Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          zTpO5Z62tTNvRbU5wljnrh/cVLDh+N9oR9z/oZxPPHw=
Subject key identifier:   64:54:60:55:46:D9:24:CF:E2:15:DD:49:B2:9C:F3:7D:69:72:9F:93
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       01974D4521BA7FD38D4A50C74E0C2BFDA2A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 02:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 02:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 02:01:05 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: kBi5u3pBmA87hzShIzNYE3YwneWaHkItRNFw/U9F6mE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:45:21:ba:7f:d3:8d:4a:50:c7:4e:0c:2b:fd:a2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Jun  8 02:01:05 2025 GMT
            Not After : Jun  9 02:01:05 2025 GMT
        Subject: CN=6454605546d924cfe215dd49b29cf37d69729f93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:dd:e4:79:18:1c:ff:ee:48:b3:46:14:28:4a:
                    6b:be:a5:33:3c:73:69:6c:2c:d3:df:72:51:33:c5:
                    ce:49:72:c8:f7:44:10:9b:e3:f1:a0:e4:ea:b9:7a:
                    72:db:3e:f5:51:10:dd:8b:21:87:c0:c5:da:b2:90:
                    df:18:30:02:ae:bc:54:4a:26:b7:00:ee:a1:1a:42:
                    70:24:fa:b0:f3:cb:29:3c:21:5d:1d:54:12:00:93:
                    44:18:30:8f:ee:bb:07:60:b4:b8:f9:96:f5:af:0e:
                    0e:21:b3:c5:fb:62:f4:35:5e:13:ff:e6:a1:4d:2a:
                    0f:bf:72:87:06:f8:54:71:65:1d:9b:f8:42:70:c5:
                    cb:ee:b2:30:a3:c1:ca:8a:7e:a6:0f:7a:5b:50:c3:
                    a6:59:35:0e:d2:ef:13:13:ea:e6:65:38:77:c7:ad:
                    3e:ee:c3:58:45:89:d3:f9:d5:a6:a1:14:9c:47:15:
                    f2:05:a6:3b:7a:cd:3d:71:f6:38:1d:6a:cb:a0:5f:
                    10:e9:f7:69:fe:7b:6e:9a:4c:34:ca:d7:87:11:36:
                    1d:6b:6f:7a:0b:1a:b9:b6:d5:ee:e6:b8:62:13:19:
                    c8:e4:97:1d:94:83:a0:4a:7b:e4:60:d8:28:d8:cc:
                    2f:53:da:5a:a3:c7:11:05:2c:44:ae:35:e5:6b:c7:
                    ae:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:54:60:55:46:D9:24:CF:E2:15:DD:49:B2:9C:F3:7D:69:72:9F:93
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:7e:b5:b7:99:85:b8:8a:b0:0e:fd:91:9c:95:67:92:56:9a:
         f4:50:9a:d7:f8:73:0d:a3:db:b4:d6:12:5b:94:6e:12:da:82:
         5d:72:ad:cd:c1:a9:3a:a7:a3:45:8c:73:88:09:1b:15:ff:56:
         2c:57:2d:ea:22:92:38:a5:f7:20:52:69:51:50:b9:85:cf:4b:
         d4:ee:ee:4e:7e:89:2b:ab:dd:49:7a:6f:f3:b4:0c:50:b0:0d:
         75:c6:e8:fb:73:4f:19:b9:0c:cc:05:2e:2c:72:7d:99:15:bf:
         1d:ba:70:64:17:e5:11:90:70:b2:43:25:0c:30:03:f3:6b:d0:
         84:79:57:97:59:db:8d:92:4a:bd:4b:c5:8a:df:4d:75:57:f3:
         ae:5d:e3:05:75:d1:93:13:d3:b2:33:f2:2c:c1:ff:76:a4:73:
         70:cb:e4:2a:21:23:12:8d:2d:37:e3:69:e4:d3:18:68:43:01:
         91:b5:2d:81:60:c3:34:33:a3:e6:f2:21:80:f7:8e:8a:84:85:
         5e:13:bb:90:ef:01:95:93:b5:87:a9:64:55:94:c8:cf:46:3c:
         26:e5:1f:43:9f:04:20:a2:86:34:f9:9a:c6:a4:af:de:f8:5e:
         20:b4:d5:9a:71:13:1b:fd:c1:a8:2c:3c:99:15:02:64:b3:4a:
         b2:c6:82:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRSG6f9ONSlDHTgwr/aKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUwNjA4MDIwMTA1WhcNMjUwNjA5MDIwMTA1WjAzMTEwLwYDVQQD
Eyg2NDU0NjA1NTQ2ZDkyNGNmZTIxNWRkNDliMjljZjM3ZDY5NzI5ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt3keRgc/+5Is0YUKEprvqUzPHNp
bCzT33JRM8XOSXLI90QQm+PxoOTquXpy2z71URDdiyGHwMXaspDfGDACrrxUSia3
AO6hGkJwJPqw88spPCFdHVQSAJNEGDCP7rsHYLS4+Zb1rw4OIbPF+2L0NV4T/+ah
TSoPv3KHBvhUcWUdm/hCcMXL7rIwo8HKin6mD3pbUMOmWTUO0u8TE+rmZTh3x60+
7sNYRYnT+dWmoRScRxXyBaY7es09cfY4HWrLoF8Q6fdp/ntumkw0yteHETYda296
Cxq5ttXu5rhiExnI5JcdlIOgSnvkYNgo2MwvU9pao8cRBSxErjXla8eu4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRUYFVG2STP4hXdSbKc831pcp+TMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArn61t5mF
uIqwDv2RnJVnklaa9FCa1/hzDaPbtNYSW5RuEtqCXXKtzcGpOqejRYxziAkbFf9W
LFct6iKSOKX3IFJpUVC5hc9L1O7uTn6JK6vdSXpv87QMULANdcbo+3NPGbkMzAUu
LHJ9mRW/HbpwZBflEZBwskMlDDAD82vQhHlXl1nbjZJKvUvFit9NdVfzrl3jBXXR
kxPTsjPyLMH/dqRzcMvkKiEjEo0tN+Np5NMYaEMBkbUtgWDDNDOj5vIhgPeOioSF
XhO7kO8BlZO1h6lkVZTIz0Y8JuUfQ58EIKKGNPmaxqSv3vheILTVmnETG/3BqCw8
mRUCZLNKssaCqg==
-----END CERTIFICATE-----