Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
File:                     zzKCScw17CfMEOGLiCxsE4l8hJc.mft (raw, json)
Hash identifier:          Dk771V6Cbf30CSzJfEwckWkJVl4HI1PHPwXkHytOtBc=
Subject key identifier:   FB:A9:54:3C:17:A4:AE:A7:6B:D9:89:8D:31:2F:69:CE:84:E2:D3:D2
Authority key identifier: CF:32:82:49:CC:35:EC:27:CC:10:E1:8B:88:2C:6C:13:89:7C:84:97
Certificate issuer:       /CN=cf328249cc35ec27cc10e18b882c6c13897c8497
Certificate serial:       0197488D1674CB0A1067E8587E98117739AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zzKCScw17CfMEOGLiCxsE4l8hJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
Manifest number:          0D15
Signing time:             Sat 07 Jun 2025 04:01:35 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:35 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:35 +0000
Files and hashes:         1: zzKCScw17CfMEOGLiCxsE4l8hJc.crl (hash: HpIwhBd7bmTsONPc7fo1xm/yJsYKtBFyK5ezwosCGQk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zzKCScw17CfMEOGLiCxsE4l8hJc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:16:74:cb:0a:10:67:e8:58:7e:98:11:77:39:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf328249cc35ec27cc10e18b882c6c13897c8497
        Validity
            Not Before: Jun  7 04:01:35 2025 GMT
            Not After : Jun  8 04:01:35 2025 GMT
        Subject: CN=fba9543c17a4aea76bd9898d312f69ce84e2d3d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0b:02:58:81:3d:f3:5a:6f:76:d6:53:07:a8:
                    2d:29:7a:34:b2:04:1b:51:ce:63:f2:1f:7c:d3:ab:
                    06:ab:6b:4f:cf:ae:a0:af:c1:4f:52:54:19:8e:21:
                    8f:90:7f:f6:46:a6:cd:31:df:18:e8:91:49:a7:35:
                    32:24:a9:ac:41:47:48:66:3d:eb:25:d6:d0:90:b9:
                    f8:a4:bc:29:18:28:48:6f:e6:26:71:f4:9e:80:81:
                    c1:ad:ea:e0:a6:80:88:38:06:b7:92:73:a8:fc:47:
                    74:b4:e1:a2:87:7a:0a:35:d2:48:df:4e:27:a4:39:
                    8b:26:48:d9:23:bd:80:c8:79:f2:cc:f9:7a:ba:84:
                    69:e0:6a:82:52:87:ae:1b:38:1a:02:85:1b:1a:0a:
                    83:8d:13:85:a2:87:d3:88:56:26:ef:88:32:41:ab:
                    95:9a:76:cf:a1:28:7d:53:06:55:88:5c:53:1c:d9:
                    d7:e8:e5:fe:d2:8a:51:6c:31:6d:8a:e4:56:a5:6c:
                    05:32:e1:95:6b:3e:a3:c4:f6:7f:a4:7c:62:9b:04:
                    41:70:e1:9b:6e:45:95:5a:1b:48:06:7c:5e:10:89:
                    53:4e:6b:b3:7b:b9:ea:8d:59:45:aa:d8:64:ed:2e:
                    7e:b2:1e:10:b3:82:d3:7c:72:17:1d:97:b7:2d:9c:
                    3a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A9:54:3C:17:A4:AE:A7:6B:D9:89:8D:31:2F:69:CE:84:E2:D3:D2
            X509v3 Authority Key Identifier:
