Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          mpSgiYeNiLLWFoaztWfcbAHhCNeLKyLaXlvrMsHYglQ=
Subject key identifier:   3C:CE:48:45:0F:C7:0A:58:07:DB:FC:65:36:2D:2E:56:51:3A:4A:5D
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       01965349F0DB3C3494A0B144EA8F2030F223
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          1318
Signing time:             Sun 20 Apr 2025 13:01:16 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:16 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:16 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: y/llTBDr8qJ1XUUFNvZ17YUSgvp/iT+WWZoviNA0wkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:f0:db:3c:34:94:a0:b1:44:ea:8f:20:30:f2:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Apr 20 13:01:16 2025 GMT
            Not After : Apr 21 13:01:16 2025 GMT
        Subject: CN=3cce48450fc70a5807dbfc65362d2e56513a4a5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f2:1c:8f:ad:49:81:ba:f9:50:f8:e6:09:0d:
                    63:6a:a2:4d:a0:e3:13:a2:51:0d:c0:72:d1:2e:a9:
                    cc:4d:08:3e:8f:d7:d3:50:4a:1c:00:28:0b:ce:33:
                    75:c9:4a:d8:f3:b5:d6:f7:94:e6:4e:6d:56:78:f0:
                    1e:43:8d:a7:83:58:40:75:4f:5a:fb:a3:f8:8b:24:
                    89:d5:bd:1d:81:ce:8e:41:b3:c1:95:d3:d8:4e:53:
                    62:68:8c:89:33:70:69:0e:4a:3e:f2:05:2f:4f:c6:
                    ae:3f:76:e6:19:ca:31:9c:a1:99:5b:57:1e:5c:a2:
                    a6:cd:0b:21:19:9f:a8:a3:cc:7d:db:69:7d:e4:a0:
                    dc:a6:e8:20:fd:3c:d9:42:50:13:98:0c:0c:c6:22:
                    2b:b2:91:c6:f1:12:40:bd:a9:3b:22:78:73:ff:e3:
                    29:4c:6c:2f:ff:a1:70:ea:d0:2a:d9:ce:a1:0e:63:
                    c1:39:81:d8:a6:59:40:77:02:32:09:79:4e:04:62:
                    ba:10:83:ff:85:9c:1b:d7:dc:88:e5:71:2e:54:d2:
                    e7:e5:23:ff:9b:f1:d6:67:aa:70:ec:82:83:50:9e:
                    c6:ca:cd:3f:76:14:50:1a:85:2d:41:98:e6:de:af:
                    4f:a9:e9:c8:75:4d:d5:ca:7d:a2:d3:ce:b7:43:9b:
                    05:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:CE:48:45:0F:C7:0A:58:07:DB:FC:65:36:2D:2E:56:51:3A:4A:5D
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:60:fd:aa:36:31:4e:9d:b7:4c:8c:b2:36:8d:bc:86:0d:77:
         e3:a6:7e:7f:42:ef:9f:6a:b6:17:6e:04:0e:d6:d9:49:15:99:
         36:59:a4:2a:bf:65:f3:22:45:2e:0e:cb:6e:2a:27:dc:e2:b3:
         f3:3b:22:e0:0f:56:f0:c5:93:74:ea:26:59:d0:5f:a7:13:61:
         45:a2:48:52:d0:b7:2a:cd:ca:ae:54:29:5e:fe:0d:ea:6a:04:
         27:83:3f:81:7e:da:8b:a5:dc:eb:cb:bb:94:ad:10:a3:73:15:
         99:e7:e3:8e:c7:b7:b3:20:eb:e3:b1:56:7e:68:4b:7a:41:49:
         10:03:0b:a1:44:a3:63:0d:68:bc:5a:bb:8f:10:b6:46:76:ad:
         f1:d3:e5:14:9b:81:1e:f9:e1:10:16:b0:e5:3c:8f:e8:14:4a:
         c7:92:c8:48:0f:ba:41:e3:d7:4c:22:8b:b5:b0:c8:96:61:c4:
         e6:49:36:1f:33:32:62:58:6f:f9:87:43:e4:59:24:8c:c9:dd:
         53:2f:6e:16:e5:2e:b7:9c:1e:8c:72:f1:d9:2e:7b:1e:ae:21:
         ef:32:72:2f:48:81:43:54:03:49:8d:e8:a4:b0:44:6b:8e:fc:
         eb:a3:92:41:62:4d:63:c0:88:59:8a:81:37:8c:37:dc:7c:33:
         aa:ae:31:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSfDbPDSUoLFE6o8gMPIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwNDIwMTMwMTE2WhcNMjUwNDIxMTMwMTE2WjAzMTEwLwYDVQQD
EygzY2NlNDg0NTBmYzcwYTU4MDdkYmZjNjUzNjJkMmU1NjUxM2E0YTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/Icj61Jgbr5UPjmCQ1jaqJNoOMT
olENwHLRLqnMTQg+j9fTUEocACgLzjN1yUrY87XW95TmTm1WePAeQ42ng1hAdU9a
+6P4iySJ1b0dgc6OQbPBldPYTlNiaIyJM3BpDko+8gUvT8auP3bmGcoxnKGZW1ce
XKKmzQshGZ+oo8x922l95KDcpugg/TzZQlATmAwMxiIrspHG8RJAvak7Inhz/+Mp
TGwv/6Fw6tAq2c6hDmPBOYHYpllAdwIyCXlOBGK6EIP/hZwb19yI5XEuVNLn5SP/
m/HWZ6pw7IKDUJ7Gys0/dhRQGoUtQZjm3q9PqenIdU3Vyn2i0863Q5sFwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzOSEUPxwpYB9v8ZTYtLlZROkpdMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWD9qjYx
Tp23TIyyNo28hg1346Z+f0Lvn2q2F24EDtbZSRWZNlmkKr9l8yJFLg7Lbion3OKz
8zsi4A9W8MWTdOomWdBfpxNhRaJIUtC3Ks3KrlQpXv4N6moEJ4M/gX7ai6Xc68u7
lK0Qo3MVmefjjse3syDr47FWfmhLekFJEAMLoUSjYw1ovFq7jxC2Rnat8dPlFJuB
HvnhEBaw5TyP6BRKx5LISA+6QePXTCKLtbDIlmHE5kk2HzMyYlhv+YdD5FkkjMnd
Uy9uFuUut5wejHLx2S57Hq4h7zJyL0iBQ1QDSY3opLBEa47866OSQWJNY8CIWYqB
N4w33Hwzqq4xfw==
-----END CERTIFICATE-----