Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
File:                     Z42bouOWhCO-_F7tBXGbMABX18s.mft (raw, json)
Hash identifier:          tno35C7hx3d0XmDVd1OkdUukkSumpU3gDJFjMd2++VU=
Subject key identifier:   51:E1:C9:ED:FD:67:43:50:B7:B7:1C:B9:E8:3C:87:31:F6:46:6A:4D
Authority key identifier: 67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB
Certificate issuer:       /CN=678d9ba2e3968423befc5eed05719b300057d7cb
Certificate serial:       019921B1461BB51862EB723234D15174BA30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
Manifest number:          0367
Signing time:             Sun 07 Sep 2025 01:01:29 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:29 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:29 +0000
Files and hashes:         1: Z42bouOWhCO-_F7tBXGbMABX18s.crl (hash: +725mthIjZ8yGyFfj8EkSHulfUDMhjjUJuIJDWWzxCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:46:1b:b5:18:62:eb:72:32:34:d1:51:74:ba:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=678d9ba2e3968423befc5eed05719b300057d7cb
        Validity
            Not Before: Sep  7 01:01:29 2025 GMT
            Not After : Sep  8 01:01:29 2025 GMT
        Subject: CN=51e1c9edfd674350b7b71cb9e83c8731f6466a4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d7:c8:45:03:95:e2:b3:13:dc:12:c4:ee:7b:
                    b2:9f:61:08:de:c3:32:92:d2:35:07:29:ea:59:4a:
                    9e:f7:93:e8:8e:bd:05:23:66:74:ff:79:f1:c6:b0:
                    b3:7d:61:98:d0:5f:cc:84:a9:13:17:07:8c:aa:f3:
                    f3:7d:95:11:ac:27:b5:06:a7:68:b1:20:70:a9:b0:
                    c4:bc:eb:33:ca:4c:dd:ca:f1:5a:c5:15:ca:ed:db:
                    68:35:98:83:2a:71:e5:8e:fa:13:50:22:b1:bb:73:
                    ae:9e:b9:0d:1c:de:ae:dc:2f:f8:b6:e2:21:61:7c:
                    6c:ae:44:e5:9e:78:b7:86:e8:2d:b9:79:cf:ab:f0:
                    37:90:50:91:b9:f0:9b:70:80:fc:bc:f4:c3:de:15:
                    4e:5f:28:6f:3e:76:87:de:78:67:ec:38:67:e5:7a:
                    d5:ef:6a:44:3f:15:5f:e0:48:23:6b:f1:a1:4a:8d:
                    df:5e:91:40:d9:cc:e8:ad:0d:fc:22:f8:7b:66:89:
                    05:92:3b:e1:54:30:6a:48:1f:64:4c:88:18:d6:04:
                    ae:53:f3:e8:ba:a1:b6:9b:23:40:3e:4a:f8:0c:9b:
                    97:fa:62:ce:86:d4:67:5a:d9:4f:8f:1f:84:1a:0c:
                    d2:82:3c:ee:32:80:d8:19:5d:30:68:6e:0f:27:fb:
                    6e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E1:C9:ED:FD:67:43:50:B7:B7:1C:B9:E8:3C:87:31:F6:46:6A:4D
            X509v3 Authority Key Identifier:
                keyid:67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:c4:ac:1b:40:ed:32:29:23:51:a1:c3:5f:96:ea:84:a4:e3:
         56:80:15:35:99:7a:f9:28:10:6e:65:86:1b:00:4c:a6:62:a2:
         86:9b:b5:bd:0f:66:c4:d8:73:85:b2:20:63:a3:89:ca:98:0c:
         e6:2f:5c:b0:ae:18:7d:2d:20:37:46:eb:ef:b8:9e:2b:4d:9a:
         8f:0b:a5:9e:68:9a:1a:cd:78:eb:82:6d:33:ae:22:d5:d5:d4:
         1d:5f:45:30:4e:56:4e:a0:38:90:dd:99:2a:35:07:e6:3a:65:
         b4:43:9a:c7:3c:91:86:24:88:7e:9f:39:9d:03:47:e0:f1:1a:
         23:8a:79:c7:1a:5b:fb:ed:ed:7b:3e:ad:f4:08:2e:d6:5b:4e:
         6a:ba:15:bd:e0:67:90:73:c4:9f:43:6d:e1:ad:85:22:27:d6:
         78:3c:d9:02:31:db:ef:c5:fa:03:fe:74:c7:b2:f8:25:2d:78:
         4b:de:4b:22:fd:20:1a:3c:b7:c0:9b:45:84:93:1c:a3:bd:e3:
         4e:80:08:bb:8c:ab:05:97:b3:c4:60:aa:e5:ec:dd:74:f7:67:
         4c:32:2b:1a:90:31:b8:95:33:69:fd:a7:5b:ff:ca:33:4c:8a:
         9e:71:4c:f7:12:52:fd:ea:e8:4a:03:15:04:c6:f0:ed:2f:2d:
         b4:26:af:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsUYbtRhi63IyNNFRdLowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGQ5YmEyZTM5Njg0MjNiZWZjNWVlZDA1NzE5YjMwMDA1
N2Q3Y2IwHhcNMjUwOTA3MDEwMTI5WhcNMjUwOTA4MDEwMTI5WjAzMTEwLwYDVQQD
Eyg1MWUxYzllZGZkNjc0MzUwYjdiNzFjYjllODNjODczMWY2NDY2YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNfIRQOV4rMT3BLE7nuyn2EI3sMy
ktI1BynqWUqe95Pojr0FI2Z0/3nxxrCzfWGY0F/MhKkTFweMqvPzfZURrCe1Bqdo
sSBwqbDEvOszykzdyvFaxRXK7dtoNZiDKnHljvoTUCKxu3OunrkNHN6u3C/4tuIh
YXxsrkTlnni3hugtuXnPq/A3kFCRufCbcID8vPTD3hVOXyhvPnaH3nhn7Dhn5XrV
72pEPxVf4Egja/GhSo3fXpFA2czorQ38Ivh7ZokFkjvhVDBqSB9kTIgY1gSuU/Po
uqG2myNAPkr4DJuX+mLOhtRnWtlPjx+EGgzSgjzuMoDYGV0waG4PJ/tuMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHhye39Z0NQt7ccueg8hzH2RmpNMB8GA1UdIwQY
MBaAFGeNm6LjloQjvvxe7QVxmzAAV9fLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEt
YzgwYTcyM2QzNGY3LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEtYzgwYTcyM2QzNGY3
LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEcSsG0Dt
MikjUaHDX5bqhKTjVoAVNZl6+SgQbmWGGwBMpmKihpu1vQ9mxNhzhbIgY6OJypgM
5i9csK4YfS0gN0br77ieK02ajwulnmiaGs1464JtM64i1dXUHV9FME5WTqA4kN2Z
KjUH5jpltEOaxzyRhiSIfp85nQNH4PEaI4p5xxpb++3tez6t9Agu1ltOaroVveBn
kHPEn0Nt4a2FIifWeDzZAjHb78X6A/50x7L4JS14S95LIv0gGjy3wJtFhJMco73j
ToAIu4yrBZezxGCq5ezddPdnTDIrGpAxuJUzaf2nW//KM0yKnnFM9xJS/eroSgMV
BMbw7S8ttCavDg==
-----END CERTIFICATE-----