Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
File:                     zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json)
Hash identifier:          xSozLC5NJoDKkmd72FwgUc+5NuQpEeCn6MRaS5givSU=
Subject key identifier:   C9:C2:68:8B:D4:9F:9C:D6:A8:BC:1C:D2:13:C5:8B:51:75:CA:0D:08
Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21
Certificate issuer:       /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
Certificate serial:       01964A0FC619BE9D4226CFFA0EB69BA3885B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
Manifest number:          14F8
Signing time:             Fri 18 Apr 2025 18:01:09 +0000
Manifest this update:     Fri 18 Apr 2025 18:01:09 +0000
Manifest next update:     Sat 19 Apr 2025 18:01:09 +0000
Files and hashes:         1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: igyctpLtiI9qDFgCEtb4k4Hh07rQOntLDBmwPpiKwW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 18:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:0f:c6:19:be:9d:42:26:cf:fa:0e:b6:9b:a3:88:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
        Validity
            Not Before: Apr 18 18:01:09 2025 GMT
            Not After : Apr 19 18:01:09 2025 GMT
        Subject: CN=c9c2688bd49f9cd6a8bc1cd213c58b5175ca0d08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:00:ec:93:88:be:74:56:2a:55:a8:12:21:70:
                    67:5b:af:a8:0e:3f:7b:57:1a:e9:0e:0c:0f:06:1e:
                    ef:b9:4e:e3:c9:b5:0d:2d:ec:a3:af:07:11:81:dc:
                    25:6e:3b:7b:a8:3a:8c:3c:10:e3:e1:75:ce:d6:a4:
                    15:9b:ca:12:88:fc:e5:fa:ef:20:ef:4a:c7:9d:d3:
                    8c:f4:5f:98:a9:92:08:07:13:dc:8f:e4:b8:df:05:
                    1e:b5:3a:0f:58:72:30:e4:58:2f:77:7a:56:88:75:
                    30:68:cd:c6:d9:d3:9e:78:28:e9:80:03:53:5f:7b:
                    76:c1:8c:79:14:6d:29:b6:08:8c:32:95:a7:61:90:
                    bb:11:80:c4:5c:af:9e:fa:dd:67:3d:6a:ee:81:f1:
                    e9:ed:41:20:c8:33:81:7f:a5:ac:ce:83:9d:04:36:
                    9e:53:12:64:dc:43:38:b4:94:6e:05:06:68:a0:31:
                    a4:25:8e:2d:85:48:36:fd:a6:7f:eb:da:17:37:86:
                    c7:6f:f2:62:a2:13:95:f9:e9:66:5d:4b:3c:70:de:
                    bd:61:b9:f8:c5:4c:6c:eb:8e:eb:2d:b5:de:c2:02:
                    fd:a9:fa:55:42:15:02:4a:c1:c7:d3:03:74:9a:b0:
                    6f:73:4d:20:b1:f6:67:79:60:89:ea:a9:f2:e7:8c:
                    ca:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:C2:68:8B:D4:9F:9C:D6:A8:BC:1C:D2:13:C5:8B:51:75:CA:0D:08
            X509v3 Authority Key Identifier:
                keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:59:e9:0b:fa:36:3f:7e:79:9d:f6:c3:1e:70:74:cd:e3:51:
         93:4c:4f:98:5b:55:36:86:03:e7:47:ac:84:2e:d2:d5:09:c8:
         42:d9:e4:cf:60:34:e4:e3:6b:18:a4:fc:7f:9a:c4:f1:7a:6a:
         29:96:46:e3:05:65:9c:f3:f9:21:59:91:b0:e6:2b:56:5c:42:
         b9:07:d4:06:60:e0:a9:50:b9:d8:27:f0:c6:24:ca:3b:ae:ba:
         60:fd:41:79:55:53:21:cb:42:b1:0f:49:60:97:e6:b5:91:55:
         8b:3d:da:0a:e8:62:80:1d:7f:8e:34:58:d5:70:50:b4:7b:47:
         e1:f8:0a:d8:3c:44:9a:a7:8a:6c:c1:65:04:ff:e6:49:24:1a:
         cf:ed:de:2f:cb:4f:8a:e4:56:36:e5:02:bf:60:7f:3b:bc:1c:
         e2:dd:06:cf:3d:4a:df:64:56:9c:a3:95:8a:3d:ea:59:78:d4:
         1a:27:01:02:36:ff:63:d2:10:1a:1b:34:4e:84:8c:57:e7:06:
         82:95:1a:b4:09:67:54:64:30:73:38:be:fd:0c:35:09:d2:8f:
         cf:d3:82:0f:30:83:66:4c:01:98:19:83:19:0f:4b:db:72:2c:
         c3:a5:eb:0a:5f:b4:ce:83:04:70:2a:81:a3:87:22:f4:f6:02:
         b6:72:77:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKD8YZvp1CJs/6Drabo4hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm
MTBlMjEwHhcNMjUwNDE4MTgwMTA5WhcNMjUwNDE5MTgwMTA5WjAzMTEwLwYDVQQD
EyhjOWMyNjg4YmQ0OWY5Y2Q2YThiYzFjZDIxM2M1OGI1MTc1Y2EwZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwDsk4i+dFYqVagSIXBnW6+oDj97
VxrpDgwPBh7vuU7jybUNLeyjrwcRgdwlbjt7qDqMPBDj4XXO1qQVm8oSiPzl+u8g
70rHndOM9F+YqZIIBxPcj+S43wUetToPWHIw5Fgvd3pWiHUwaM3G2dOeeCjpgANT
X3t2wYx5FG0ptgiMMpWnYZC7EYDEXK+e+t1nPWrugfHp7UEgyDOBf6WszoOdBDae
UxJk3EM4tJRuBQZooDGkJY4thUg2/aZ/69oXN4bHb/JiohOV+elmXUs8cN69Ybn4
xUxs647rLbXewgL9qfpVQhUCSsHH0wN0mrBvc00gsfZneWCJ6qny54zKXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnCaIvUn5zWqLwc0hPFi1F1yg0IMB8GA1UdIwQY
MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt
OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl
LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYVnpC/o2
P355nfbDHnB0zeNRk0xPmFtVNoYD50eshC7S1QnIQtnkz2A05ONrGKT8f5rE8Xpq
KZZG4wVlnPP5IVmRsOYrVlxCuQfUBmDgqVC52CfwxiTKO666YP1BeVVTIctCsQ9J
YJfmtZFViz3aCuhigB1/jjRY1XBQtHtH4fgK2DxEmqeKbMFlBP/mSSQaz+3eL8tP
iuRWNuUCv2B/O7wc4t0Gzz1K32RWnKOVij3qWXjUGicBAjb/Y9IQGhs0ToSMV+cG
gpUatAlnVGQwczi+/Qw1CdKPz9OCDzCDZkwBmBmDGQ9L23Isw6XrCl+0zoMEcCqB
o4ci9PYCtnJ3cA==
-----END CERTIFICATE-----