Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
File:                     zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft (raw, json)
Hash identifier:          MsLAbt6wbSM3yko98IBtl0HtLi1xjclgPLE7xndduwE=
Subject key identifier:   A3:34:DF:63:FF:34:70:3F:E5:F4:37:7E:7B:62:F2:9E:95:FE:A6:50
Authority key identifier: CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12
Certificate issuer:       /CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
Certificate serial:       0197499F1AB5AEBD00ACDA92F8404AB31660
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
Manifest number:          2E
Signing time:             Sat 07 Jun 2025 09:00:53 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:53 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:53 +0000
Files and hashes:         1: zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl (hash: JSEa2rIDtAwuGQKFldqEGaq67lO09Fo12T2cZciZ380=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9f:1a:b5:ae:bd:00:ac:da:92:f8:40:4a:b3:16:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
        Validity
            Not Before: Jun  7 09:00:53 2025 GMT
            Not After : Jun  8 09:00:53 2025 GMT
        Subject: CN=a334df63ff34703fe5f4377e7b62f29e95fea650
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ab:41:b6:14:71:48:d5:40:bb:eb:93:e9:3f:
                    9f:e6:35:87:4c:b8:03:f5:f6:9a:2b:94:27:40:5c:
                    82:35:66:82:d0:8b:b7:94:75:66:3a:56:09:62:4a:
                    c7:55:60:a5:4c:68:23:82:53:45:e3:e9:0f:7f:d4:
                    3e:79:bf:2a:43:32:16:90:f5:13:ba:c8:94:4d:bd:
                    28:47:21:1e:94:8f:ce:d9:63:ca:64:09:5a:46:58:
                    e9:59:d3:31:b6:34:d3:f6:24:b1:10:83:b4:8a:3b:
                    e4:91:92:20:af:b1:0d:f8:68:28:c9:86:f2:a0:9e:
                    ed:19:6a:cd:57:00:26:45:d4:95:a1:10:ae:f0:7d:
                    49:e3:38:14:b4:c5:f2:68:e1:40:2e:ef:8e:9c:3b:
                    11:24:b9:a8:24:ab:aa:19:de:4e:d4:72:6f:da:2a:
                    54:ce:b3:3b:09:93:b1:5a:6c:c0:ca:ef:04:de:69:
                    3d:46:53:8e:6c:99:73:1e:a2:ad:a5:67:e7:fa:1a:
                    0a:4a:62:71:5d:5d:3f:cb:37:17:47:23:3b:44:38:
                    4b:18:7d:f9:ba:b6:83:fa:21:a3:7e:c0:14:43:1c:
                    1a:9e:01:59:84:70:36:9f:6b:d5:4d:59:66:ac:93:
                    5f:4b:48:81:19:30:e3:4f:18:4a:30:4d:a3:4a:30:
                    5b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:34:DF:63:FF:34:70:3F:E5:F4:37:7E:7B:62:F2:9E:95:FE:A6:50
            X509v3 Authority Key Identifier:
                keyid:CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:ec:91:9c:a2:90:29:ac:5d:20:d0:79:5a:71:05:e0:c3:5f:
         2a:66:63:b1:c9:92:5d:08:a8:38:51:6f:8d:2b:d8:25:1c:02:
         7a:d8:97:dc:42:b9:fc:b6:e7:ee:e7:68:c9:3f:60:75:a3:c8:
         bd:4d:50:cd:48:45:b6:f4:75:1c:c6:f7:e5:f0:40:6a:03:35:
         59:66:9a:4e:3f:21:0b:e2:71:90:e5:c3:46:74:37:70:bf:95:
         11:71:bd:41:2b:35:2b:5b:ae:f6:3c:bc:6d:d2:66:ab:f0:97:
         fb:f6:b3:a4:5a:05:ba:05:47:0a:77:12:1e:04:53:13:57:a8:
         d1:65:88:b1:f4:e7:6e:05:68:02:75:ad:10:84:aa:ab:06:ca:
         19:9a:ba:56:58:8d:7b:a1:02:a5:37:fe:38:c4:e9:cd:6b:f2:
         37:f4:50:b1:47:8c:66:00:15:bb:91:58:8e:e7:45:5e:a6:17:
         0b:97:84:95:64:f2:56:b6:7b:90:cf:e5:e5:2e:d4:ed:44:a9:
         a2:d4:83:6f:2c:f0:f6:fb:3f:a7:35:1f:81:c5:59:3f:81:36:
         17:fe:72:68:29:c4:c4:57:dd:22:3e:8f:22:9f:32:e5:ad:55:
         fa:17:1c:60:53:ec:99:75:5e:45:eb:ae:00:8b:21:ee:2c:ca:
         95:e5:61:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnxq1rr0ArNqS+EBKsxZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMGE5MDBkNzBiZDEwZjdkMjIyMWE1NjQ4ZGE1NGE1ZTNm
NDQ3MTIwHhcNMjUwNjA3MDkwMDUzWhcNMjUwNjA4MDkwMDUzWjAzMTEwLwYDVQQD
EyhhMzM0ZGY2M2ZmMzQ3MDNmZTVmNDM3N2U3YjYyZjI5ZTk1ZmVhNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtatBthRxSNVAu+uT6T+f5jWHTLgD
9faaK5QnQFyCNWaC0Iu3lHVmOlYJYkrHVWClTGgjglNF4+kPf9Q+eb8qQzIWkPUT
usiUTb0oRyEelI/O2WPKZAlaRljpWdMxtjTT9iSxEIO0ijvkkZIgr7EN+GgoyYby
oJ7tGWrNVwAmRdSVoRCu8H1J4zgUtMXyaOFALu+OnDsRJLmoJKuqGd5O1HJv2ipU
zrM7CZOxWmzAyu8E3mk9RlOObJlzHqKtpWfn+hoKSmJxXV0/yzcXRyM7RDhLGH35
uraD+iGjfsAUQxwangFZhHA2n2vVTVlmrJNfS0iBGTDjTxhKME2jSjBb+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKM032P/NHA/5fQ3fnti8p6V/qZQMB8GA1UdIwQY
MBaAFMwKkA1wvRD30iIaVkjaVKXj9EcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUt
MzgwMWM2MjE2ZTZjLzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUtMzgwMWM2MjE2ZTZj
LzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+yRnKKQ
KaxdINB5WnEF4MNfKmZjscmSXQioOFFvjSvYJRwCetiX3EK5/Lbn7udoyT9gdaPI
vU1QzUhFtvR1HMb35fBAagM1WWaaTj8hC+JxkOXDRnQ3cL+VEXG9QSs1K1uu9jy8
bdJmq/CX+/azpFoFugVHCncSHgRTE1eo0WWIsfTnbgVoAnWtEISqqwbKGZq6VliN
e6ECpTf+OMTpzWvyN/RQsUeMZgAVu5FYjudFXqYXC5eElWTyVrZ7kM/l5S7U7USp
otSDbyzw9vs/pzUfgcVZP4E2F/5yaCnExFfdIj6PIp8y5a1V+hccYFPsmXVeReuu
AIsh7izKleVhxg==
-----END CERTIFICATE-----