject: CN=67d341674fa21de238fc02840db564e4f443921e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:05:04:41:d2:40:cd:79:e3:a0:66:65:fc:2c:
                    44:b1:39:f9:84:b5:5e:d8:59:22:d2:44:ac:c1:f2:
                    0b:0f:6e:99:f9:bc:37:42:4d:d6:7e:9b:d0:19:d8:
                    ea:00:9a:65:c8:cc:73:10:d7:ac:6b:31:97:de:6e:
                    1f:ce:05:7d:d3:de:85:39:7c:05:16:7b:8a:05:db:
                    69:81:61:7b:bc:f3:3d:78:55:d8:52:2e:44:d7:61:
                    5e:ab:94:c0:92:54:92:3d:43:75:eb:db:91:09:e8:
                    5b:90:ec:c2:1a:1a:ad:10:b6:6a:b3:9b:e9:98:7d:
                    43:a3:a8:21:f5:cb:52:79:4b:09:7a:66:39:29:b5:
                    d9:9c:83:58:24:70:c6:f6:3a:d2:c5:b5:61:43:6b:
                    43:4d:59:c9:24:bc:46:d6:8e:9d:d3:2a:96:31:b9:
                    43:b7:f7:ba:6e:e3:68:0a:47:d0:63:ac:2e:12:ad:
                    56:49:8d:2f:b6:85:5a:d3:1c:9d:be:d0:98:9c:81:
                    f1:3f:ec:b4:44:4e:b1:8a:35:14:2d:0b:c1:b2:7e:
                    35:97:69:34:29:d9:60:7b:93:d0:03:5b:70:20:29:
                    8f:96:40:91:7f:45:26:03:54:f0:6a:5a:0d:29:cf:
                    7d:ab:98:9a:f5:38:df:9e:36:fc:e1:93:1c:f8:1e:
                    05:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:D3:41:67:4F:A2:1D:E2:38:FC:02:84:0D:B5:64:E4:F4:43:92:1E
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:65:bc:7a:4d:b4:35:6a:d8:d8:58:44:6b:c4:ae:b1:3a:86:
         c8:0d:a0:c8:85:7b:19:28:53:af:c7:82:90:5f:63:15:b4:3f:
         16:2c:a3:40:95:0e:9b:3c:52:d5:25:6b:84:cd:16:a5:fd:56:
         8a:6a:d3:7f:aa:dc:e0:06:ae:a5:32:68:a2:8d:a2:93:71:55:
         b7:94:ba:18:cf:ab:42:95:a0:24:21:3c:2a:76:64:08:20:92:
         72:06:da:05:18:e4:65:b3:fb:c6:21:96:09:7a:d1:78:54:de:
         b9:5a:c5:16:cc:04:fa:66:84:2a:8f:59:1d:b7:bf:f7:9a:65:
         8b:3a:02:34:71:35:bd:13:b8:3d:4d:a2:1f:cb:2c:b6:24:e0:
         3e:93:6b:5e:b9:52:fc:32:ea:6b:80:1e:be:57:9f:f1:dd:2c:
         f9:2d:c2:9a:1f:4b:a5:98:1d:e2:92:d8:69:eb:33:ac:2b:d4:
         dd:a3:50:eb:97:31:74:94:c0:ee:13:c0:b8:c3:c3:4d:50:42:
         e3:b2:01:72:d9:7d:2c:58:b1:11:e2:28:04:6f:d6:6c:db:06:
         33:a8:37:b7:06:5d:4f:d8:5b:dc:cf:32:00:f8:a1:d9:99:b1:
         4d:8d:a3:8b:7c:16:2e:11:b8:23:39:d9:9a:80:a8:d4:fa:bd:
         be:cb:1e:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOI4OgmILIMy2ElMiCAu8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwNDE5MTMwMTEyWhcNMjUwNDIwMTMwMTEyWjAzMTEwLwYDVQQD
Eyg2N2QzNDE2NzRmYTIxZGUyMzhmYzAyODQwZGI1NjRlNGY0NDM5MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AUEQdJAzXnjoGZl/CxEsTn5hLVe
2Fki0kSswfILD26Z+bw3Qk3WfpvQGdjqAJplyMxzENesazGX3m4fzgV9096FOXwF
FnuKBdtpgWF7vPM9eFXYUi5E12Feq5TAklSSPUN169uRCehbkOzCGhqtELZqs5vp
mH1Do6gh9ctSeUsJemY5KbXZnINYJHDG9jrSxbVhQ2tDTVnJJLxG1o6d0yqWMblD
t/e6buNoCkfQY6wuEq1WSY0vtoVa0xydvtCYnIHxP+y0RE6xijUULQvBsn41l2k0
Kdlge5PQA1twICmPlkCRf0UmA1TwaloNKc99q5ia9Tjfnjb84ZMc+B4FuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfTQWdPoh3iOPwChA21ZOT0Q5IeMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiGW8ek20
NWrY2FhEa8SusTqGyA2gyIV7GShTr8eCkF9jFbQ/FiyjQJUOmzxS1SVrhM0Wpf1W
imrTf6rc4AaupTJooo2ik3FVt5S6GM+rQpWgJCE8KnZkCCCScgbaBRjkZbP7xiGW
CXrReFTeuVrFFswE+maEKo9ZHbe/95plizoCNHE1vRO4PU2iH8sstiTgPpNrXrlS
/DLqa4Aevlef8d0s+S3Cmh9LpZgd4pLYaeszrCvU3aNQ65cxdJTA7hPAuMPDTVBC
47IBctl9LFixEeIoBG/WbNsGM6g3twZdT9hb3M8yAPih2ZmxTY2ji3wWLhG4IznZ
moCo1Pq9vssesA==
-----END CERTIFICATE-----