Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          bJxja/sRtvBpAe0afYfuxnB0cxFgnKTbsk1d8unNDlY=
Subject key identifier:   C1:C7:57:EA:D8:93:80:42:77:22:E7:92:65:36:32:BE:F1:67:45:61
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       01976471A3DA79D1F3BE39832A2E86C36169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          1436
Signing time:             Thu 12 Jun 2025 14:00:58 +0000
Manifest this update:     Thu 12 Jun 2025 14:00:58 +0000
Manifest next update:     Fri 13 Jun 2025 14:00:58 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: nbrioNE0ViLVbpEp6hf444ZcvAGvtYlMTcDLZE2G8Eo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:71:a3:da:79:d1:f3:be:39:83:2a:2e:86:c3:61:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Jun 12 14:00:58 2025 GMT
            Not After : Jun 13 14:00:58 2025 GMT
        Subject: CN=c1c757ead89380427722e792653632bef1674561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3c:c6:5c:e0:bf:14:a0:37:b8:a7:eb:14:db:
                    b0:31:9a:5a:bc:a4:ad:22:0a:b7:07:65:94:ed:bb:
                    e6:55:6f:17:26:d6:6c:ff:4e:44:c7:f4:5d:4b:2b:
                    b7:f0:53:34:21:c7:55:f3:1b:72:89:42:20:9c:a4:
                    da:54:61:3b:97:22:bc:3f:32:3e:8a:65:e9:72:b1:
                    e6:a2:fa:2b:ef:e3:ee:ab:98:b6:53:8a:34:61:a7:
                    84:ee:7e:cb:83:34:8c:23:56:f1:2a:fc:69:9c:60:
                    2a:e1:4a:ef:e8:3e:1d:9e:92:e1:11:5b:fa:68:60:
                    a5:87:14:2e:26:b5:67:22:64:06:16:70:bf:d0:7e:
                    be:54:c3:05:0b:8b:53:52:70:2e:88:70:e1:9c:4f:
                    fc:c0:50:ce:79:80:bc:22:42:00:c7:c8:bd:74:05:
                    8e:b2:91:9b:8a:b6:03:f9:bf:2a:dc:a2:ec:42:4b:
                    c4:9e:64:38:9a:d8:d8:19:79:13:a6:61:0a:55:22:
                    82:19:2d:89:56:bd:14:80:89:4f:d1:30:3c:a1:85:
                    44:46:31:e6:a7:27:8a:23:55:a9:2b:1f:89:49:72:
                    92:7e:c8:58:bd:57:d5:8a:52:d1:0b:98:d8:6e:8d:
                    6a:d7:ec:46:a8:ab:ed:35:3c:91:b4:d1:70:11:94:
                    31:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:C7:57:EA:D8:93:80:42:77:22:E7:92:65:36:32:BE:F1:67:45:61
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:19:ed:04:9d:37:66:a8:90:5e:fc:9d:96:d4:18:d4:f6:e4:
         6a:0a:c0:20:f8:0d:df:65:8f:ca:c3:19:df:34:29:2b:1c:f6:
         ca:9c:4c:97:2f:d1:1b:89:f2:e3:88:69:88:71:62:85:dc:db:
         b8:a9:cb:50:49:0b:89:0c:46:2c:c4:3a:bf:13:89:6d:29:c0:
         4a:1c:c3:26:32:1b:10:9f:f1:40:64:b7:9e:2f:41:01:a1:68:
         9a:66:13:a9:a0:33:6c:03:51:e6:79:03:56:de:09:9b:1c:64:
         a7:eb:b4:a4:d5:fd:d4:6a:d1:10:f0:05:96:26:63:7c:f0:ea:
         c3:21:c0:b4:08:e6:00:f4:27:a9:e1:0d:76:e8:8f:1d:90:49:
         ab:d9:35:ae:45:b3:7d:00:40:01:b9:05:9b:40:eb:d6:51:98:
         32:aa:53:3b:46:87:0c:fa:40:0d:ab:51:e6:27:01:e0:7d:3f:
         ac:9d:de:f1:f5:24:84:fd:83:92:09:d0:8e:d2:ae:e6:e5:dd:
         ba:d9:28:b0:ef:72:09:ca:ca:89:a7:c7:33:25:97:29:60:11:
         97:e3:26:37:39:77:e8:d0:52:e4:e2:c3:b2:df:8d:63:55:3c:
         72:da:48:cc:02:ed:0d:33:79:1b:2d:61:5f:62:92:4a:f8:65:
         6c:40:2b:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkcaPaedHzvjmDKi6Gw2FpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjUwNjEyMTQwMDU4WhcNMjUwNjEzMTQwMDU4WjAzMTEwLwYDVQQD
EyhjMWM3NTdlYWQ4OTM4MDQyNzcyMmU3OTI2NTM2MzJiZWYxNjc0NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzzGXOC/FKA3uKfrFNuwMZpavKSt
Igq3B2WU7bvmVW8XJtZs/05Ex/RdSyu38FM0IcdV8xtyiUIgnKTaVGE7lyK8PzI+
imXpcrHmovor7+Puq5i2U4o0YaeE7n7LgzSMI1bxKvxpnGAq4Urv6D4dnpLhEVv6
aGClhxQuJrVnImQGFnC/0H6+VMMFC4tTUnAuiHDhnE/8wFDOeYC8IkIAx8i9dAWO
spGbirYD+b8q3KLsQkvEnmQ4mtjYGXkTpmEKVSKCGS2JVr0UgIlP0TA8oYVERjHm
pyeKI1WpKx+JSXKSfshYvVfVilLRC5jYbo1q1+xGqKvtNTyRtNFwEZQxmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHHV+rYk4BCdyLnkmU2Mr7xZ0VhMB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYRntBJ03
ZqiQXvydltQY1PbkagrAIPgN32WPysMZ3zQpKxz2ypxMly/RG4ny44hpiHFihdzb
uKnLUEkLiQxGLMQ6vxOJbSnAShzDJjIbEJ/xQGS3ni9BAaFommYTqaAzbANR5nkD
Vt4Jmxxkp+u0pNX91GrREPAFliZjfPDqwyHAtAjmAPQnqeENduiPHZBJq9k1rkWz
fQBAAbkFm0Dr1lGYMqpTO0aHDPpADatR5icB4H0/rJ3e8fUkhP2DkgnQjtKu5uXd
utkosO9yCcrKiafHMyWXKWARl+MmNzl36NBS5OLDst+NY1U8ctpIzALtDTN5Gy1h
X2KSSvhlbEArCw==
-----END CERTIFICATE-----