Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          Aws42xBBuW+4KQ6fWCJMfcCGZhskfT57lycBuQxHeKY=
Subject key identifier:   9C:EC:5E:82:8B:D9:53:1E:67:08:4C:33:F4:3B:5D:75:EC:CC:03:C3
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       0197469E319CDEF765EEC66AD5614570AB89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          1576
Signing time:             Fri 06 Jun 2025 19:01:01 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:01 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:01 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: O0j0FdGqEBFn7plWfIe6tGICvvkr0eucl8LECBgsTVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:31:9c:de:f7:65:ee:c6:6a:d5:61:45:70:ab:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Jun  6 19:01:01 2025 GMT
            Not After : Jun  7 19:01:01 2025 GMT
        Subject: CN=9cec5e828bd9531e67084c33f43b5d75eccc03c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:71:34:42:98:4b:28:a5:76:19:6b:a8:2a:6c:
                    d9:7e:c6:01:3e:64:90:0f:59:fe:07:15:a7:06:30:
                    17:d5:51:11:bb:c8:80:80:31:60:6a:66:9b:34:db:
                    0f:df:b0:0f:ae:17:fc:56:16:a3:7b:ce:8b:41:2a:
                    2c:9c:94:d3:8f:31:d4:1c:3d:79:bd:41:be:cc:f7:
                    58:b8:d1:b0:e1:44:10:4f:b0:c2:dd:25:75:52:f5:
                    49:21:42:5e:c7:f3:0a:47:40:65:5a:60:a9:ea:a0:
                    93:3d:13:ac:d9:96:b6:57:c7:7f:9f:a4:70:04:e3:
                    f8:61:53:ed:42:e3:22:a6:8d:b1:a5:e4:18:c4:fc:
                    a4:63:08:43:ee:60:36:0b:25:cb:bc:eb:0b:b2:60:
                    8d:54:b1:00:04:5c:90:f9:be:47:33:02:8b:f5:4e:
                    79:6e:0a:3b:d0:32:4b:79:42:f1:0d:23:d0:ef:2f:
                    87:47:c4:e3:17:23:de:c4:7d:70:c8:9f:d0:27:97:
                    b3:a8:f7:0b:b2:e2:d1:42:eb:e7:5c:e8:e7:43:39:
                    73:f3:00:45:95:57:ce:2b:1c:58:15:7f:00:ca:18:
                    b3:05:d3:dd:56:38:18:82:7d:52:ae:9a:8c:7b:32:
                    19:2a:76:34:0d:99:34:e1:67:2e:34:c5:34:74:00:
                    cd:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:EC:5E:82:8B:D9:53:1E:67:08:4C:33:F4:3B:5D:75:EC:CC:03:C3
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:a5:39:62:d2:5c:87:36:69:6a:c9:02:8c:c4:ff:4b:ef:73:
         0b:46:a0:da:da:6d:29:14:85:e7:fa:95:64:1d:9d:0d:ac:1c:
         c6:9d:72:7e:66:16:aa:66:d5:f7:73:d7:1a:8f:c8:76:37:47:
         94:80:78:04:09:24:e1:52:92:3e:88:9b:4d:bb:4e:60:cb:83:
         6c:a4:4d:5c:03:81:73:8f:c2:34:9f:da:ad:71:46:de:1f:6b:
         6a:ab:c9:91:46:e6:48:14:74:4d:66:8f:f4:e3:6f:02:34:de:
         99:3b:b3:1d:6a:84:6a:fb:d7:0b:29:6a:b9:ca:24:dd:60:0f:
         51:8d:c4:ac:3e:ef:64:76:8a:3b:54:d9:01:83:35:ea:03:a8:
         d8:3a:5e:bb:73:03:63:a7:1a:3c:db:c9:19:86:84:ac:10:5f:
         69:6f:df:13:6d:4f:af:c0:5b:10:8c:ea:70:23:0a:0c:42:85:
         68:ec:93:49:27:1b:c5:8a:34:6e:7f:50:c2:13:5b:c8:ec:e6:
         23:19:61:4d:19:7e:64:da:63:1c:42:8e:dd:70:4a:6f:41:31:
         d0:00:20:4c:72:11:b9:53:66:5e:3b:f0:0b:90:46:7d:5a:64:
         ea:3e:0e:98:71:c4:96:4e:cd:05:0e:5c:59:88:ba:98:3d:29:
         bd:c6:21:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnjGc3vdl7sZq1WFFcKuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjUwNjA2MTkwMTAxWhcNMjUwNjA3MTkwMTAxWjAzMTEwLwYDVQQD
Eyg5Y2VjNWU4MjhiZDk1MzFlNjcwODRjMzNmNDNiNWQ3NWVjY2MwM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XE0QphLKKV2GWuoKmzZfsYBPmSQ
D1n+BxWnBjAX1VERu8iAgDFgamabNNsP37APrhf8Vhaje86LQSosnJTTjzHUHD15
vUG+zPdYuNGw4UQQT7DC3SV1UvVJIUJex/MKR0BlWmCp6qCTPROs2Za2V8d/n6Rw
BOP4YVPtQuMipo2xpeQYxPykYwhD7mA2CyXLvOsLsmCNVLEABFyQ+b5HMwKL9U55
bgo70DJLeULxDSPQ7y+HR8TjFyPexH1wyJ/QJ5ezqPcLsuLRQuvnXOjnQzlz8wBF
lVfOKxxYFX8AyhizBdPdVjgYgn1SrpqMezIZKnY0DZk04WcuNMU0dADNewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzsXoKL2VMeZwhMM/Q7XXXszAPDMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKU5YtJc
hzZpaskCjMT/S+9zC0ag2tptKRSF5/qVZB2dDawcxp1yfmYWqmbV93PXGo/IdjdH
lIB4BAkk4VKSPoibTbtOYMuDbKRNXAOBc4/CNJ/arXFG3h9raqvJkUbmSBR0TWaP
9ONvAjTemTuzHWqEavvXCylqucok3WAPUY3ErD7vZHaKO1TZAYM16gOo2Dpeu3MD
Y6caPNvJGYaErBBfaW/fE21Pr8BbEIzqcCMKDEKFaOyTSScbxYo0bn9QwhNbyOzm
IxlhTRl+ZNpjHEKO3XBKb0Ex0AAgTHIRuVNmXjvwC5BGfVpk6j4OmHHElk7NBQ5c
WYi6mD0pvcYhdA==
-----END CERTIFICATE-----