Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
File:                     Zr5SEJO7idx2JQsif39_umbiKNg.mft (raw, json)
Hash identifier:          6o6XY/F/e69glIeXBhseeB6rThfYSf2dXcizbfvf6rU=
Subject key identifier:   C1:3F:3B:F4:E0:60:57:14:99:3F:3C:23:C8:69:5D:F3:28:EA:AC:D6
Authority key identifier: 66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8
Certificate issuer:       /CN=66be521093bb89dc76250b227f7f7fba66e228d8
Certificate serial:       0199221E66040C63E932CF8C9D5A633AEFC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
Manifest number:          01C5
Signing time:             Sun 07 Sep 2025 03:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:41 +0000
Files and hashes:         1: Zr5SEJO7idx2JQsif39_umbiKNg.crl (hash: +LrS0mbA8U+CvZWfeIQyzh4mPaZSZujjYLLcFN90QHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:66:04:0c:63:e9:32:cf:8c:9d:5a:63:3a:ef:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66be521093bb89dc76250b227f7f7fba66e228d8
        Validity
            Not Before: Sep  7 03:00:41 2025 GMT
            Not After : Sep  8 03:00:41 2025 GMT
        Subject: CN=c13f3bf4e0605714993f3c23c8695df328eaacd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:39:a0:08:41:00:33:fe:6a:6b:25:4c:4c:92:
                    6b:db:6e:06:ec:b9:71:0d:01:43:18:c0:6c:d4:64:
                    44:da:8b:3a:df:70:cb:f8:fc:b0:91:85:8d:d6:3a:
                    0b:84:4b:3f:62:00:d0:9f:4a:a6:f5:47:9e:c5:05:
                    24:90:63:d3:92:f8:6d:84:ec:8e:f9:18:6c:23:bf:
                    8e:d8:16:64:50:53:5e:84:42:bf:e3:48:c5:df:6d:
                    ad:09:76:54:68:7c:b2:e2:67:56:82:33:d6:5c:54:
                    f8:a6:58:61:5f:9c:e1:e7:02:01:bb:0d:6b:7c:ae:
                    e5:a9:53:1e:8e:a1:db:3e:d7:4e:17:03:08:af:31:
                    03:fc:75:14:d9:90:37:9c:9f:ee:46:f5:d2:b7:1c:
                    97:55:85:d5:24:8a:f3:9a:94:9b:64:9f:bd:bc:d6:
                    e4:12:4b:a2:7c:25:06:e3:ea:09:31:32:f3:f2:e3:
                    47:c5:79:76:5e:81:19:7a:d9:66:45:ea:73:af:17:
                    fb:7a:53:b6:6e:4c:0d:13:74:d9:2e:e1:b9:e6:22:
                    80:21:b5:a7:f2:fe:86:f6:9e:e4:30:ae:44:dc:64:
                    76:e1:b0:25:d7:2d:ce:be:c7:5f:2a:f1:74:dc:b6:
                    3f:e9:6a:18:5c:73:83:6c:51:94:97:2a:f5:91:7d:
                    d4:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:3F:3B:F4:E0:60:57:14:99:3F:3C:23:C8:69:5D:F3:28:EA:AC:D6
            X509v3 Authority Key Identifier:
                keyid:66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:95:e1:2c:81:36:d3:64:14:9c:4c:cd:74:f2:d5:27:82:81:
         5a:82:7a:5b:34:8d:90:d5:3e:66:5c:bf:ee:57:64:4a:c4:41:
         a5:cd:02:ec:c8:1c:c1:fc:1a:d5:be:68:bd:b6:fe:77:a9:e7:
         cd:f4:e4:44:a3:34:8b:a8:63:9a:3f:2b:1a:ec:4b:23:b9:b2:
         df:d1:0b:48:17:8e:d6:30:3d:0a:07:4d:1e:e9:1b:9b:6f:98:
         b0:43:b7:00:8a:ef:ee:94:b5:26:e0:c4:8c:09:82:42:f1:f0:
         d0:5c:22:e0:12:32:3e:73:a6:72:aa:11:55:87:dd:62:94:49:
         17:94:ae:3f:57:1e:96:0b:3a:ee:aa:44:d0:e0:6b:65:d9:8c:
         6f:cd:03:22:ad:46:18:43:30:3d:07:2b:73:e9:fa:f5:ff:d6:
         50:7d:1c:07:5a:70:18:dd:59:8f:81:70:35:e3:55:2b:f9:c0:
         f2:80:a9:8d:2b:30:1c:fb:84:02:8b:44:e7:f2:d6:83:21:0d:
         09:e1:b5:f9:62:93:c9:f0:07:5a:32:33:1c:69:22:28:19:e8:
         19:59:a1:91:bc:c8:22:15:4e:2d:38:1f:6c:e7:9e:95:1b:20:
         1e:f3:8f:bd:c0:58:74:30:d1:38:63:d0:ab:a8:33:74:94:30:
         d9:81:fe:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHmYEDGPpMs+MnVpjOu/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmU1MjEwOTNiYjg5ZGM3NjI1MGIyMjdmN2Y3ZmJhNjZl
MjI4ZDgwHhcNMjUwOTA3MDMwMDQxWhcNMjUwOTA4MDMwMDQxWjAzMTEwLwYDVQQD
EyhjMTNmM2JmNGUwNjA1NzE0OTkzZjNjMjNjODY5NWRmMzI4ZWFhY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTmgCEEAM/5qayVMTJJr224G7Llx
DQFDGMBs1GRE2os633DL+PywkYWN1joLhEs/YgDQn0qm9UeexQUkkGPTkvhthOyO
+RhsI7+O2BZkUFNehEK/40jF322tCXZUaHyy4mdWgjPWXFT4plhhX5zh5wIBuw1r
fK7lqVMejqHbPtdOFwMIrzED/HUU2ZA3nJ/uRvXStxyXVYXVJIrzmpSbZJ+9vNbk
EkuifCUG4+oJMTLz8uNHxXl2XoEZetlmRepzrxf7elO2bkwNE3TZLuG55iKAIbWn
8v6G9p7kMK5E3GR24bAl1y3OvsdfKvF03LY/6WoYXHODbFGUlyr1kX3ULQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFME/O/TgYFcUmT88I8hpXfMo6qzWMB8GA1UdIwQY
MBaAFGa+UhCTu4ncdiULIn9/f7pm4ijYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDkt
OTAwMzBkMDQwZmY3LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDktOTAwMzBkMDQwZmY3
LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZXhLIE2
02QUnEzNdPLVJ4KBWoJ6WzSNkNU+Zly/7ldkSsRBpc0C7Mgcwfwa1b5ovbb+d6nn
zfTkRKM0i6hjmj8rGuxLI7my39ELSBeO1jA9CgdNHukbm2+YsEO3AIrv7pS1JuDE
jAmCQvHw0Fwi4BIyPnOmcqoRVYfdYpRJF5SuP1celgs67qpE0OBrZdmMb80DIq1G
GEMwPQcrc+n69f/WUH0cB1pwGN1Zj4FwNeNVK/nA8oCpjSswHPuEAotE5/LWgyEN
CeG1+WKTyfAHWjIzHGkiKBnoGVmhkbzIIhVOLTgfbOeelRsgHvOPvcBYdDDROGPQ
q6gzdJQw2YH+LA==
-----END CERTIFICATE-----