Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          WL45ieCXxcThsTplYiGjLu2KlBdhfcJao2QKo8OtJKY=
Subject key identifier:   C7:B4:9A:E9:07:8D:2D:E6:AB:C0:7D:8D:EC:3E:13:F5:23:D7:D8:69
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       01974AE878177A5051440DA3C6AD4CF4421E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          09A1
Signing time:             Sat 07 Jun 2025 15:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:38 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: Jvp/0VuWwDIfuzHAVBkqn2cmPTouZsrBK5i9PivY3Ck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:78:17:7a:50:51:44:0d:a3:c6:ad:4c:f4:42:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Jun  7 15:00:38 2025 GMT
            Not After : Jun  8 15:00:38 2025 GMT
        Subject: CN=c7b49ae9078d2de6abc07d8dec3e13f523d7d869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:56:8f:01:e4:73:f4:b4:2a:f5:31:db:50:ec:
                    7f:95:eb:ba:57:ca:3d:65:94:a3:34:90:4a:60:b0:
                    fe:1c:29:40:8b:b5:bb:1e:0b:e0:67:6e:d4:48:52:
                    df:75:66:3c:11:9a:fb:af:ca:b3:8c:74:16:66:40:
                    6e:c9:a7:e8:37:3e:94:e7:cf:fa:33:a7:8f:76:c0:
                    0b:56:1d:dd:0a:e3:a4:54:4c:b7:fe:59:f0:92:89:
                    a0:68:ea:60:bb:e6:30:4e:96:c9:50:f2:59:99:46:
                    4a:cd:66:e6:e6:33:20:fa:32:25:2d:9d:a4:f5:2b:
                    ab:20:42:46:10:1d:ff:93:1a:e1:67:55:08:8e:bb:
                    a3:aa:14:ef:b4:d3:0c:96:ba:cf:58:98:8b:1a:86:
                    d3:90:6d:7f:59:78:92:51:50:88:fa:a3:66:6f:7d:
                    a9:c5:4a:b9:7d:c9:ff:47:1a:59:c1:71:d0:86:34:
                    c6:6d:2d:5b:6a:29:3c:a4:e2:42:a0:b6:66:5e:0d:
                    8c:7b:00:db:c0:a1:d2:ca:96:d3:8d:67:b0:7e:18:
                    41:c5:b7:54:c4:69:5d:f1:c0:f1:10:da:22:43:76:
                    90:a3:2c:f9:2d:74:ba:3b:bc:5a:be:84:2b:48:0c:
                    45:0f:e0:95:d8:37:4f:31:bd:3f:19:22:f3:7f:27:
                    2b:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:B4:9A:E9:07:8D:2D:E6:AB:C0:7D:8D:EC:3E:13:F5:23:D7:D8:69
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c0:87:0f:41:72:50:9f:9d:9b:23:56:6d:b7:e3:d5:d2:c0:
         0c:b9:15:4e:b6:23:c0:42:ce:56:62:20:24:12:d1:bd:7b:bf:
         7a:65:c8:64:91:6f:eb:42:ca:82:4d:c4:9a:95:75:72:91:8f:
         f7:fc:41:e3:a2:0f:19:c0:93:4f:b0:8e:77:5c:d4:70:e8:24:
         95:ad:32:34:c2:00:65:1e:ae:ce:79:6a:81:39:4c:69:05:63:
         a8:52:77:f4:78:00:48:9b:73:7b:fe:20:41:f9:c7:a3:b1:2b:
         70:97:4a:63:2a:ac:1e:21:be:94:db:63:a4:17:aa:68:22:a7:
         dc:a8:11:91:1f:45:f0:30:69:9f:fe:10:0d:73:04:f4:e3:e4:
         2c:61:98:eb:14:bf:fc:46:4b:16:4e:ef:27:61:1d:4b:28:c4:
         32:83:09:00:dd:cb:7f:92:5e:ef:78:7e:29:24:00:f8:7d:6a:
         80:ba:d8:90:44:49:21:6d:e4:e1:3a:46:13:3c:e2:3b:d9:5d:
         7c:9c:b6:0b:a3:34:8b:20:46:b0:33:d5:70:8d:77:1a:80:60:
         e9:91:9f:ba:25:0c:40:4e:d2:15:4a:98:78:83:f3:ce:c2:74:
         2f:df:88:08:c0:10:aa:61:57:4f:4b:91:f3:82:10:eb:13:5f:
         16:8f:b9:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6HgXelBRRA2jxq1M9EIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUwNjA3MTUwMDM4WhcNMjUwNjA4MTUwMDM4WjAzMTEwLwYDVQQD
EyhjN2I0OWFlOTA3OGQyZGU2YWJjMDdkOGRlYzNlMTNmNTIzZDdkODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlaPAeRz9LQq9THbUOx/leu6V8o9
ZZSjNJBKYLD+HClAi7W7HgvgZ27USFLfdWY8EZr7r8qzjHQWZkBuyafoNz6U58/6
M6ePdsALVh3dCuOkVEy3/lnwkomgaOpgu+YwTpbJUPJZmUZKzWbm5jMg+jIlLZ2k
9SurIEJGEB3/kxrhZ1UIjrujqhTvtNMMlrrPWJiLGobTkG1/WXiSUVCI+qNmb32p
xUq5fcn/RxpZwXHQhjTGbS1baik8pOJCoLZmXg2MewDbwKHSypbTjWewfhhBxbdU
xGld8cDxENoiQ3aQoyz5LXS6O7xavoQrSAxFD+CV2DdPMb0/GSLzfycrewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMe0mukHjS3mq8B9jew+E/Uj19hpMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcCHD0Fy
UJ+dmyNWbbfj1dLADLkVTrYjwELOVmIgJBLRvXu/emXIZJFv60LKgk3EmpV1cpGP
9/xB46IPGcCTT7COd1zUcOgkla0yNMIAZR6uznlqgTlMaQVjqFJ39HgASJtze/4g
QfnHo7ErcJdKYyqsHiG+lNtjpBeqaCKn3KgRkR9F8DBpn/4QDXME9OPkLGGY6xS/
/EZLFk7vJ2EdSyjEMoMJAN3Lf5Je73h+KSQA+H1qgLrYkERJIW3k4TpGEzziO9ld
fJy2C6M0iyBGsDPVcI13GoBg6ZGfuiUMQE7SFUqYeIPzzsJ0L9+ICMAQqmFXT0uR
84IQ6xNfFo+5xw==
-----END CERTIFICATE-----