Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
File:                     Z42bouOWhCO-_F7tBXGbMABX18s.mft (raw, json)
Hash identifier:          Uwuu5pltRnX7K6Vehj3aYOxx6VLXqcRW+4oLOCPt9gw=
Subject key identifier:   91:62:71:DB:38:49:17:1D:E3:06:DF:1A:EC:EA:27:03:2F:83:3E:9E
Authority key identifier: 67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB
Certificate issuer:       /CN=678d9ba2e3968423befc5eed05719b300057d7cb
Certificate serial:       0196496A4EBF087D089BC69E0528915F639D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
Manifest number:          01EE
Signing time:             Fri 18 Apr 2025 15:00:25 +0000
Manifest this update:     Fri 18 Apr 2025 15:00:25 +0000
Manifest next update:     Sat 19 Apr 2025 15:00:25 +0000
Files and hashes:         1: Z42bouOWhCO-_F7tBXGbMABX18s.crl (hash: lermvXRNbc1e/I0ir5nhCLkD4NsBxWPQ2sdEaWU3bH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:6a:4e:bf:08:7d:08:9b:c6:9e:05:28:91:5f:63:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=678d9ba2e3968423befc5eed05719b300057d7cb
        Validity
            Not Before: Apr 18 15:00:25 2025 GMT
            Not After : Apr 19 15:00:25 2025 GMT
        Subject: CN=916271db3849171de306df1aecea27032f833e9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a4:75:9d:38:c8:a0:b8:91:2f:87:68:4b:d3:
                    8c:71:07:bb:22:ed:c9:b2:d2:9f:ec:2a:93:94:9a:
                    3c:8d:58:94:ee:9f:80:4e:a1:d7:d4:9a:18:66:95:
                    4d:ab:bb:6d:0b:87:b4:59:6b:8c:f8:57:19:3f:cb:
                    8f:96:f3:6a:c3:69:55:25:21:39:21:3a:32:93:3c:
                    0c:d5:68:88:56:35:47:a3:28:d7:5b:d4:63:f7:b6:
                    68:1c:99:ef:8d:bf:44:8a:9b:84:9e:71:ac:a2:14:
                    0b:49:7c:cd:8a:20:c4:83:45:11:2e:d7:10:0e:c3:
                    7f:8b:2d:89:0d:cc:46:9b:14:ef:18:9e:15:7f:eb:
                    0d:32:77:4d:f1:07:91:f5:67:27:02:e9:ea:80:2d:
                    e3:b4:96:18:05:8e:69:e0:f8:f7:b1:39:52:17:0d:
                    9b:d3:34:16:ab:2a:6f:74:e5:91:30:7c:fa:08:ec:
                    f5:be:99:45:f2:fb:96:70:60:f2:18:c9:6b:b0:ee:
                    59:c5:00:72:d6:64:9f:45:11:fd:47:f4:c0:a1:d3:
                    dd:37:d3:a5:1e:2b:5f:36:2d:97:66:f3:ff:99:b2:
                    f5:1d:e0:14:1f:fd:01:ed:6b:55:a8:47:63:3e:e6:
                    66:e8:6a:97:36:06:c9:30:04:66:2b:ea:06:57:06:
                    84:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:62:71:DB:38:49:17:1D:E3:06:DF:1A:EC:EA:27:03:2F:83:3E:9E
            X509v3 Authority Key Identifier:
                keyid:67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:11:4b:c3:45:50:5f:fb:f1:cf:6e:bd:2e:45:c5:30:0d:d0:
         3e:c8:65:03:06:20:66:c9:4f:e5:56:bf:97:be:6b:b4:af:80:
         62:39:a7:b3:47:a7:e9:b5:02:93:20:e8:0f:ca:b3:3c:31:80:
         3a:28:14:f3:4f:54:ac:ca:25:07:b1:ff:6d:f0:c4:e0:51:46:
         41:58:eb:1d:65:91:fc:c6:4f:a2:82:3a:19:c4:13:9e:03:4c:
         99:5b:6a:7a:c6:07:4f:97:cb:42:34:9c:5a:31:18:a6:12:00:
         2f:0a:2c:02:3f:75:37:76:4f:1f:66:7e:64:68:25:c8:2c:38:
         c4:fc:df:46:d6:c1:61:e8:cf:2f:6d:68:8a:0a:06:4f:7b:4b:
         f1:1f:17:d8:90:f9:2e:74:89:6b:d0:35:99:12:a4:b9:5c:f8:
         7f:ac:f1:f1:be:97:3e:23:62:2e:35:12:f2:34:a4:5f:05:e0:
         e2:54:9a:50:96:8b:2e:0e:49:82:d7:e7:c9:b7:70:af:1e:8a:
         94:22:0e:e5:b6:a6:90:c6:1e:29:f0:69:25:1f:92:cc:3d:fd:
         0b:dc:3c:f7:4d:a3:07:8f:56:63:59:db:7e:71:0e:cc:fb:a8:
         b9:25:d0:82:72:f4:03:f4:cd:ae:5f:84:1b:c2:7a:ed:f8:3b:
         5e:9a:26:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJak6/CH0Im8aeBSiRX2OdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGQ5YmEyZTM5Njg0MjNiZWZjNWVlZDA1NzE5YjMwMDA1
N2Q3Y2IwHhcNMjUwNDE4MTUwMDI1WhcNMjUwNDE5MTUwMDI1WjAzMTEwLwYDVQQD
Eyg5MTYyNzFkYjM4NDkxNzFkZTMwNmRmMWFlY2VhMjcwMzJmODMzZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16R1nTjIoLiRL4doS9OMcQe7Iu3J
stKf7CqTlJo8jViU7p+ATqHX1JoYZpVNq7ttC4e0WWuM+FcZP8uPlvNqw2lVJSE5
IToykzwM1WiIVjVHoyjXW9Rj97ZoHJnvjb9EipuEnnGsohQLSXzNiiDEg0URLtcQ
DsN/iy2JDcxGmxTvGJ4Vf+sNMndN8QeR9WcnAunqgC3jtJYYBY5p4Pj3sTlSFw2b
0zQWqypvdOWRMHz6COz1vplF8vuWcGDyGMlrsO5ZxQBy1mSfRRH9R/TAodPdN9Ol
HitfNi2XZvP/mbL1HeAUH/0B7WtVqEdjPuZm6GqXNgbJMARmK+oGVwaEqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFicds4SRcd4wbfGuzqJwMvgz6eMB8GA1UdIwQY
MBaAFGeNm6LjloQjvvxe7QVxmzAAV9fLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEt
YzgwYTcyM2QzNGY3LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEtYzgwYTcyM2QzNGY3
LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxFLw0VQ
X/vxz269LkXFMA3QPshlAwYgZslP5Va/l75rtK+AYjmns0en6bUCkyDoD8qzPDGA
OigU809UrMolB7H/bfDE4FFGQVjrHWWR/MZPooI6GcQTngNMmVtqesYHT5fLQjSc
WjEYphIALwosAj91N3ZPH2Z+ZGglyCw4xPzfRtbBYejPL21oigoGT3tL8R8X2JD5
LnSJa9A1mRKkuVz4f6zx8b6XPiNiLjUS8jSkXwXg4lSaUJaLLg5Jgtfnybdwrx6K
lCIO5bamkMYeKfBpJR+SzD39C9w8902jB49WY1nbfnEOzPuouSXQgnL0A/TNrl+E
G8J67fg7Xpomsw==
-----END CERTIFICATE-----