Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
File:                     zRvlrhITa5bNnXilwkykct6Ixlg.mft (raw, json)
Hash identifier:          s6Pi6vlm4xHCRwGhgFZqLrsOit1XQ+lRZDKXfMwUa7M=
Subject key identifier:   9C:FC:B1:0D:36:10:83:D7:76:06:5F:E2:A4:93:A2:0E:F4:59:CF:D4
Authority key identifier: CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58
Certificate issuer:       /CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
Certificate serial:       0197CA95281CAB4301D2670BA2E8B5F05E3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
Manifest number:          07F2
Signing time:             Wed 02 Jul 2025 10:01:02 +0000
Manifest this update:     Wed 02 Jul 2025 10:01:02 +0000
Manifest next update:     Thu 03 Jul 2025 10:01:02 +0000
Files and hashes:         1: zRvlrhITa5bNnXilwkykct6Ixlg.crl (hash: as0ic71lwx2g9aky8LxPKwNpP5vMfZWl/pNH0iyuDm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 10:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:95:28:1c:ab:43:01:d2:67:0b:a2:e8:b5:f0:5e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
        Validity
            Not Before: Jul  2 10:01:02 2025 GMT
            Not After : Jul  3 10:01:02 2025 GMT
        Subject: CN=9cfcb10d361083d776065fe2a493a20ef459cfd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a9:c1:c6:75:ba:d0:ff:ca:d0:1f:53:d6:c9:
                    57:47:25:ad:ce:d8:64:51:66:61:99:22:0a:b6:24:
                    c7:c1:5f:da:04:64:3e:d7:aa:fb:cf:fc:ad:81:31:
                    42:09:9a:1d:ce:8f:5c:ff:3f:c4:77:59:a5:d4:da:
                    a1:67:80:76:f2:3e:c8:70:8f:a9:2e:0e:f9:5d:ee:
                    db:82:6e:51:46:5d:05:f7:3d:d5:a6:ce:22:58:cb:
                    2e:32:d6:33:e6:d2:94:9b:ca:4f:2c:a9:e8:7c:3c:
                    f1:b8:f7:31:65:c8:7a:6a:8f:7b:2b:95:76:5a:f0:
                    67:ad:51:41:88:4b:2e:b1:cc:05:10:f2:02:4f:1b:
                    6c:ca:ec:c0:11:55:52:7f:41:b4:0a:49:b5:6f:ae:
                    6d:0e:df:29:13:a7:c0:35:32:00:16:58:b6:e9:23:
                    20:f0:02:eb:32:fc:44:ba:f3:91:07:d1:52:ba:33:
                    38:d3:87:d4:3f:be:3d:14:6c:04:e5:db:eb:6b:67:
                    c2:d7:1a:1b:ba:77:b6:c2:9c:25:d0:df:9e:b1:53:
                    ea:d6:4f:56:da:1d:77:e6:51:4e:b1:d7:8c:01:0f:
                    60:7c:6f:49:39:4e:51:7b:e8:22:d4:d0:9b:c4:24:
                    44:28:3c:2d:d8:37:a8:0c:db:35:6a:ee:aa:e3:f2:
                    2c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:FC:B1:0D:36:10:83:D7:76:06:5F:E2:A4:93:A2:0E:F4:59:CF:D4
            X509v3 Authority Key Identifier:
                keyid:CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:ea:16:50:27:9c:ce:10:39:7f:1c:68:c7:bd:f6:a5:f3:25:
         57:69:90:94:f7:f9:a8:78:90:42:f2:b4:e9:dd:30:87:0f:f4:
         d6:21:2d:91:40:71:10:fb:85:89:ea:1b:83:13:bf:6e:6f:ea:
         95:d2:eb:f4:ab:11:bc:e5:aa:5a:8d:ca:22:8d:0c:18:3d:21:
         0e:77:94:60:c0:ff:d5:74:71:32:fb:a2:ad:56:d7:ed:a2:4e:
         31:5a:cf:f5:b5:63:76:4b:91:66:40:49:9b:30:58:47:34:f5:
         bf:7d:25:b9:24:23:d5:ae:e0:f7:65:59:20:e1:24:50:24:3a:
         c4:6b:43:33:e5:2d:a2:3b:6e:37:c0:21:07:ec:f7:2f:f4:92:
         07:5a:5a:d5:dd:68:d5:1d:4c:ad:e1:ec:6f:07:5b:81:40:3f:
         8c:14:6f:0e:21:29:18:e2:34:9f:db:53:e7:67:69:a6:c8:a7:
         b2:80:9f:2b:04:9c:47:8d:6f:74:72:1d:8e:44:a0:b0:c1:f2:
         07:73:98:bb:66:ad:b1:15:a8:81:1d:8c:76:58:2f:cc:60:0e:
         48:ca:d6:13:35:78:73:17:bc:b3:0d:27:46:50:63:62:a0:df:
         11:62:94:84:c1:10:86:44:89:f3:50:06:06:a2:47:0a:a0:d2:
         78:27:c5:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKlSgcq0MB0mcLoui18F49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWJlNWFlMTIxMzZiOTZjZDlkNzhhNWMyNGNhNDcyZGU4
OGM2NTgwHhcNMjUwNzAyMTAwMTAyWhcNMjUwNzAzMTAwMTAyWjAzMTEwLwYDVQQD
Eyg5Y2ZjYjEwZDM2MTA4M2Q3NzYwNjVmZTJhNDkzYTIwZWY0NTljZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6nBxnW60P/K0B9T1slXRyWtzthk
UWZhmSIKtiTHwV/aBGQ+16r7z/ytgTFCCZodzo9c/z/Ed1ml1NqhZ4B28j7IcI+p
Lg75Xe7bgm5RRl0F9z3Vps4iWMsuMtYz5tKUm8pPLKnofDzxuPcxZch6ao97K5V2
WvBnrVFBiEsuscwFEPICTxtsyuzAEVVSf0G0Ckm1b65tDt8pE6fANTIAFli26SMg
8ALrMvxEuvORB9FSujM404fUP749FGwE5dvra2fC1xobune2wpwl0N+esVPq1k9W
2h135lFOsdeMAQ9gfG9JOU5Re+gi1NCbxCREKDwt2DeoDNs1au6q4/IsjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJz8sQ02EIPXdgZf4qSTog70Wc/UMB8GA1UdIwQY
MBaAFM0b5a4SE2uWzZ14pcJMpHLeiMZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgt
NWYxNmRlNWM4NjU4LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgtNWYxNmRlNWM4NjU4
LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjuoWUCec
zhA5fxxox732pfMlV2mQlPf5qHiQQvK06d0whw/01iEtkUBxEPuFieobgxO/bm/q
ldLr9KsRvOWqWo3KIo0MGD0hDneUYMD/1XRxMvuirVbX7aJOMVrP9bVjdkuRZkBJ
mzBYRzT1v30luSQj1a7g92VZIOEkUCQ6xGtDM+UtojtuN8AhB+z3L/SSB1pa1d1o
1R1MreHsbwdbgUA/jBRvDiEpGOI0n9tT52dppsinsoCfKwScR41vdHIdjkSgsMHy
B3OYu2atsRWogR2MdlgvzGAOSMrWEzV4cxe8sw0nRlBjYqDfEWKUhMEQhkSJ81AG
BqJHCqDSeCfFog==
-----END CERTIFICATE-----