Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          P8zZ1Sn7qTDuI45QuYzf9Fxhyp/fGmvOWCSIDM7N/T4=
Subject key identifier:   40:D1:6D:11:2F:8E:41:56:3E:48:8F:6D:D8:E5:D4:D4:C5:BC:11:3B
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       01974C68E66D3778590F32B243B19021BB8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          1399
Signing time:             Sat 07 Jun 2025 22:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:32 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: jWcdGbbFQOOZlqyuHkwWN6bq0awJaq+boIzUOkD+QYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:e6:6d:37:78:59:0f:32:b2:43:b1:90:21:bb:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Jun  7 22:00:32 2025 GMT
            Not After : Jun  8 22:00:32 2025 GMT
        Subject: CN=40d16d112f8e41563e488f6dd8e5d4d4c5bc113b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:88:18:e4:2b:20:a0:17:20:70:42:8b:48:ae:
                    bb:a7:ab:4e:42:9b:91:d2:78:0f:6b:49:77:ef:e1:
                    3e:a7:21:0c:a8:68:a1:0a:eb:19:12:38:2a:bb:3f:
                    d5:03:7b:3c:a4:ab:41:14:7e:43:d4:a6:4e:86:4b:
                    22:5a:0a:03:fe:e4:b4:68:c2:0a:4f:6a:ff:27:ee:
                    ce:7f:5c:07:3c:40:aa:ea:b5:b4:e6:5a:43:56:4f:
                    b9:22:f5:4a:b3:76:e2:8d:25:19:5c:02:38:69:fb:
                    86:77:76:0f:50:06:51:d3:65:ac:a6:0b:be:06:bf:
                    48:93:2c:82:3b:e0:b6:03:89:0f:bc:1a:62:5d:5b:
                    7b:34:6a:2d:75:48:cd:7c:e0:cd:f4:71:86:e2:ab:
                    d4:60:d6:74:93:d9:96:de:29:0e:b3:ed:5e:6a:5b:
                    da:2e:12:07:7f:9c:b5:ea:6d:69:f7:f8:63:5e:b8:
                    c7:71:47:ed:d1:ff:11:ee:e2:34:24:38:e2:57:1d:
                    27:9b:f4:53:07:30:8c:10:47:e9:65:70:ae:7e:bb:
                    8b:a7:67:b3:6e:6e:cd:f9:55:21:39:68:34:2d:e8:
                    f3:40:24:13:75:71:3c:05:12:77:8b:44:a0:7e:8e:
                    d9:33:c9:da:30:b9:11:12:fd:b7:aa:b4:83:56:ea:
                    1f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:D1:6D:11:2F:8E:41:56:3E:48:8F:6D:D8:E5:D4:D4:C5:BC:11:3B
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:ef:b0:e5:e7:5b:8d:5a:2f:dc:f6:53:80:80:86:9d:d3:7b:
         0f:47:50:3a:02:41:d0:49:f2:53:04:e2:83:a6:ee:09:bb:e5:
         0e:fe:49:85:db:c9:9e:88:a3:92:d8:13:dc:48:ce:23:e6:f2:
         00:1e:cd:c7:9b:8b:15:f1:1f:b0:19:44:e9:a0:d1:06:27:b8:
         22:f9:73:f5:ab:61:50:1f:cd:d7:e8:dc:fb:92:88:49:df:0a:
         ae:e6:46:ff:b4:4e:d6:d7:df:9a:83:9e:1d:ac:ea:b0:04:ec:
         85:5e:d0:d3:ed:17:ae:39:f8:3e:2e:d9:3f:85:87:7a:72:41:
         8b:24:c2:83:07:fd:b7:a3:e1:d1:60:42:ca:5a:4b:e8:a2:b5:
         98:b6:1c:6c:11:a1:57:f2:ad:26:78:97:ab:7b:c0:4f:2c:fa:
         98:5a:8e:04:aa:5e:36:de:f5:5d:29:30:5f:50:1f:ba:e4:ea:
         06:69:bd:2c:e2:14:8d:e6:fe:08:f5:00:94:4f:e0:4f:ce:42:
         22:54:fc:a1:d2:3a:5c:bd:c1:57:08:a1:f2:b7:c8:60:dc:75:
         40:c1:79:c3:9b:4d:24:1f:ac:b9:89:58:ea:1c:a5:d9:49:c0:
         c7:44:07:8c:a0:64:27:9c:ed:b1:d2:58:38:45:40:40:a4:17:
         91:be:7e:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaOZtN3hZDzKyQ7GQIbuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwNjA3MjIwMDMyWhcNMjUwNjA4MjIwMDMyWjAzMTEwLwYDVQQD
Eyg0MGQxNmQxMTJmOGU0MTU2M2U0ODhmNmRkOGU1ZDRkNGM1YmMxMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YgY5CsgoBcgcEKLSK67p6tOQpuR
0ngPa0l37+E+pyEMqGihCusZEjgquz/VA3s8pKtBFH5D1KZOhksiWgoD/uS0aMIK
T2r/J+7Of1wHPECq6rW05lpDVk+5IvVKs3bijSUZXAI4afuGd3YPUAZR02Wspgu+
Br9IkyyCO+C2A4kPvBpiXVt7NGotdUjNfODN9HGG4qvUYNZ0k9mW3ikOs+1ealva
LhIHf5y16m1p9/hjXrjHcUft0f8R7uI0JDjiVx0nm/RTBzCMEEfpZXCufruLp2ez
bm7N+VUhOWg0LejzQCQTdXE8BRJ3i0Sgfo7ZM8naMLkREv23qrSDVuoftwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDRbREvjkFWPkiPbdjl1NTFvBE7MB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQu+w5edb
jVov3PZTgICGndN7D0dQOgJB0EnyUwTig6buCbvlDv5JhdvJnoijktgT3EjOI+by
AB7Nx5uLFfEfsBlE6aDRBie4Ivlz9athUB/N1+jc+5KISd8KruZG/7RO1tffmoOe
HazqsATshV7Q0+0Xrjn4Pi7ZP4WHenJBiyTCgwf9t6Ph0WBCylpL6KK1mLYcbBGh
V/KtJniXq3vATyz6mFqOBKpeNt71XSkwX1AfuuTqBmm9LOIUjeb+CPUAlE/gT85C
IlT8odI6XL3BVwih8rfIYNx1QMF5w5tNJB+suYlY6hyl2UnAx0QHjKBkJ5ztsdJY
OEVAQKQXkb5+7Q==
-----END CERTIFICATE-----