Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          cmZYp4tyx3U812GYua9GXmV+gV0WKYFzRSDfRkoVpy4=
Subject key identifier:   8E:F2:C5:B4:CC:8D:D3:0F:A2:5C:82:31:B6:85:8F:7A:FA:DA:EC:FB
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       01974742B1566FDA464B6A8595883A365EE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          091B
Signing time:             Fri 06 Jun 2025 22:00:42 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:42 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:42 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: eX69fqqVevg8MYOOAv35eOqs6EJtXSvgGpxA7sZBsxs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:b1:56:6f:da:46:4b:6a:85:95:88:3a:36:5e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Jun  6 22:00:42 2025 GMT
            Not After : Jun  7 22:00:42 2025 GMT
        Subject: CN=8ef2c5b4cc8dd30fa25c8231b6858f7afadaecfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:be:e1:de:4c:14:e3:47:10:b1:16:8b:e3:6f:
                    74:92:1e:52:dc:69:72:a4:d2:06:45:dd:23:ff:62:
                    ea:8b:81:b4:89:43:b5:58:22:8d:90:39:e1:c8:36:
                    2c:49:f7:bc:a9:3a:76:ab:2b:5c:5a:da:61:00:5f:
                    d9:6a:07:41:96:85:9a:82:0d:65:41:75:13:0c:ab:
                    5d:57:3b:a9:bc:8d:f2:a9:65:53:56:2b:2f:c3:46:
                    84:04:f2:76:1c:63:09:42:f9:c5:18:27:1b:f9:7d:
                    9f:73:15:79:91:28:ae:f0:3e:35:d1:26:dc:98:c6:
                    83:dd:2a:d4:cc:37:4a:41:48:6d:af:52:9b:b2:a5:
                    bb:29:4e:85:ba:0b:ec:e0:fc:c0:f6:3a:2b:53:a2:
                    e0:21:b9:14:fa:e0:29:ad:79:55:f6:b3:63:56:7d:
                    07:cb:a1:d2:2f:28:18:fb:01:0e:72:09:35:90:ce:
                    ba:40:7f:bc:5a:37:11:a8:be:ea:7e:25:6f:11:0d:
                    f5:14:9e:ce:6c:7f:65:27:b3:d5:7f:d5:64:af:60:
                    42:3e:fb:80:90:b0:c7:27:4a:7b:19:3a:f2:e4:1c:
                    f0:d6:08:61:f2:1c:61:ca:8f:a9:02:b5:41:d3:7c:
                    a8:e7:02:b2:ec:4c:51:ae:48:86:ff:75:4c:57:3a:
                    1a:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:F2:C5:B4:CC:8D:D3:0F:A2:5C:82:31:B6:85:8F:7A:FA:DA:EC:FB
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:7d:49:80:7a:40:1f:af:62:cd:2b:62:de:cb:8e:f2:86:0c:
         cc:33:04:40:c4:83:49:8b:63:18:34:19:ed:9a:52:32:a0:21:
         20:9b:3c:90:13:0a:b2:8b:5b:84:6c:4c:b7:a3:47:ea:54:07:
         8f:b4:74:9c:89:da:d1:e5:1f:55:fc:7c:9a:dc:96:5f:07:0c:
         91:64:e3:29:56:3f:65:22:e6:b4:4b:2c:18:60:c4:84:95:68:
         39:e4:14:0c:10:f0:d2:36:77:8b:29:a5:d3:4a:12:8f:96:f0:
         aa:f6:db:5a:37:b4:b0:88:13:75:5d:6b:87:66:11:3f:5f:14:
         2f:2c:f1:74:c4:29:e3:18:96:3b:a7:58:f7:25:6e:5a:fb:97:
         6a:bf:98:15:fa:7d:6a:73:21:d0:b2:54:b2:6a:b2:28:58:f8:
         39:c1:5f:5a:b7:12:e2:ea:22:d8:0e:ce:00:7b:e6:eb:0d:c9:
         7f:2d:1e:f3:9b:25:ab:44:b0:4a:a5:22:97:5c:e0:cf:e8:47:
         a5:ee:7c:04:cc:79:df:87:3e:7e:16:32:aa:21:ec:48:c2:62:
         73:68:6d:d0:d8:10:fd:9f:84:50:a8:65:a2:f2:db:54:ea:a8:
         3f:7d:98:1f:69:a6:f1:fc:80:8a:31:e7:d4:06:a8:04:47:15:
         f9:26:63:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQrFWb9pGS2qFlYg6Nl7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwNjA2MjIwMDQyWhcNMjUwNjA3MjIwMDQyWjAzMTEwLwYDVQQD
Eyg4ZWYyYzViNGNjOGRkMzBmYTI1YzgyMzFiNjg1OGY3YWZhZGFlY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL7h3kwU40cQsRaL4290kh5S3Gly
pNIGRd0j/2Lqi4G0iUO1WCKNkDnhyDYsSfe8qTp2qytcWtphAF/ZagdBloWagg1l
QXUTDKtdVzupvI3yqWVTVisvw0aEBPJ2HGMJQvnFGCcb+X2fcxV5kSiu8D410Sbc
mMaD3SrUzDdKQUhtr1KbsqW7KU6Fugvs4PzA9jorU6LgIbkU+uAprXlV9rNjVn0H
y6HSLygY+wEOcgk1kM66QH+8WjcRqL7qfiVvEQ31FJ7ObH9lJ7PVf9Vkr2BCPvuA
kLDHJ0p7GTry5Bzw1ghh8hxhyo+pArVB03yo5wKy7ExRrkiG/3VMVzoa+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7yxbTMjdMPolyCMbaFj3r62uz7MB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMX1JgHpA
H69izSti3suO8oYMzDMEQMSDSYtjGDQZ7ZpSMqAhIJs8kBMKsotbhGxMt6NH6lQH
j7R0nIna0eUfVfx8mtyWXwcMkWTjKVY/ZSLmtEssGGDEhJVoOeQUDBDw0jZ3iyml
00oSj5bwqvbbWje0sIgTdV1rh2YRP18ULyzxdMQp4xiWO6dY9yVuWvuXar+YFfp9
anMh0LJUsmqyKFj4OcFfWrcS4uoi2A7OAHvm6w3Jfy0e85slq0SwSqUil1zgz+hH
pe58BMx534c+fhYyqiHsSMJic2ht0NgQ/Z+EUKhlovLbVOqoP32YH2mm8fyAijHn
1AaoBEcV+SZjtQ==
-----END CERTIFICATE-----