Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
File:                     zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft (raw, json)
Hash identifier:          KVx4g2TbYQh1sDsj+38bdHEhXRsZk/Etu4+2TgKkZC4=
Subject key identifier:   57:24:DD:F8:4D:1D:27:AE:1C:71:BD:C7:92:C8:5A:81:0B:F9:A1:DF
Authority key identifier: CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14
Certificate issuer:       /CN=cd35f6ff567bde93394fff282fad417da0b53614
Certificate serial:       019749D57FD508DCD9E6DB6440B115553DD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
Manifest number:          0C54
Signing time:             Sat 07 Jun 2025 10:00:17 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:17 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:17 +0000
Files and hashes:         1: zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl (hash: 1S6fMH/zPEp3P6ipaGUKrC5F4Cipc7bPH5Z5fqJUdos=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:7f:d5:08:dc:d9:e6:db:64:40:b1:15:55:3d:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd35f6ff567bde93394fff282fad417da0b53614
        Validity
            Not Before: Jun  7 10:00:17 2025 GMT
            Not After : Jun  8 10:00:17 2025 GMT
        Subject: CN=5724ddf84d1d27ae1c71bdc792c85a810bf9a1df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:93:27:ea:7e:d2:a0:a8:a3:05:59:0c:20:1e:
                    fa:b3:ec:66:ab:cb:ec:dc:a2:06:87:e7:af:ec:12:
                    e0:b8:58:79:13:9f:70:6b:27:fa:38:8f:c6:60:8c:
                    b2:74:2c:70:a0:b1:28:e0:34:62:76:d9:5d:07:57:
                    e7:4a:0f:e3:c1:4b:67:ca:34:0f:51:ae:46:85:e0:
                    28:7b:cb:4e:71:0b:e5:bd:af:cc:1f:8e:d3:31:49:
                    96:2e:b0:af:44:5c:6c:9d:f5:c3:a2:23:86:dc:2c:
                    e1:fd:60:b0:3b:b5:90:41:cd:22:d3:1e:f4:05:52:
                    26:44:5a:ec:6d:5b:44:1b:ba:9e:9b:4d:00:c3:ba:
                    9b:b6:88:5a:66:2d:ad:8a:f6:a3:68:06:0e:57:6c:
                    26:35:c7:96:73:89:c0:75:cf:4f:89:e1:35:8e:92:
                    9d:ee:2f:ed:43:40:dd:e7:30:76:35:d2:3e:aa:05:
                    59:a0:69:7e:fd:62:70:d2:3c:09:d5:40:d3:fb:65:
                    30:70:de:f4:b7:47:e7:9b:86:2a:50:32:81:08:98:
                    38:36:1b:d9:ff:ce:21:e7:de:cf:ee:92:e5:bc:18:
                    8e:10:a7:d4:0e:25:7d:5f:9b:10:6a:fb:84:de:88:
                    19:25:1e:f0:59:1b:8d:9c:47:52:07:90:18:30:5b:
                    3a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:24:DD:F8:4D:1D:27:AE:1C:71:BD:C7:92:C8:5A:81:0B:F9:A1:DF
            X509v3 Authority Key Identifier:
                keyid:CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:fe:00:30:f7:1c:57:2d:e8:d2:fd:e9:af:c8:23:54:c1:b2:
         ee:ca:eb:5f:77:83:19:be:1c:27:ea:6f:d0:5e:ed:b3:d7:84:
         f4:54:1d:8b:16:c1:e5:54:43:b7:db:80:11:63:48:9d:c1:7d:
         c0:65:74:96:ba:88:51:21:82:83:98:ee:7d:67:b2:d2:11:e7:
         9c:10:fc:a0:ce:43:42:98:13:70:d1:dc:68:ec:eb:d7:3c:c8:
         e6:d0:f1:a1:88:e4:da:33:55:21:ce:29:0b:15:96:59:aa:c4:
         de:6a:b6:c0:e8:db:ce:2b:0d:71:dc:e4:3d:05:52:f1:c1:ed:
         06:2a:83:b2:30:70:e8:4a:db:c5:f2:de:ff:8f:13:5f:29:ff:
         e1:7d:16:34:29:97:4e:e9:af:f6:b6:06:2f:3b:fa:34:3f:33:
         50:b0:4b:6a:d6:dc:35:92:ee:15:cb:8d:3c:ce:8b:12:57:1a:
         43:9d:6b:9b:bf:5e:a3:fe:28:f1:fe:06:80:b6:c5:14:4a:0c:
         80:ab:97:6f:db:00:4e:d5:e4:00:76:6e:a2:2d:1f:d2:c6:ab:
         d0:bc:4e:8e:2a:8b:35:de:6b:e0:2b:ab:34:2c:f3:28:92:3f:
         37:b2:72:7a:dc:47:7c:71:f2:8a:53:65:98:06:3f:0b:51:fb:
         df:f1:45:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1X/VCNzZ5ttkQLEVVT3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzVmNmZmNTY3YmRlOTMzOTRmZmYyODJmYWQ0MTdkYTBi
NTM2MTQwHhcNMjUwNjA3MTAwMDE3WhcNMjUwNjA4MTAwMDE3WjAzMTEwLwYDVQQD
Eyg1NzI0ZGRmODRkMWQyN2FlMWM3MWJkYzc5MmM4NWE4MTBiZjlhMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppMn6n7SoKijBVkMIB76s+xmq8vs
3KIGh+ev7BLguFh5E59wayf6OI/GYIyydCxwoLEo4DRidtldB1fnSg/jwUtnyjQP
Ua5GheAoe8tOcQvlva/MH47TMUmWLrCvRFxsnfXDoiOG3Czh/WCwO7WQQc0i0x70
BVImRFrsbVtEG7qem00Aw7qbtohaZi2tivajaAYOV2wmNceWc4nAdc9PieE1jpKd
7i/tQ0Dd5zB2NdI+qgVZoGl+/WJw0jwJ1UDT+2UwcN70t0fnm4YqUDKBCJg4NhvZ
/84h597P7pLlvBiOEKfUDiV9X5sQavuE3ogZJR7wWRuNnEdSB5AYMFs6HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFck3fhNHSeuHHG9x5LIWoEL+aHfMB8GA1UdIwQY
MBaAFM019v9We96TOU//KC+tQX2gtTYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDct
NDRhMzA3NTQ1ZDc0LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDctNDRhMzA3NTQ1ZDc0
LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFP4AMPcc
Vy3o0v3pr8gjVMGy7srrX3eDGb4cJ+pv0F7ts9eE9FQdixbB5VRDt9uAEWNIncF9
wGV0lrqIUSGCg5jufWey0hHnnBD8oM5DQpgTcNHcaOzr1zzI5tDxoYjk2jNVIc4p
CxWWWarE3mq2wOjbzisNcdzkPQVS8cHtBiqDsjBw6ErbxfLe/48TXyn/4X0WNCmX
Tumv9rYGLzv6ND8zULBLatbcNZLuFcuNPM6LElcaQ51rm79eo/4o8f4GgLbFFEoM
gKuXb9sATtXkAHZuoi0f0sar0LxOjiqLNd5r4CurNCzzKJI/N7JyetxHfHHyilNl
mAY/C1H73/FFUw==
-----END CERTIFICATE-----