Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          7DhtRvpfUcTH91GCLd+yerdywj2znYisxXQxr5e9xMg=
Subject key identifier:   1E:E2:2F:F2:0E:91:37:F4:B0:7A:E0:69:F3:16:A2:19:93:91:F7:49
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       0197488D545CD85B3B07230E3581EC776603
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          0F1D
Signing time:             Sat 07 Jun 2025 04:01:51 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:51 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:51 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: 4e18NcBhxR8DLeMPJtrigGpI6v1FLFLYmnTqhbTAnXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:54:5c:d8:5b:3b:07:23:0e:35:81:ec:77:66:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: Jun  7 04:01:51 2025 GMT
            Not After : Jun  8 04:01:51 2025 GMT
        Subject: CN=1ee22ff20e9137f4b07ae069f316a2199391f749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:74:20:58:68:01:b3:55:6d:bb:55:bf:0c:3d:
                    ef:24:61:64:7d:46:11:0b:a9:ef:43:61:c2:bc:2c:
                    19:91:1e:66:90:50:4a:08:97:48:df:6d:25:a3:12:
                    93:75:48:01:49:3b:68:61:f2:e4:3d:82:0d:4c:bb:
                    46:c9:92:d2:99:d9:9b:47:a5:18:34:e1:cc:dc:38:
                    5d:f9:91:3e:0c:a8:b5:22:9b:0c:97:24:9c:7d:57:
                    91:08:0c:1b:06:84:47:16:d0:19:4d:57:03:03:c3:
                    be:10:52:dc:5f:a6:e6:10:e1:36:f6:a9:74:4f:35:
                    a1:7c:09:cb:e8:29:1c:a2:e4:26:90:17:11:6d:fd:
                    27:2e:8a:5c:34:4b:97:ed:10:38:5e:5d:55:c4:5b:
                    6e:8e:ea:2c:f6:4d:d7:92:aa:7d:ca:9a:00:4c:68:
                    a8:e1:50:69:40:03:9b:21:d5:8c:f6:03:58:b6:68:
                    54:fc:52:8b:de:be:69:22:1a:b4:ba:2a:be:ea:d9:
                    9b:8f:99:45:0e:d0:fe:7f:33:9b:a9:38:15:08:13:
                    85:ca:97:8e:ed:e6:93:d8:16:2f:09:02:48:37:5e:
                    d8:d2:c3:92:76:18:e7:df:f3:bf:3a:48:c1:7b:98:
                    50:72:f1:e9:a6:61:a5:3d:98:bf:01:8c:86:96:82:
                    a5:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E2:2F:F2:0E:91:37:F4:B0:7A:E0:69:F3:16:A2:19:93:91:F7:49
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:d6:be:5a:6f:1f:34:b7:46:1c:76:67:7c:d6:fc:1d:27:1d:
         83:f9:d5:04:7b:05:e1:db:bd:d1:b4:6f:71:90:62:b9:17:93:
         62:6b:98:43:5e:b5:36:c3:f6:e6:9d:4b:9c:1e:9c:cb:6e:0b:
         5d:15:33:e9:5d:e7:f0:48:b7:47:f1:85:a3:ee:6b:5f:4d:79:
         ae:2c:ce:36:1a:ca:2b:2e:b9:1d:27:ea:cc:ae:44:d4:ab:2b:
         b8:6a:46:0c:0f:f6:1f:56:50:da:60:82:2b:28:e5:15:9d:3d:
         d2:24:f7:a0:51:54:8d:51:02:9f:fc:58:d6:4a:b8:af:25:06:
         8b:74:1f:b8:97:60:b0:58:14:18:2a:0d:20:14:3a:c4:c4:e4:
         13:7a:ee:bc:b1:35:06:59:28:2b:6c:92:84:89:9a:38:d3:ad:
         13:fb:e6:b7:bb:ad:28:f5:f1:42:2a:6e:27:22:99:b2:a2:1d:
         2c:b3:33:7f:23:e8:68:57:7c:c8:f4:0e:83:0d:60:2d:a2:fd:
         89:32:4c:d8:e3:09:41:83:67:e4:bb:14:ba:cb:a1:54:64:fd:
         c2:ec:76:83:76:76:e8:bb:1c:74:8c:ed:f1:d3:16:2c:8b:ab:
         df:a8:2e:00:5c:5a:cc:29:b0:8f:5b:e5:6f:86:03:8f:b9:97:
         42:20:13:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjVRc2Fs7ByMONYHsd2YDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjUwNjA3MDQwMTUxWhcNMjUwNjA4MDQwMTUxWjAzMTEwLwYDVQQD
EygxZWUyMmZmMjBlOTEzN2Y0YjA3YWUwNjlmMzE2YTIxOTkzOTFmNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nQgWGgBs1Vtu1W/DD3vJGFkfUYR
C6nvQ2HCvCwZkR5mkFBKCJdI320loxKTdUgBSTtoYfLkPYINTLtGyZLSmdmbR6UY
NOHM3Dhd+ZE+DKi1IpsMlyScfVeRCAwbBoRHFtAZTVcDA8O+EFLcX6bmEOE29ql0
TzWhfAnL6CkcouQmkBcRbf0nLopcNEuX7RA4Xl1VxFtujuos9k3Xkqp9ypoATGio
4VBpQAObIdWM9gNYtmhU/FKL3r5pIhq0uiq+6tmbj5lFDtD+fzObqTgVCBOFypeO
7eaT2BYvCQJIN17Y0sOSdhjn3/O/OkjBe5hQcvHppmGlPZi/AYyGloKlRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7iL/IOkTf0sHrgafMWohmTkfdJMB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlda+Wm8f
NLdGHHZnfNb8HScdg/nVBHsF4du90bRvcZBiuReTYmuYQ161NsP25p1LnB6cy24L
XRUz6V3n8Ei3R/GFo+5rX015rizONhrKKy65HSfqzK5E1KsruGpGDA/2H1ZQ2mCC
KyjlFZ090iT3oFFUjVECn/xY1kq4ryUGi3QfuJdgsFgUGCoNIBQ6xMTkE3ruvLE1
BlkoK2yShImaONOtE/vmt7utKPXxQipuJyKZsqIdLLMzfyPoaFd8yPQOgw1gLaL9
iTJM2OMJQYNn5LsUusuhVGT9wux2g3Z26LscdIzt8dMWLIur36guAFxazCmwj1vl
b4YDj7mXQiAT3w==
-----END CERTIFICATE-----