                keyid:CF:32:82:49:CC:35:EC:27:CC:10:E1:8B:88:2C:6C:13:89:7C:84:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zzKCScw17CfMEOGLiCxsE4l8hJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:5c:07:25:0e:d0:0b:8e:41:13:cb:12:be:1a:d2:21:98:87:
         e3:d9:f4:02:43:29:e8:60:f5:8a:7f:37:c6:24:0b:37:12:18:
         d6:9b:de:a3:84:c0:54:80:65:ee:d4:ab:ef:4b:6e:b6:b5:4a:
         e8:1a:94:1a:a8:85:26:72:3b:4a:57:66:9b:0e:74:9b:8d:67:
         58:23:d7:10:37:5b:41:56:5e:8f:bc:a1:f6:18:86:0c:28:aa:
         e2:4d:d4:68:0b:6e:98:3a:33:92:64:41:8e:a1:26:30:cf:df:
         c4:4f:c9:9a:75:9e:6a:5d:92:f3:fe:d8:ef:15:bf:42:42:7e:
         0f:8d:59:eb:60:82:03:24:68:48:d3:a8:f2:46:7c:65:d0:2e:
         3c:99:cf:51:41:21:2d:32:aa:c3:1e:ec:06:b4:54:9c:8b:b5:
         1d:78:25:a9:ef:0e:0f:15:3f:b3:39:c5:d4:69:eb:82:13:0e:
         a3:ef:88:0b:bb:50:7d:5f:c4:36:f1:6b:d1:87:53:d0:09:db:
         45:9c:14:c4:4f:be:04:e1:93:02:ce:16:92:63:ed:50:ce:84:
         a1:58:cd:65:78:88:4e:94:ba:71:2c:4b:8a:81:31:6d:50:f5:
         a0:1b:8b:43:72:8c:82:61:a0:f5:f1:94:67:a8:a7:f7:ec:10:
         be:1d:26:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjRZ0ywoQZ+hYfpgRdzmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMzI4MjQ5Y2MzNWVjMjdjYzEwZTE4Yjg4MmM2YzEzODk3
Yzg0OTcwHhcNMjUwNjA3MDQwMTM1WhcNMjUwNjA4MDQwMTM1WjAzMTEwLwYDVQQD
EyhmYmE5NTQzYzE3YTRhZWE3NmJkOTg5OGQzMTJmNjljZTg0ZTJkM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwsCWIE981pvdtZTB6gtKXo0sgQb
Uc5j8h9806sGq2tPz66gr8FPUlQZjiGPkH/2RqbNMd8Y6JFJpzUyJKmsQUdIZj3r
JdbQkLn4pLwpGChIb+YmcfSegIHBrergpoCIOAa3knOo/Ed0tOGih3oKNdJI304n
pDmLJkjZI72AyHnyzPl6uoRp4GqCUoeuGzgaAoUbGgqDjROFoofTiFYm74gyQauV
mnbPoSh9UwZViFxTHNnX6OX+0opRbDFtiuRWpWwFMuGVaz6jxPZ/pHximwRBcOGb
bkWVWhtIBnxeEIlTTmuze7nqjVlFqthk7S5+sh4Qs4LTfHIXHZe3LZw6RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPupVDwXpK6na9mJjTEvac6E4tPSMB8GA1UdIwQY
MBaAFM8ygknMNewnzBDhi4gsbBOJfISXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenpLQ1NjdzE3Q2ZNRU9HTGlDeHNFNGw4aEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yN2Q0MDktNzY1OS00NTNlLWIzNmYt
Mjk3ZDUyZjBjMjgzLzEvenpLQ1NjdzE3Q2ZNRU9HTGlDeHNFNGw4aEpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yN2Q0MDktNzY1OS00NTNlLWIzNmYtMjk3ZDUyZjBjMjgz
LzEvenpLQ1NjdzE3Q2ZNRU9HTGlDeHNFNGw4aEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAslwHJQ7Q
C45BE8sSvhrSIZiH49n0AkMp6GD1in83xiQLNxIY1pveo4TAVIBl7tSr70tutrVK
6BqUGqiFJnI7Sldmmw50m41nWCPXEDdbQVZej7yh9hiGDCiq4k3UaAtumDozkmRB
jqEmMM/fxE/JmnWeal2S8/7Y7xW/QkJ+D41Z62CCAyRoSNOo8kZ8ZdAuPJnPUUEh
LTKqwx7sBrRUnIu1HXglqe8ODxU/sznF1GnrghMOo++IC7tQfV/ENvFr0YdT0Anb
RZwUxE++BOGTAs4WkmPtUM6EoVjNZXiITpS6cSxLioExbVD1oBuLQ3KMgmGg9fGU
Z6in9+wQvh0meA==
-----END CERTIFICATE-----