Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
File:                     cZSy_8iUT-E1eWAoERzOc0cew38.mft (raw, json)
Hash identifier:          EwxhTtkJLskYPPFRMbq+ZeucNBnUq70SPmjeMX+9Ulc=
Subject key identifier:   96:B0:49:F2:19:F3:80:74:6E:4E:A9:DE:AF:14:A3:7D:A6:3A:33:79
Authority key identifier: 71:94:B2:FF:C8:94:4F:E1:35:79:60:28:11:1C:CE:73:47:1E:C3:7F
Certificate issuer:       /CN=7194b2ffc8944fe135796028111cce73471ec37f
Certificate serial:       0199240D1B2CFF480817D9CFAD23C25B8C8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
Manifest number:          056C
Signing time:             Sun 07 Sep 2025 12:01:02 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:02 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:02 +0000
Files and hashes:         1: cZSy_8iUT-E1eWAoERzOc0cew38.crl (hash: onoiHHkKK2G6emamCD7VPx0egMqI7PgeHIHPvIC2SJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:1b:2c:ff:48:08:17:d9:cf:ad:23:c2:5b:8c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7194b2ffc8944fe135796028111cce73471ec37f
        Validity
            Not Before: Sep  7 12:01:02 2025 GMT
            Not After : Sep  8 12:01:02 2025 GMT
        Subject: CN=96b049f219f380746e4ea9deaf14a37da63a3379
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1e:0c:61:3c:8b:99:09:06:76:67:f3:31:09:
                    f4:3f:54:2b:f8:de:a3:4b:8c:54:4c:62:6b:d7:8a:
                    87:d3:37:e5:35:b7:02:cb:61:93:1c:c7:fd:54:44:
                    3d:7b:1a:9f:ae:3e:d9:f2:81:64:ee:96:87:ef:0f:
                    9c:96:62:44:45:fa:26:2b:a5:74:42:49:7c:1f:ad:
                    5a:91:8e:1b:32:dc:ac:20:92:50:29:bd:21:f3:d2:
                    3a:d8:ed:3f:a9:78:22:2f:2f:37:87:f0:98:7e:9b:
                    7e:c3:5d:00:2b:51:85:60:64:58:34:58:e6:af:40:
                    c9:87:52:75:81:db:db:e3:c4:27:37:4e:49:01:6e:
                    0a:4c:bf:47:26:f5:fa:4b:72:18:2b:4a:3f:e5:31:
                    63:70:82:1f:50:7d:63:ab:18:73:dc:89:1d:ac:3a:
                    03:bc:3a:d0:97:4a:c7:d3:b2:74:fe:a8:f5:cc:83:
                    22:62:53:08:63:54:f7:4d:8d:71:a0:f5:00:80:8f:
                    c8:5d:04:c5:0e:00:95:38:4c:c3:b3:94:6b:5f:55:
                    7d:43:02:1e:2e:a3:cd:71:30:5d:21:ae:26:c7:83:
                    cd:ce:c2:ad:5a:34:21:33:dd:e9:e4:72:b3:8c:fd:
                    52:22:a3:36:12:a0:a0:2f:f0:84:92:76:64:71:59:
                    ff:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:B0:49:F2:19:F3:80:74:6E:4E:A9:DE:AF:14:A3:7D:A6:3A:33:79
