Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
File:                     ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json)
Hash identifier:          ByC+d77hxolIZ9VX+1rbFkGWfZsAP1QisUaWOtxuI/4=
Subject key identifier:   93:B9:52:60:C3:D6:2B:63:06:75:D0:FD:D8:AC:8E:55:7D:92:B8:74
Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
Certificate issuer:       /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Certificate serial:       01974EFC37277AE374A6C05DBFDAB89A7524
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
Manifest number:          32
Signing time:             Sun 08 Jun 2025 10:00:41 +0000
Manifest this update:     Sun 08 Jun 2025 10:00:41 +0000
Manifest next update:     Mon 09 Jun 2025 10:00:41 +0000
Files and hashes:         1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: og4P1C7OVUiBBQFxjHqqyyxDuehMpyoTRcIhrfm1Pys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:fc:37:27:7a:e3:74:a6:c0:5d:bf:da:b8:9a:75:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
        Validity
            Not Before: Jun  8 10:00:41 2025 GMT
            Not After : Jun  9 10:00:41 2025 GMT
        Subject: CN=93b95260c3d62b630675d0fdd8ac8e557d92b874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:6d:92:06:fb:3c:29:5b:a9:51:79:66:41:be:
                    44:d9:b8:a1:78:3c:d9:ad:d9:63:87:d4:62:a6:cf:
                    65:6d:51:1f:9c:63:99:44:e0:3c:bb:d9:51:0d:f1:
                    e2:fa:cf:95:20:58:6a:bc:8e:d0:85:b6:e2:2a:ef:
                    10:be:c7:4e:33:24:81:b9:e1:a5:3a:2c:a2:a7:8d:
                    5e:1c:7f:00:7b:49:f0:aa:fc:6d:fc:55:88:6b:3b:
                    23:b0:ed:4f:3a:29:86:dd:0c:a3:07:4b:b5:95:c2:
                    9d:51:82:22:f0:f1:32:67:e5:ec:b8:55:ba:95:7b:
                    7e:a1:64:01:a2:eb:4d:94:79:b0:d9:42:be:d3:e8:
                    1f:19:48:35:f8:19:98:cd:de:70:c8:0a:58:2f:7e:
                    79:c2:0d:61:6d:6a:7e:bd:ef:6d:58:e7:11:81:22:
                    5b:bc:7a:23:56:ff:69:f6:9b:5c:cd:d4:7d:c8:7e:
                    90:61:12:fb:58:d1:d1:ba:8d:45:5a:09:c3:cc:fb:
                    94:80:ef:dd:37:57:39:58:e8:e5:9f:29:61:75:09:
                    b0:06:fb:16:d1:f0:c2:11:87:61:b5:2d:0b:2f:87:
                    23:8c:45:a1:08:06:1f:38:f1:bd:3c:02:00:00:b4:
                    6a:63:60:9b:78:3e:7c:a1:74:7c:76:4f:c8:31:a2:
                    de:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:B9:52:60:C3:D6:2B:63:06:75:D0:FD:D8:AC:8E:55:7D:92:B8:74
            X509v3 Authority Key Identifier:
                keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:3a:19:43:54:c8:3f:e7:d7:07:e9:b5:22:95:7c:87:db:e8:
         bb:f8:8b:d4:59:7b:5c:d4:d3:ef:31:37:b3:ad:0b:cf:67:55:
         fb:f4:ae:6a:b0:dd:b6:83:01:32:b4:f1:b9:38:ff:02:61:e7:
         b9:32:6d:1d:7b:fc:b6:ca:8a:b3:46:7e:b8:ac:e8:87:b3:07:
         a2:42:cb:07:a0:46:79:47:72:99:15:71:a5:dc:d0:26:cf:46:
         9b:95:6c:70:dc:b4:56:5f:ee:d4:19:6d:64:f0:12:45:70:75:
         b6:0f:6a:fd:d1:12:86:af:04:20:9a:0d:03:6d:57:96:7f:aa:
         5b:15:d8:53:42:93:1c:42:39:c8:40:ec:87:4a:3b:a9:07:cc:
         19:cd:bf:9b:13:2d:ab:93:cd:98:b4:ca:60:73:66:cd:83:f3:
         50:1f:fa:50:d6:16:1b:2c:52:54:0d:f4:cc:b4:1c:63:59:12:
         77:07:5c:97:9b:35:d7:1d:8f:e2:c9:ac:f5:d2:e7:44:87:5f:
         ef:82:7b:ae:d8:40:54:1c:f3:6e:d8:70:bb:28:dc:3e:8a:89:
         5c:2c:6f:be:94:a2:5b:7d:f8:0c:6d:06:4f:21:25:8a:c3:92:
         9b:fd:e3:b8:8d:e0:13:1e:13:ce:f0:31:51:2d:4d:25:18:71:
         26:82:04:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdO/DcneuN0psBdv9q4mnUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh
YzM0NTcwHhcNMjUwNjA4MTAwMDQxWhcNMjUwNjA5MTAwMDQxWjAzMTEwLwYDVQQD
Eyg5M2I5NTI2MGMzZDYyYjYzMDY3NWQwZmRkOGFjOGU1NTdkOTJiODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW2SBvs8KVupUXlmQb5E2biheDzZ
rdljh9Rips9lbVEfnGOZROA8u9lRDfHi+s+VIFhqvI7QhbbiKu8QvsdOMySBueGl
Oiyip41eHH8Ae0nwqvxt/FWIazsjsO1POimG3QyjB0u1lcKdUYIi8PEyZ+XsuFW6
lXt+oWQBoutNlHmw2UK+0+gfGUg1+BmYzd5wyApYL355wg1hbWp+ve9tWOcRgSJb
vHojVv9p9ptczdR9yH6QYRL7WNHRuo1FWgnDzPuUgO/dN1c5WOjlnylhdQmwBvsW
0fDCEYdhtS0LL4cjjEWhCAYfOPG9PAIAALRqY2CbeD58oXR8dk/IMaLeewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJO5UmDD1itjBnXQ/disjlV9krh0MB8GA1UdIwQY
MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt
MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh
LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADDoZQ1TI
P+fXB+m1IpV8h9vou/iL1Fl7XNTT7zE3s60Lz2dV+/SuarDdtoMBMrTxuTj/AmHn
uTJtHXv8tsqKs0Z+uKzoh7MHokLLB6BGeUdymRVxpdzQJs9Gm5VscNy0Vl/u1Blt
ZPASRXB1tg9q/dEShq8EIJoNA21Xln+qWxXYU0KTHEI5yEDsh0o7qQfMGc2/mxMt
q5PNmLTKYHNmzYPzUB/6UNYWGyxSVA30zLQcY1kSdwdcl5s11x2P4sms9dLnRIdf
74J7rthAVBzzbthwuyjcPoqJXCxvvpSiW334DG0GTyElisOSm/3juI3gEx4TzvAx
US1NJRhxJoIEBw==
-----END CERTIFICATE-----