Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          /WQrCO8q3MMshwNioHwC7pfjs6gLMJoaE/LPFIn7Xv4=
Subject key identifier:   DE:0F:7F:64:0F:B7:F9:BF:E6:07:F8:CE:01:64:CC:9A:B7:E1:8C:C3
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       0197488CE46F6F03B26674214207A325E948
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0A7F
Signing time:             Sat 07 Jun 2025 04:01:22 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:22 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:22 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: 3ww2bDA3svd9apIaLU1VVWdo2WTvcSsat/TVr25eUYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:e4:6f:6f:03:b2:66:74:21:42:07:a3:25:e9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Jun  7 04:01:22 2025 GMT
            Not After : Jun  8 04:01:22 2025 GMT
        Subject: CN=de0f7f640fb7f9bfe607f8ce0164cc9ab7e18cc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:68:43:ba:92:09:89:03:3b:0f:7c:6d:b3:02:
                    19:8b:6b:3b:2e:84:69:0d:c2:1b:60:f2:9d:30:2c:
                    1b:a4:53:fb:15:8d:59:18:f7:22:1b:d3:55:76:d1:
                    28:10:de:8e:46:fb:a4:2c:34:70:ca:33:45:11:c5:
                    93:5f:6c:93:d8:a0:0b:15:65:1d:54:4e:1e:af:9a:
                    aa:2a:f0:25:8c:f1:b0:36:af:37:8d:4e:91:39:00:
                    43:99:c7:7d:c5:07:a9:e0:f1:ef:1f:ac:c5:6a:58:
                    8c:76:4b:04:b7:6e:f8:72:81:f2:18:47:4c:64:7f:
                    9c:43:06:08:b0:86:87:d4:bb:40:6b:fc:b1:e9:f2:
                    3c:e3:a1:af:16:a7:df:6a:5c:44:c2:de:fe:6f:eb:
                    3a:22:42:3a:3c:e3:46:a1:aa:14:a4:03:ee:33:c0:
                    4d:a5:b8:71:44:75:a8:ec:39:25:02:51:3f:17:f5:
                    a7:0e:3a:b2:50:aa:5b:55:db:57:68:95:11:25:63:
                    ee:c4:6a:58:44:da:e0:7f:02:e1:63:e7:95:b5:86:
                    79:33:98:fd:28:9d:32:b5:76:cf:21:56:30:98:8b:
                    b4:98:51:1e:e4:c0:1c:aa:e6:7e:02:0f:06:f0:1c:
                    73:f5:a0:04:cb:e9:a6:0f:5b:cb:85:43:cf:2f:2d:
                    15:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:0F:7F:64:0F:B7:F9:BF:E6:07:F8:CE:01:64:CC:9A:B7:E1:8C:C3
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:4d:69:fd:88:86:c1:65:3d:48:57:c3:42:d1:49:3a:0b:aa:
         9d:a0:99:6e:97:4f:c8:4a:93:df:e0:f1:c9:d7:bb:d3:b7:0c:
         8c:7c:9b:03:3e:ca:08:05:69:a5:2f:cc:c1:10:26:e5:74:6e:
         5c:84:d5:1e:e6:35:41:0c:da:ea:11:bf:70:57:24:e9:2e:a8:
         ab:8a:a8:4b:53:c2:12:69:30:7a:71:4d:30:8b:c0:ee:2b:eb:
         a2:48:4d:81:d6:a7:a3:c1:9a:f3:6c:ed:17:4f:f1:65:5e:6b:
         d7:05:a3:27:89:79:3d:e3:22:78:63:b2:bc:b2:e3:29:26:6f:
         5b:d7:e4:7e:f1:67:27:a5:d2:db:23:63:fa:bd:1c:22:9c:76:
         a2:68:a2:3b:33:27:c6:ed:94:bf:31:0c:4b:ba:8a:8d:8c:d7:
         30:13:07:bb:0e:eb:ed:97:ab:61:e3:46:7d:df:a9:0a:e1:50:
         c4:5a:2b:46:56:e8:ad:92:07:ea:df:78:61:de:89:1e:92:b7:
         b5:47:14:7e:f1:a5:14:4f:d5:1b:cc:46:be:7f:03:4d:47:ba:
         4e:cf:d5:b5:cd:9f:cd:28:47:c2:17:e7:3a:5f:d8:1f:c0:a3:
         cd:39:58:2a:c7:e7:a2:12:d4:ae:2d:dd:ad:c8:02:bf:41:58:
         20:68:6b:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjORvbwOyZnQhQgejJelIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjUwNjA3MDQwMTIyWhcNMjUwNjA4MDQwMTIyWjAzMTEwLwYDVQQD
EyhkZTBmN2Y2NDBmYjdmOWJmZTYwN2Y4Y2UwMTY0Y2M5YWI3ZTE4Y2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22hDupIJiQM7D3xtswIZi2s7LoRp
DcIbYPKdMCwbpFP7FY1ZGPciG9NVdtEoEN6ORvukLDRwyjNFEcWTX2yT2KALFWUd
VE4er5qqKvAljPGwNq83jU6ROQBDmcd9xQep4PHvH6zFaliMdksEt274coHyGEdM
ZH+cQwYIsIaH1LtAa/yx6fI846GvFqffalxEwt7+b+s6IkI6PONGoaoUpAPuM8BN
pbhxRHWo7DklAlE/F/WnDjqyUKpbVdtXaJURJWPuxGpYRNrgfwLhY+eVtYZ5M5j9
KJ0ytXbPIVYwmIu0mFEe5MAcquZ+Ag8G8Bxz9aAEy+mmD1vLhUPPLy0V5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4Pf2QPt/m/5gf4zgFkzJq34YzDMB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbU1p/YiG
wWU9SFfDQtFJOguqnaCZbpdPyEqT3+Dxyde707cMjHybAz7KCAVppS/MwRAm5XRu
XITVHuY1QQza6hG/cFck6S6oq4qoS1PCEmkwenFNMIvA7ivrokhNgdano8Ga82zt
F0/xZV5r1wWjJ4l5PeMieGOyvLLjKSZvW9fkfvFnJ6XS2yNj+r0cIpx2omiiOzMn
xu2UvzEMS7qKjYzXMBMHuw7r7ZerYeNGfd+pCuFQxForRlborZIH6t94Yd6JHpK3
tUcUfvGlFE/VG8xGvn8DTUe6Ts/Vtc2fzShHwhfnOl/YH8CjzTlYKsfnohLUri3d
rcgCv0FYIGhr4g==
-----END CERTIFICATE-----