Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
File:                     zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json)
Hash identifier:          A68/5a6qPfKh+Gs0PQFBlH8DZOQ2PBluhwrCPzsaK5M=
Subject key identifier:   96:9D:0A:CD:EF:5A:A5:CE:19:C4:02:0A:12:73:CD:8C:E5:76:33:9D
Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21
Certificate issuer:       /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
Certificate serial:       01974AE8AD2905968F144CCA6EEC576F0128
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
Manifest number:          157D
Signing time:             Sat 07 Jun 2025 15:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:51 +0000
Files and hashes:         1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: FZ0oZmEXVZmxv0PbM+qJEjIzy87Ek72gvWT9BnIiLxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:ad:29:05:96:8f:14:4c:ca:6e:ec:57:6f:01:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
        Validity
            Not Before: Jun  7 15:00:51 2025 GMT
            Not After : Jun  8 15:00:51 2025 GMT
        Subject: CN=969d0acdef5aa5ce19c4020a1273cd8ce576339d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a3:26:49:e3:02:10:8f:8c:b7:42:71:ba:bc:
                    dc:c2:bf:e6:d4:9a:94:e0:1b:00:34:74:1f:d0:5b:
                    02:49:80:23:f7:52:43:d5:f5:fc:82:2e:cd:bd:8f:
                    fe:12:d0:ba:65:a8:45:4c:41:69:b4:ea:db:0c:d6:
                    2e:cc:1b:8e:f4:e1:37:a1:d3:cb:19:f2:1f:60:51:
                    94:fd:72:e1:4f:a5:a1:3d:6b:41:c3:48:e9:39:55:
                    d7:2a:a4:02:a2:b2:04:48:ec:33:c0:bf:6f:f0:67:
                    7a:67:f2:2c:b7:12:cd:e4:54:b2:82:bb:b0:c2:eb:
                    1c:cc:55:fa:ff:a6:e6:59:a3:aa:e4:ab:46:48:67:
                    2d:03:12:21:67:fe:b8:9a:72:4c:f0:d4:77:5b:0d:
                    c5:63:ce:42:77:3e:da:22:a8:91:58:28:96:41:25:
                    19:e8:8a:c6:a6:94:80:ff:ef:92:6f:65:a4:2c:21:
                    1c:36:5e:47:a6:1c:81:83:01:90:ee:53:6d:14:8b:
                    ae:bc:29:f3:bb:a5:3d:99:15:6d:fe:2f:3f:1f:ae:
                    2f:d5:8b:8f:3a:ed:31:ce:14:31:28:30:69:61:61:
                    9c:a4:a3:86:8d:3f:bc:7c:c4:66:18:78:30:8f:e0:
                    1d:53:ca:be:4c:6f:3b:ce:fd:a6:f5:c9:a6:53:e7:
                    28:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:9D:0A:CD:EF:5A:A5:CE:19:C4:02:0A:12:73:CD:8C:E5:76:33:9D
            X509v3 Authority Key Identifier:
                keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:45:ea:55:23:90:29:c1:6f:77:ba:38:11:2d:ea:b8:02:6a:
         e6:6f:82:c7:39:82:1a:76:7b:97:0f:46:9c:a4:3b:b7:3a:d5:
         c0:51:a0:34:50:4c:1c:92:5c:23:69:8b:fd:26:7f:e1:3c:6f:
         87:e0:eb:60:03:c0:00:ff:39:88:34:64:34:73:54:59:a2:d8:
         70:d7:ca:0c:8e:77:2e:6f:47:91:30:fa:f2:8a:0d:ae:5e:00:
         fc:85:55:cd:2a:bb:2b:a4:74:c6:8f:e6:cb:87:4c:ee:c9:cc:
         36:b8:b9:48:0e:74:54:88:c1:95:b1:24:ff:7b:7d:30:b9:0d:
         7d:bf:b6:9d:f6:b2:dd:28:d3:06:cb:07:65:3f:db:77:95:cc:
         3b:23:1e:60:a7:ff:71:9f:da:cf:7d:dd:5b:0a:30:72:f5:05:
         22:33:36:e3:cb:fa:ed:0e:75:68:db:f2:6a:ac:72:9d:10:65:
         c9:c5:48:1b:1d:bb:ae:5e:6a:79:0a:19:4d:ea:29:9f:96:1f:
         92:21:a9:0d:cf:71:dd:d4:8c:75:38:aa:e2:3b:49:60:e8:b2:
         d6:ec:60:e0:c8:3a:d6:cf:c5:ca:bd:63:b4:bb:84:9d:82:5b:
         89:94:b9:ca:ee:76:bd:b8:0f:a1:cf:98:7c:db:11:c1:2d:f5:
         cb:68:09:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6K0pBZaPFEzKbuxXbwEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm
MTBlMjEwHhcNMjUwNjA3MTUwMDUxWhcNMjUwNjA4MTUwMDUxWjAzMTEwLwYDVQQD
Eyg5NjlkMGFjZGVmNWFhNWNlMTljNDAyMGExMjczY2Q4Y2U1NzYzMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaMmSeMCEI+Mt0Jxurzcwr/m1JqU
4BsANHQf0FsCSYAj91JD1fX8gi7NvY/+EtC6ZahFTEFptOrbDNYuzBuO9OE3odPL
GfIfYFGU/XLhT6WhPWtBw0jpOVXXKqQCorIESOwzwL9v8Gd6Z/IstxLN5FSygruw
wusczFX6/6bmWaOq5KtGSGctAxIhZ/64mnJM8NR3Ww3FY85Cdz7aIqiRWCiWQSUZ
6IrGppSA/++Sb2WkLCEcNl5HphyBgwGQ7lNtFIuuvCnzu6U9mRVt/i8/H64v1YuP
Ou0xzhQxKDBpYWGcpKOGjT+8fMRmGHgwj+AdU8q+TG87zv2m9cmmU+co9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJadCs3vWqXOGcQCChJzzYzldjOdMB8GA1UdIwQY
MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt
OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl
LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0XqVSOQ
KcFvd7o4ES3quAJq5m+CxzmCGnZ7lw9GnKQ7tzrVwFGgNFBMHJJcI2mL/SZ/4Txv
h+DrYAPAAP85iDRkNHNUWaLYcNfKDI53Lm9HkTD68ooNrl4A/IVVzSq7K6R0xo/m
y4dM7snMNri5SA50VIjBlbEk/3t9MLkNfb+2nfay3SjTBssHZT/bd5XMOyMeYKf/
cZ/az33dWwowcvUFIjM248v67Q51aNvyaqxynRBlycVIGx27rl5qeQoZTeopn5Yf
kiGpDc9x3dSMdTiq4jtJYOiy1uxg4Mg61s/Fyr1jtLuEnYJbiZS5yu52vbgPoc+Y
fNsRwS31y2gJnA==
-----END CERTIFICATE-----