Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
File:                     ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft (raw, json)
Hash identifier:          PYu/+f0ba3pkm6BeGlzmblYrvLdZPc/CF+3SmAhej0I=
Subject key identifier:   40:CE:26:C0:FB:79:4E:03:AD:A4:1F:BF:D8:29:0B:C4:05:F2:B4:3F
Authority key identifier: 65:D4:D9:22:28:6A:84:5F:46:1F:EF:1F:53:D3:20:CD:2E:EF:72:8A
Certificate issuer:       /CN=65d4d922286a845f461fef1f53d320cd2eef728a
Certificate serial:       019618B51B1176D8F5E254541E78B91973B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
Manifest number:          0EA7
Signing time:             Wed 09 Apr 2025 04:00:44 +0000
Manifest this update:     Wed 09 Apr 2025 04:00:44 +0000
Manifest next update:     Thu 10 Apr 2025 04:00:44 +0000
Files and hashes:         1: ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl (hash: Qn0WtRJ6BNsYOE5QGYp1nTDF6i/1oPGjli9oCoywh8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 09 Apr 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:18:b5:1b:11:76:d8:f5:e2:54:54:1e:78:b9:19:73:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d4d922286a845f461fef1f53d320cd2eef728a
        Validity
            Not Before: Apr  9 04:00:44 2025 GMT
            Not After : Apr 10 04:00:44 2025 GMT
        Subject: CN=40ce26c0fb794e03ada41fbfd8290bc405f2b43f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a6:e7:aa:8c:75:bf:d5:da:15:24:74:99:55:
                    a2:82:e7:f8:4a:dc:dd:dd:27:7f:2a:72:a1:dd:b5:
                    98:1c:d9:45:92:c2:d5:2e:12:5a:9f:33:df:eb:b2:
                    9c:b3:6c:7b:e8:3b:6d:17:bc:46:a8:d0:60:6b:f7:
                    43:2f:d2:f9:a3:f5:66:4d:f4:8e:e9:5a:ce:c6:cf:
                    8b:94:ca:1d:c2:ef:55:34:d5:f1:f4:ef:78:a8:cc:
                    77:a9:d3:6e:3b:39:57:fa:00:b6:51:34:13:12:fb:
                    04:ae:18:a6:f1:bd:d7:5f:86:d8:bf:93:c4:98:d2:
                    89:00:20:c1:93:e2:ee:1a:56:4a:4f:09:49:3e:17:
                    b3:16:8f:4a:43:9b:a0:d6:ea:7e:ef:0f:74:02:bd:
                    96:a4:a3:0a:b3:ab:20:2a:2d:ab:9f:0a:67:2f:ea:
                    d5:cf:a9:d2:05:99:67:52:7d:cd:a7:8f:72:f9:99:
                    d3:35:21:8a:f9:bb:8a:f0:e7:e0:44:1a:a3:5e:b9:
                    d6:ec:a4:0d:d2:51:47:5c:0d:83:6f:43:86:2b:72:
                    70:d0:fc:92:67:88:d8:60:d9:ef:57:bb:5c:6c:98:
                    10:62:c1:7c:c4:17:d6:5c:3c:f1:07:60:60:d1:a4:
                    86:51:49:29:90:0b:ae:7b:01:f5:06:f8:03:a3:4d:
                    ab:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:CE:26:C0:FB:79:4E:03:AD:A4:1F:BF:D8:29:0B:C4:05:F2:B4:3F
