Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          TBBfO/t2DIQ2Z1KU48r/qep09ZkZ4Zmj8kUhraYO3O0=
Subject key identifier:   2B:8C:C9:A5:D7:9D:BE:16:A4:F1:7C:7A:2C:7D:22:4C:1A:68:4B:1C
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       01974C6A0294A7278BCE0DE14B701387AA53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          1063
Signing time:             Sat 07 Jun 2025 22:01:45 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:45 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:45 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: UQpU1Fwvfi9/Q5z4N0w2VTE604lMhWYWVEwhrOXAVts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:6a:02:94:a7:27:8b:ce:0d:e1:4b:70:13:87:aa:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Jun  7 22:01:45 2025 GMT
            Not After : Jun  8 22:01:45 2025 GMT
        Subject: CN=2b8cc9a5d79dbe16a4f17c7a2c7d224c1a684b1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:d5:e0:2c:6c:d6:1f:2d:4b:ca:32:7c:91:98:
                    1b:6e:56:a5:e4:ec:73:a6:d9:bd:9f:2c:13:98:38:
                    b2:3a:fd:f9:20:95:27:6a:b5:82:76:7e:85:31:87:
                    71:d3:60:55:93:d5:17:d6:72:ef:05:a0:da:35:42:
                    6d:e9:89:83:4f:39:40:c3:23:99:ad:94:91:86:e0:
                    b2:78:2b:2f:46:3d:36:71:b3:c1:a1:49:b2:a0:2e:
                    39:e1:a1:0c:10:49:dc:6c:56:e0:dd:58:fb:8d:b7:
                    09:43:75:db:78:72:d6:18:45:8a:e3:fa:5d:09:0e:
                    f4:4b:9d:a3:0f:39:14:c7:c7:09:1f:00:31:05:37:
                    79:13:4b:09:39:7b:a3:59:c9:03:93:05:ea:c5:95:
                    11:bf:ad:7d:98:47:42:7e:c9:04:24:a3:6d:62:6d:
                    a3:af:c4:d8:97:1c:99:f4:c8:67:a4:90:fe:35:11:
                    09:91:2d:e3:93:9c:71:4a:46:82:49:6f:01:89:38:
                    50:61:2e:5e:3a:ec:ca:09:6c:e0:e1:f9:a7:14:91:
                    db:9b:08:d6:0f:4c:a2:6c:1f:a4:60:8f:88:e4:d6:
                    64:0d:90:9c:7c:a7:a1:a3:12:99:64:b9:9a:c3:cf:
                    78:22:30:19:57:16:b2:99:32:5a:a2:34:b1:75:51:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:8C:C9:A5:D7:9D:BE:16:A4:F1:7C:7A:2C:7D:22:4C:1A:68:4B:1C
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:b3:49:93:16:a0:4f:c4:1a:51:5d:d4:28:fb:1d:10:ce:27:
         b5:c5:6f:dd:36:59:5d:97:cf:7b:e6:8e:06:b2:ed:47:f2:3d:
         c8:3a:70:b6:2b:39:91:57:59:b2:76:7a:4e:46:7d:2b:48:33:
         35:28:47:cd:bf:ac:d4:ef:50:ed:b1:33:4c:ca:02:44:31:ca:
         19:df:0d:02:8b:64:c0:20:75:e2:20:62:ff:d1:b0:87:b3:87:
         0f:91:77:ff:b5:dc:14:ff:50:af:43:a2:33:34:dd:8b:05:16:
         ba:a4:28:6d:c3:b5:dc:8e:c8:5a:a2:f4:f8:e3:e4:54:31:e5:
         9a:05:7c:ea:b7:84:8e:2b:61:e6:bf:c8:10:a5:a5:76:c0:d7:
         75:37:2e:b5:85:e1:a0:b2:cb:9d:d6:cb:76:4c:18:8f:42:ba:
         cd:d6:3b:21:f0:a4:48:f5:68:47:42:10:9b:33:ab:15:83:75:
         91:5c:ad:5f:7d:72:65:69:1c:95:fa:43:09:34:e7:f9:c4:33:
         f6:4c:e3:94:05:40:f9:0a:d0:90:06:a6:8c:5a:3c:c1:17:64:
         e5:6b:16:cd:c2:81:c2:a2:b0:b4:e6:4b:51:c1:02:70:8d:00:
         9b:92:e8:84:6e:44:b4:53:0d:60:36:32:52:6c:6e:bd:50:b3:
         8c:e8:86:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMagKUpyeLzg3hS3ATh6pTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjUwNjA3MjIwMTQ1WhcNMjUwNjA4MjIwMTQ1WjAzMTEwLwYDVQQD
EygyYjhjYzlhNWQ3OWRiZTE2YTRmMTdjN2EyYzdkMjI0YzFhNjg0YjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dXgLGzWHy1LyjJ8kZgbblal5Oxz
ptm9nywTmDiyOv35IJUnarWCdn6FMYdx02BVk9UX1nLvBaDaNUJt6YmDTzlAwyOZ
rZSRhuCyeCsvRj02cbPBoUmyoC454aEMEEncbFbg3Vj7jbcJQ3XbeHLWGEWK4/pd
CQ70S52jDzkUx8cJHwAxBTd5E0sJOXujWckDkwXqxZURv619mEdCfskEJKNtYm2j
r8TYlxyZ9MhnpJD+NREJkS3jk5xxSkaCSW8BiThQYS5eOuzKCWzg4fmnFJHbmwjW
D0yibB+kYI+I5NZkDZCcfKehoxKZZLmaw894IjAZVxaymTJaojSxdVGEGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuMyaXXnb4WpPF8eix9IkwaaEscMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq7NJkxag
T8QaUV3UKPsdEM4ntcVv3TZZXZfPe+aOBrLtR/I9yDpwtis5kVdZsnZ6TkZ9K0gz
NShHzb+s1O9Q7bEzTMoCRDHKGd8NAotkwCB14iBi/9Gwh7OHD5F3/7XcFP9Qr0Oi
MzTdiwUWuqQobcO13I7IWqL0+OPkVDHlmgV86reEjith5r/IEKWldsDXdTcutYXh
oLLLndbLdkwYj0K6zdY7IfCkSPVoR0IQmzOrFYN1kVytX31yZWkclfpDCTTn+cQz
9kzjlAVA+QrQkAamjFo8wRdk5WsWzcKBwqKwtOZLUcECcI0Am5LohG5EtFMNYDYy
UmxuvVCzjOiGMQ==
-----END CERTIFICATE-----