            X509v3 Authority Key Identifier:
                keyid:71:94:B2:FF:C8:94:4F:E1:35:79:60:28:11:1C:CE:73:47:1E:C3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:81:47:ce:93:80:e4:31:b4:9e:fc:7a:9c:ab:e6:26:d0:42:
         af:9a:4b:0d:59:64:5b:e5:52:e5:b7:4d:56:f0:2e:dd:0c:8c:
         e0:b4:e9:90:98:f9:37:ce:e5:5d:0e:64:88:e4:88:e3:59:cd:
         5f:ba:c0:26:ef:17:9f:bc:af:89:29:f3:d8:7a:e1:08:ce:2c:
         75:0b:7b:fd:3e:ea:89:76:fd:bb:e0:63:b2:b2:e7:66:4c:47:
         d6:c6:17:56:e5:0e:31:12:9a:25:a5:b3:ad:28:97:3a:35:a4:
         09:9a:cb:05:30:57:7f:c6:dc:e9:ee:45:54:05:7d:b8:80:be:
         3c:df:e5:ff:9d:a5:dd:95:4d:a5:29:4a:9e:b5:cf:5c:d2:ef:
         ca:9d:8e:62:7c:c8:e5:f8:d9:29:3d:93:4f:87:1b:69:69:7e:
         36:d4:c5:9c:61:15:00:e0:59:e5:72:ff:1c:b3:ea:9a:48:bc:
         fc:c4:ef:82:36:4b:f9:6f:bb:b0:48:4f:a6:7c:db:5a:36:cd:
         98:95:23:dd:5c:23:f1:e9:02:96:66:7c:c6:c1:4d:df:46:6d:
         3c:2d:cc:ed:84:5a:ae:da:06:9f:32:bb:e2:5b:86:b0:73:6b:
         00:1b:11:f4:34:3e:66:de:f4:40:57:c8:b9:af:91:96:a8:2b:
         96:ed:bc:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDRss/0gIF9nPrSPCW4yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTRiMmZmYzg5NDRmZTEzNTc5NjAyODExMWNjZTczNDcx
ZWMzN2YwHhcNMjUwOTA3MTIwMTAyWhcNMjUwOTA4MTIwMTAyWjAzMTEwLwYDVQQD
Eyg5NmIwNDlmMjE5ZjM4MDc0NmU0ZWE5ZGVhZjE0YTM3ZGE2M2EzMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth4MYTyLmQkGdmfzMQn0P1Qr+N6j
S4xUTGJr14qH0zflNbcCy2GTHMf9VEQ9exqfrj7Z8oFk7paH7w+clmJERfomK6V0
Qkl8H61akY4bMtysIJJQKb0h89I62O0/qXgiLy83h/CYfpt+w10AK1GFYGRYNFjm
r0DJh1J1gdvb48QnN05JAW4KTL9HJvX6S3IYK0o/5TFjcIIfUH1jqxhz3IkdrDoD
vDrQl0rH07J0/qj1zIMiYlMIY1T3TY1xoPUAgI/IXQTFDgCVOEzDs5RrX1V9QwIe
LqPNcTBdIa4mx4PNzsKtWjQhM93p5HKzjP1SIqM2EqCgL/CEknZkcVn/UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJawSfIZ84B0bk6p3q8Uo32mOjN5MB8GA1UdIwQY
MBaAFHGUsv/IlE/hNXlgKBEcznNHHsN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xMDY5ZWYtM2RjMS00NDRlLWE3ZGYt
MGVhYjgxMzliMjNhLzEvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xMDY5ZWYtM2RjMS00NDRlLWE3ZGYtMGVhYjgxMzliMjNh
LzEvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4FHzpOA
5DG0nvx6nKvmJtBCr5pLDVlkW+VS5bdNVvAu3QyM4LTpkJj5N87lXQ5kiOSI41nN
X7rAJu8Xn7yviSnz2HrhCM4sdQt7/T7qiXb9u+BjsrLnZkxH1sYXVuUOMRKaJaWz
rSiXOjWkCZrLBTBXf8bc6e5FVAV9uIC+PN/l/52l3ZVNpSlKnrXPXNLvyp2OYnzI
5fjZKT2TT4cbaWl+NtTFnGEVAOBZ5XL/HLPqmki8/MTvgjZL+W+7sEhPpnzbWjbN
mJUj3Vwj8ekClmZ8xsFN30ZtPC3M7YRartoGnzK74luGsHNrABsR9DQ+Zt70QFfI
ua+Rlqgrlu28Rw==
-----END CERTIFICATE-----