            X509v3 Authority Key Identifier:
                keyid:65:D4:D9:22:28:6A:84:5F:46:1F:EF:1F:53:D3:20:CD:2E:EF:72:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:e5:72:3c:a5:c0:7b:76:4e:81:44:37:fa:c4:c6:7a:6f:cf:
         c3:20:56:92:5b:df:f0:8f:6c:69:35:b7:bc:74:b9:ac:ba:47:
         e1:70:b6:96:ae:f4:c5:83:20:6b:40:39:03:b1:97:8e:c2:d8:
         f2:df:9c:00:45:7e:29:0d:b0:04:30:ad:43:32:0b:90:d0:77:
         6e:b8:e7:59:35:25:cb:eb:fe:4d:c1:d3:f9:4a:91:29:dc:4a:
         dd:13:ca:f9:e5:53:83:fb:3e:40:b8:3b:b6:a8:3c:5d:0a:23:
         d3:6f:75:fc:4a:a1:97:bb:18:da:d7:ea:f4:d1:cd:23:79:d3:
         92:5b:06:9d:9d:9f:1e:bd:1f:23:e1:d6:f4:dd:8d:74:03:ef:
         a3:0a:4f:35:3b:ac:49:34:e5:98:81:21:7c:73:65:e9:ad:b7:
         2a:07:2f:1b:a5:73:99:40:83:a3:d3:e9:af:81:24:b8:00:49:
         f7:48:b8:f5:96:7c:91:65:3c:3c:93:30:e3:46:49:e2:be:ad:
         ad:bf:a1:7f:75:6c:6f:ec:35:81:69:12:b3:0a:e3:ee:04:47:
         b0:03:19:47:87:a5:2c:25:cf:21:cb:64:95:b4:3b:1a:d1:e5:
         55:ad:d5:16:df:1d:c7:a6:16:62:b8:4c:56:da:b6:e5:a3:1e:
         e4:64:28:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYYtRsRdtj14lRUHni5GXOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDRkOTIyMjg2YTg0NWY0NjFmZWYxZjUzZDMyMGNkMmVl
ZjcyOGEwHhcNMjUwNDA5MDQwMDQ0WhcNMjUwNDEwMDQwMDQ0WjAzMTEwLwYDVQQD
Eyg0MGNlMjZjMGZiNzk0ZTAzYWRhNDFmYmZkODI5MGJjNDA1ZjJiNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyabnqox1v9XaFSR0mVWiguf4Stzd
3Sd/KnKh3bWYHNlFksLVLhJanzPf67Kcs2x76DttF7xGqNBga/dDL9L5o/VmTfSO
6VrOxs+LlModwu9VNNXx9O94qMx3qdNuOzlX+gC2UTQTEvsErhim8b3XX4bYv5PE
mNKJACDBk+LuGlZKTwlJPhezFo9KQ5ug1up+7w90Ar2WpKMKs6sgKi2rnwpnL+rV
z6nSBZlnUn3Np49y+ZnTNSGK+buK8OfgRBqjXrnW7KQN0lFHXA2Db0OGK3Jw0PyS
Z4jYYNnvV7tcbJgQYsF8xBfWXDzxB2Bg0aSGUUkpkAuuewH1BvgDo02rOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDOJsD7eU4DraQfv9gpC8QF8rQ/MB8GA1UdIwQY
MBaAFGXU2SIoaoRfRh/vH1PTIM0u73KKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82ODg5YjMtNzIyNy00MWQ0LTkwY2Qt
NjRmNzBjMTAzNTE5LzEvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82ODg5YjMtNzIyNy00MWQ0LTkwY2QtNjRmNzBjMTAzNTE5
LzEvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeuVyPKXA
e3ZOgUQ3+sTGem/PwyBWklvf8I9saTW3vHS5rLpH4XC2lq70xYMga0A5A7GXjsLY
8t+cAEV+KQ2wBDCtQzILkNB3brjnWTUly+v+TcHT+UqRKdxK3RPK+eVTg/s+QLg7
tqg8XQoj0291/Eqhl7sY2tfq9NHNI3nTklsGnZ2fHr0fI+HW9N2NdAPvowpPNTus
STTlmIEhfHNl6a23KgcvG6VzmUCDo9Ppr4EkuABJ90i49ZZ8kWU8PJMw40ZJ4r6t
rb+hf3Vsb+w1gWkSswrj7gRHsAMZR4elLCXPIctklbQ7GtHlVa3VFt8dx6YWYrhM
Vtq25aMe5GQoog==
-----END CERTIFICATE-----