Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.mft
File:                     z-qNvyFYi18Mlkcc6jO1TtEJF-g.mft (raw, json)
Hash identifier:          gembjmnDMqrQsNcSAvyRGh8zv6kdrrlvVvDAyg6+4zM=
Subject key identifier:   B8:49:E0:CA:63:87:4B:87:CF:28:8A:B3:B5:F4:8E:73:66:D1:19:E6
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Certificate issuer:       /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial:       0197523450FA8BAA99DA62FB734F2B4A8A40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.mft
Manifest number:          158A
Signing time:             Mon 09 Jun 2025 01:00:49 +0000
Manifest this update:     Mon 09 Jun 2025 01:00:49 +0000
Manifest next update:     Tue 10 Jun 2025 01:00:49 +0000
Files and hashes:         1: z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl (hash: uyOOMB8zXm8+1IbVSqdeCHYuMNz9+ZwZjr+DHcCtrLY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 01:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:50:fa:8b:aa:99:da:62:fb:73:4f:2b:4a:8a:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
        Validity
            Not Before: Jun  9 01:00:49 2025 GMT
            Not After : Jun 10 01:00:49 2025 GMT
        Subject: CN=b849e0ca63874b87cf288ab3b5f48e7366d119e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4d:cb:8d:e3:42:da:27:ed:9c:14:02:57:f1:
                    c6:80:ae:44:0e:fe:7b:6e:8f:52:7a:e8:0d:24:38:
                    07:c1:f6:d8:d7:cd:59:9f:19:c8:3f:e6:eb:38:6d:
                    52:2c:41:4d:95:19:92:0c:e8:42:0d:29:67:0c:fa:
                    37:7b:d5:d4:5d:2f:a4:86:81:c6:03:b4:35:d6:21:
                    31:03:f6:ee:e3:78:e7:fe:2d:93:66:97:f2:cd:80:
                    cb:cf:7b:21:6c:48:a5:51:fd:c1:f5:97:2a:4f:95:
                    b1:99:3d:ee:73:b8:24:f3:91:bc:63:a5:99:43:93:
                    8a:83:5a:ab:8a:5e:61:82:f6:20:ed:1d:7f:8a:38:
                    1d:1f:1a:c3:cf:24:fa:9c:95:5e:78:d9:25:46:8a:
                    70:99:64:df:38:56:00:7b:67:c2:be:54:7b:b3:bc:
                    d0:ea:5c:be:6e:fc:84:78:78:a1:2f:6f:5a:81:9f:
                    39:2f:75:33:50:fc:b3:08:fc:ff:98:b5:fb:10:81:
                    7a:c1:84:c8:1a:75:2d:81:e1:74:99:25:8c:57:cf:
                    ac:24:78:05:8c:2b:00:2b:f2:5d:1a:57:c5:46:cc:
                    c4:1c:82:9d:b0:8a:c1:ec:89:0d:22:e9:a3:6b:19:
                    7c:0b:2d:5e:01:38:2a:41:0d:ac:b0:16:03:b0:5c:
                    b8:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:49:E0:CA:63:87:4B:87:CF:28:8A:B3:B5:F4:8E:73:66:D1:19:E6
            X509v3 Authority Key Identifier:
                keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:9d:b5:af:e5:4f:ef:f2:24:cc:58:70:04:3b:80:9d:35:e1:
         8d:2e:ec:a2:04:dd:52:09:ab:a7:8a:99:f7:97:87:f4:f2:ab:
         19:54:70:d6:a3:27:90:8e:a8:75:46:67:5c:4c:0d:a2:51:4c:
         b7:2b:63:82:55:95:ec:8b:a7:16:db:67:d4:30:4d:17:53:12:
         7c:44:e8:51:f3:07:8c:f5:97:68:be:66:d8:ab:05:e0:93:46:
         a8:dd:63:b7:ef:da:0f:f9:e6:ed:7d:00:a3:73:b8:fb:b7:eb:
         dd:fc:01:17:f1:f7:96:44:db:2a:f2:32:35:30:74:7e:30:89:
         29:25:50:31:d9:9f:cc:63:4d:c5:91:e7:90:bc:92:f4:6d:a5:
         54:08:2c:57:02:c4:f6:0b:e6:43:f4:58:02:56:9e:0d:42:1e:
         b3:ba:d5:04:06:73:be:ac:07:1e:0d:58:1f:48:60:bd:c2:81:
         6d:c1:b2:63:ef:12:81:2a:24:2d:43:04:d4:79:4a:71:4d:4c:
         14:0e:bd:d6:e5:6c:13:89:8b:eb:1d:c5:b1:be:d5:6d:a8:35:
         92:e5:f2:5e:d7:f4:97:07:49:c4:72:b3:54:87:b8:d5:71:cd:
         ce:b5:d6:fa:25:a9:8c:8c:a6:3c:28:94:4a:38:69:6a:cc:61:
         ae:e4:b4:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNFD6i6qZ2mL7c08rSopAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjUwNjA5MDEwMDQ5WhcNMjUwNjEwMDEwMDQ5WjAzMTEwLwYDVQQD
EyhiODQ5ZTBjYTYzODc0Yjg3Y2YyODhhYjNiNWY0OGU3MzY2ZDExOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU3LjeNC2iftnBQCV/HGgK5EDv57
bo9SeugNJDgHwfbY181ZnxnIP+brOG1SLEFNlRmSDOhCDSlnDPo3e9XUXS+khoHG
A7Q11iExA/bu43jn/i2TZpfyzYDLz3shbEilUf3B9ZcqT5WxmT3uc7gk85G8Y6WZ
Q5OKg1qril5hgvYg7R1/ijgdHxrDzyT6nJVeeNklRopwmWTfOFYAe2fCvlR7s7zQ
6ly+bvyEeHihL29agZ85L3UzUPyzCPz/mLX7EIF6wYTIGnUtgeF0mSWMV8+sJHgF
jCsAK/JdGlfFRszEHIKdsIrB7IkNIumjaxl8Cy1eATgqQQ2ssBYDsFy4kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhJ4Mpjh0uHzyiKs7X0jnNm0RnmMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZ21r+VP
7/IkzFhwBDuAnTXhjS7sogTdUgmrp4qZ95eH9PKrGVRw1qMnkI6odUZnXEwNolFM
tytjglWV7IunFttn1DBNF1MSfEToUfMHjPWXaL5m2KsF4JNGqN1jt+/aD/nm7X0A
o3O4+7fr3fwBF/H3lkTbKvIyNTB0fjCJKSVQMdmfzGNNxZHnkLyS9G2lVAgsVwLE
9gvmQ/RYAlaeDUIes7rVBAZzvqwHHg1YH0hgvcKBbcGyY+8SgSokLUME1HlKcU1M
FA691uVsE4mL6x3Fsb7Vbag1kuXyXtf0lwdJxHKzVIe41XHNzrXW+iWpjIymPCiU
SjhpasxhruS0Yw==
-----END CERTIFICATE-----