Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
File:                     ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft (raw, json)
Hash identifier:          jBGS3of8Tnnc/tzx8OKkZWRmkBf7ZkXzyN3UHGO65sk=
Subject key identifier:   44:88:02:6B:4A:70:79:C9:93:72:19:E6:36:25:20:EF:34:F6:5B:1C
Authority key identifier: 65:D4:D9:22:28:6A:84:5F:46:1F:EF:1F:53:D3:20:CD:2E:EF:72:8A
Certificate issuer:       /CN=65d4d922286a845f461fef1f53d320cd2eef728a
Certificate serial:       019749D624A5EFAC15B8F7C0F557770AD0C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
Manifest number:          0F45
Signing time:             Sat 07 Jun 2025 10:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 10:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 10:01:00 +0000
Files and hashes:         1: ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl (hash: t4jYv8sYFa6aXBGq19jRkpPAnmMaAYvnTi3z54e6+7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:24:a5:ef:ac:15:b8:f7:c0:f5:57:77:0a:d0:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d4d922286a845f461fef1f53d320cd2eef728a
        Validity
            Not Before: Jun  7 10:01:00 2025 GMT
            Not After : Jun  8 10:01:00 2025 GMT
        Subject: CN=4488026b4a7079c9937219e6362520ef34f65b1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0d:fb:af:05:da:fc:e8:99:6a:6a:41:58:18:
                    72:04:4c:3c:96:8e:f8:24:63:7c:e1:4e:14:64:4e:
                    37:46:b3:da:eb:70:7e:21:75:9b:04:26:1f:66:bd:
                    ee:48:20:22:7e:b7:78:9d:de:05:97:f9:4a:92:d3:
                    13:69:ae:0b:d2:5f:f0:d6:6b:22:be:ac:38:39:71:
                    63:ba:86:d6:5d:dd:ff:cd:21:52:39:62:f8:29:19:
                    e1:fe:a3:6a:23:ee:11:7a:25:54:61:0e:3f:68:41:
                    27:c4:b4:c9:0b:f0:b9:ff:85:ec:c8:ce:07:b4:09:
                    c8:41:9c:ff:17:11:8e:d7:fa:45:65:92:1a:22:3e:
                    73:26:00:ae:2c:88:dd:87:c7:7e:db:fe:f1:2e:2f:
                    45:15:5f:da:d6:ee:b0:13:1b:70:af:17:db:f7:ec:
                    28:b0:a4:12:94:48:f6:fc:b7:3c:7f:b2:f7:7e:5c:
                    5e:a4:32:5d:be:25:15:60:7e:2c:eb:7c:9b:87:f6:
                    3b:ee:00:93:c4:55:2e:c5:47:e3:e4:ee:eb:50:29:
                    ce:c7:d7:d7:5a:c7:f4:bc:bb:44:5a:9f:53:66:b0:
                    e5:cf:9c:63:58:86:20:7c:dc:f0:79:44:56:7d:5e:
                    d1:cf:14:2e:a3:8c:7a:2b:81:e5:88:5a:e1:ab:9a:
                    49:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:88:02:6B:4A:70:79:C9:93:72:19:E6:36:25:20:EF:34:F6:5B:1C
            X509v3 Authority Key Identifier:
                keyid:65:D4:D9:22:28:6A:84:5F:46:1F:EF:1F:53:D3:20:CD:2E:EF:72:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:84:c1:f7:e6:dd:2f:f9:8c:9c:d4:13:f1:f9:bd:f9:bc:00:
         13:fe:92:ab:2e:b4:27:85:74:d2:5e:9b:1c:2f:a0:c9:39:9d:
         09:f0:d8:13:6f:a0:ea:d3:30:fe:81:48:d4:9f:00:cb:36:ab:
         5a:8b:76:0f:74:2c:8e:50:69:79:6b:69:11:39:23:44:46:da:
         0f:9a:de:90:24:01:8b:80:4c:f9:30:77:02:1d:5b:0c:39:6c:
         28:14:d5:dd:da:81:fb:c9:6b:87:63:de:e6:e6:b4:0a:70:03:
         c4:ee:2b:68:d2:c2:af:6a:f7:c2:bb:9a:08:b4:ed:ac:69:3b:
         c6:6f:b6:99:8b:ea:44:56:91:2d:af:57:16:f5:f0:81:1c:52:
         a0:c8:bf:ff:6d:50:d7:20:03:54:66:23:aa:e7:37:9b:09:6c:
         c4:7a:e6:51:50:11:2b:e3:dd:5e:00:4e:54:28:a8:0e:f4:78:
         7b:f2:f2:c1:bd:fa:3c:1f:23:03:ff:3f:c1:67:01:b1:75:12:
         f4:55:d3:b0:4c:42:53:de:71:eb:45:4c:3c:cc:1f:73:a2:86:
         d5:d1:c5:75:d5:86:7b:d4:b5:19:e9:f1:bd:f9:87:ac:70:5e:
         e8:5c:69:a6:c5:fc:ac:b4:06:ce:99:ba:dd:84:c8:b4:16:a8:
         24:4b:5d:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1iSl76wVuPfA9Vd3CtDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDRkOTIyMjg2YTg0NWY0NjFmZWYxZjUzZDMyMGNkMmVl
ZjcyOGEwHhcNMjUwNjA3MTAwMTAwWhcNMjUwNjA4MTAwMTAwWjAzMTEwLwYDVQQD
Eyg0NDg4MDI2YjRhNzA3OWM5OTM3MjE5ZTYzNjI1MjBlZjM0ZjY1YjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA37rwXa/OiZampBWBhyBEw8lo74
JGN84U4UZE43RrPa63B+IXWbBCYfZr3uSCAifrd4nd4Fl/lKktMTaa4L0l/w1msi
vqw4OXFjuobWXd3/zSFSOWL4KRnh/qNqI+4ReiVUYQ4/aEEnxLTJC/C5/4XsyM4H
tAnIQZz/FxGO1/pFZZIaIj5zJgCuLIjdh8d+2/7xLi9FFV/a1u6wExtwrxfb9+wo
sKQSlEj2/Lc8f7L3flxepDJdviUVYH4s63ybh/Y77gCTxFUuxUfj5O7rUCnOx9fX
Wsf0vLtEWp9TZrDlz5xjWIYgfNzweURWfV7RzxQuo4x6K4HliFrhq5pJcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESIAmtKcHnJk3IZ5jYlIO809lscMB8GA1UdIwQY
MBaAFGXU2SIoaoRfRh/vH1PTIM0u73KKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82ODg5YjMtNzIyNy00MWQ0LTkwY2Qt
NjRmNzBjMTAzNTE5LzEvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82ODg5YjMtNzIyNy00MWQ0LTkwY2QtNjRmNzBjMTAzNTE5
LzEvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhoTB9+bd
L/mMnNQT8fm9+bwAE/6Sqy60J4V00l6bHC+gyTmdCfDYE2+g6tMw/oFI1J8Ayzar
Wot2D3QsjlBpeWtpETkjREbaD5rekCQBi4BM+TB3Ah1bDDlsKBTV3dqB+8lrh2Pe
5ua0CnADxO4raNLCr2r3wruaCLTtrGk7xm+2mYvqRFaRLa9XFvXwgRxSoMi//21Q
1yADVGYjquc3mwlsxHrmUVARK+PdXgBOVCioDvR4e/Lywb36PB8jA/8/wWcBsXUS
9FXTsExCU95x60VMPMwfc6KG1dHFddWGe9S1GenxvfmHrHBe6FxppsX8rLQGzpm6
3YTItBaoJEtdXw==
-----END CERTIFICATE-----