Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
File:                     zQwDKJL2la9ME_sKyoBD0Xsbl78.mft (raw, json)
Hash identifier:          9h/N4cu3YsYj9VGke3wHhTSiueyv45xUtAtgfLOv6Gg=
Subject key identifier:   84:7A:98:4B:27:13:57:4B:3D:E4:02:24:69:2F:27:FB:39:CC:D0:C7
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Certificate issuer:       /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial:       01974D4478CE7ABFD9F396E856328C12FC67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
Manifest number:          0920
Signing time:             Sun 08 Jun 2025 02:00:22 +0000
Manifest this update:     Sun 08 Jun 2025 02:00:22 +0000
Manifest next update:     Mon 09 Jun 2025 02:00:22 +0000
Files and hashes:         1: zQwDKJL2la9ME_sKyoBD0Xsbl78.crl (hash: cKOPGWoTofnBvgkAh0w+b/vFDnXIannUPMsPteS7h/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:44:78:ce:7a:bf:d9:f3:96:e8:56:32:8c:12:fc:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
        Validity
            Not Before: Jun  8 02:00:22 2025 GMT
            Not After : Jun  9 02:00:22 2025 GMT
        Subject: CN=847a984b2713574b3de40224692f27fb39ccd0c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:74:bd:ad:a9:64:e1:da:28:4b:ed:a3:11:96:
                    a9:f5:49:77:3e:a1:4b:10:fd:62:8f:00:86:6d:81:
                    95:91:91:11:d4:c1:26:0a:91:ec:7d:c1:01:03:62:
                    d0:59:6a:57:21:65:28:c5:bd:a4:65:97:0e:e9:13:
                    0e:a9:21:d0:f0:e4:61:e7:de:6e:9a:b2:67:c4:c6:
                    97:64:97:7a:4c:9e:b5:88:64:09:1c:82:e7:88:d1:
                    eb:9f:86:d3:ef:e2:7e:94:4b:3f:93:ce:1d:b6:ca:
                    d6:f8:86:d6:c5:29:d2:a8:85:64:4d:89:83:5a:b5:
                    54:b5:cf:54:fc:67:ab:9c:76:79:26:d9:ce:4e:70:
                    d2:42:06:c2:9c:83:d9:cd:19:d6:92:be:3b:eb:15:
                    ac:bd:95:ed:ec:7a:a0:17:12:a8:fe:b9:07:a6:a5:
                    13:c3:46:9b:8d:2a:26:fb:ac:b4:4d:09:dc:9a:48:
                    cd:3c:f0:66:92:d3:1d:52:38:51:c3:84:e2:b7:ab:
                    2d:ef:cb:0a:5a:74:94:1b:3a:b4:ca:19:cb:f7:d8:
                    fc:df:80:e2:0a:f0:f1:47:d1:2a:73:0b:d0:bf:15:
                    4b:2c:e4:a9:2a:8c:88:ed:90:74:d8:ed:cc:ed:9a:
                    60:ea:52:3d:d6:61:29:6e:e7:70:00:61:cf:56:6d:
                    c2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:7A:98:4B:27:13:57:4B:3D:E4:02:24:69:2F:27:FB:39:CC:D0:C7
            X509v3 Authority Key Identifier:
                keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:d7:7c:4a:51:21:9e:89:4b:e9:7e:7a:2d:da:cc:54:e5:3d:
         7a:ce:32:33:23:dd:9e:8c:99:5a:0f:bd:bd:af:a3:87:27:7c:
         08:36:26:5f:89:7b:90:bc:73:8b:31:26:59:74:ee:d5:e5:eb:
         fc:56:3e:75:8b:da:52:f2:2b:69:7c:4d:e9:9b:f4:8b:71:da:
         4d:7d:4b:db:fa:f4:dd:e5:8b:38:3e:23:13:67:1e:fc:ba:b0:
         77:34:6d:25:b6:a0:92:11:54:29:73:28:22:8e:9c:5f:30:8f:
         e2:37:79:09:21:7f:a2:b8:50:27:82:22:f3:92:e2:b4:80:b7:
         bb:e6:a5:a4:f6:cf:3a:98:83:10:07:f2:82:74:7f:b7:f5:af:
         07:7f:84:f8:59:46:21:cd:0e:4e:36:90:73:c0:d2:1a:79:66:
         d5:6e:5d:88:0a:fd:b8:0a:1c:19:16:20:f7:2c:4b:55:92:bb:
         cf:a9:8a:b6:bb:46:10:a8:79:66:d0:d4:26:c6:1e:10:64:f2:
         e0:85:76:b0:a4:0c:5e:57:17:02:a3:cb:b0:ae:5e:8f:0f:64:
         8f:2c:fa:82:a3:4a:61:98:35:23:2c:71:58:92:75:17:72:c5:
         33:70:70:d3:4a:fc:95:86:a4:7f:85:b5:5a:9f:ee:54:b0:5b:
         bc:a5:5f:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRHjOer/Z85boVjKMEvxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjUwNjA4MDIwMDIyWhcNMjUwNjA5MDIwMDIyWjAzMTEwLwYDVQQD
Eyg4NDdhOTg0YjI3MTM1NzRiM2RlNDAyMjQ2OTJmMjdmYjM5Y2NkMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nS9ralk4dooS+2jEZap9Ul3PqFL
EP1ijwCGbYGVkZER1MEmCpHsfcEBA2LQWWpXIWUoxb2kZZcO6RMOqSHQ8ORh595u
mrJnxMaXZJd6TJ61iGQJHILniNHrn4bT7+J+lEs/k84dtsrW+IbWxSnSqIVkTYmD
WrVUtc9U/GernHZ5JtnOTnDSQgbCnIPZzRnWkr476xWsvZXt7HqgFxKo/rkHpqUT
w0abjSom+6y0TQncmkjNPPBmktMdUjhRw4Tit6st78sKWnSUGzq0yhnL99j834Di
CvDxR9EqcwvQvxVLLOSpKoyI7ZB02O3M7Zpg6lI91mEpbudwAGHPVm3CBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIR6mEsnE1dLPeQCJGkvJ/s5zNDHMB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNd8SlEh
nolL6X56LdrMVOU9es4yMyPdnoyZWg+9va+jhyd8CDYmX4l7kLxzizEmWXTu1eXr
/FY+dYvaUvIraXxN6Zv0i3HaTX1L2/r03eWLOD4jE2ce/LqwdzRtJbagkhFUKXMo
Io6cXzCP4jd5CSF/orhQJ4Ii85LitIC3u+alpPbPOpiDEAfygnR/t/WvB3+E+FlG
Ic0OTjaQc8DSGnlm1W5diAr9uAocGRYg9yxLVZK7z6mKtrtGEKh5ZtDUJsYeEGTy
4IV2sKQMXlcXAqPLsK5ejw9kjyz6gqNKYZg1IyxxWJJ1F3LFM3Bw00r8lYakf4W1
Wp/uVLBbvKVfrg==
-----END CERTIFICATE-----