Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          SZ5JbdoOsO9989J/OT8BBaMjEAwz4nX0EhSGtGHZ2HU=
Subject key identifier:   32:46:B7:48:E3:67:1A:98:64:D3:66:50:DA:2C:32:6D:A8:92:94:74
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       019750B41198C2E7C35EEE65CE85FC3CEBBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          1539
Signing time:             Sun 08 Jun 2025 18:01:07 +0000
Manifest this update:     Sun 08 Jun 2025 18:01:07 +0000
Manifest next update:     Mon 09 Jun 2025 18:01:07 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: yGr8klezBmSn6qltiqYhN4+vLgoJovUUzBN9dFsTpQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b4:11:98:c2:e7:c3:5e:ee:65:ce:85:fc:3c:eb:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: Jun  8 18:01:07 2025 GMT
            Not After : Jun  9 18:01:07 2025 GMT
        Subject: CN=3246b748e3671a9864d36650da2c326da8929474
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:af:84:a4:a6:a1:82:4b:a4:d2:f3:85:de:c9:
                    f6:a1:1a:5e:6f:fc:9f:68:a0:50:cb:4e:81:71:67:
                    52:e4:ae:39:2f:55:c9:4d:c6:bf:d9:f1:18:72:10:
                    f9:21:85:a0:47:9a:a7:f7:83:a5:27:19:77:19:75:
                    1c:96:a6:5b:8e:54:a8:b9:1e:b1:14:ea:e1:58:db:
                    0b:38:82:8d:25:84:1a:1e:02:b0:15:27:e2:f4:43:
                    a2:4b:e0:ab:01:35:b6:82:20:8c:8f:8e:7f:a0:ba:
                    93:93:3d:06:57:fb:79:c9:c3:94:5e:73:af:b1:73:
                    b9:bd:9f:3b:cc:fb:5b:1e:50:89:a3:2d:c4:a2:5e:
                    b9:72:62:24:be:78:69:4e:2d:47:78:b7:9d:85:f7:
                    f0:82:ca:b0:b6:f4:57:36:25:81:0e:f5:ad:55:a3:
                    c0:58:50:ae:da:53:00:1f:3a:5a:3d:70:1d:00:6b:
                    29:01:11:e4:c3:b2:d8:6f:6f:fb:47:ce:e8:db:3c:
                    90:cb:d6:a9:89:a1:d1:58:18:9b:c6:46:62:e0:96:
                    04:74:7d:52:ca:5a:04:cc:ba:8c:78:38:a8:1f:83:
                    7b:80:6e:60:49:9a:85:88:f8:23:fb:86:74:c2:fd:
                    f7:92:60:d2:09:1d:d0:03:5d:bc:93:4c:55:ab:c9:
                    b3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:46:B7:48:E3:67:1A:98:64:D3:66:50:DA:2C:32:6D:A8:92:94:74
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:20:d1:27:0e:d4:0d:08:26:38:85:7b:f3:1b:bd:d8:62:ff:
         cf:05:58:5f:29:4e:d9:71:79:76:38:71:53:fb:d2:30:65:31:
         8a:2f:7c:a1:2b:14:a1:ee:b3:6d:96:bb:2a:65:19:94:ed:9c:
         84:5d:3f:00:b5:e9:ab:76:b3:73:40:27:4b:13:27:3d:6d:61:
         bb:40:97:8c:9b:96:c2:92:b5:68:96:b4:55:08:28:59:27:a4:
         25:05:2b:30:15:6e:9c:78:4b:29:52:1d:47:c6:16:41:08:c4:
         9f:ad:d8:c8:98:51:fb:7f:f2:00:39:63:f8:e7:b5:59:59:a1:
         9a:42:b5:9d:97:c2:fd:02:18:23:82:77:13:d6:b3:d2:2e:54:
         0a:57:75:bc:7a:a8:c8:d4:ce:09:01:2b:94:bf:ea:a7:07:63:
         b0:94:c6:11:9f:49:e4:8d:b9:5f:bc:77:44:79:79:7c:af:64:
         14:83:1f:44:ca:fa:a6:6f:ac:f3:0e:15:aa:4d:ee:bf:ac:2c:
         2d:34:8c:93:39:f7:21:65:a1:f6:16:45:a0:61:11:ee:0e:c4:
         26:ac:74:ed:c5:9d:20:42:6f:86:1a:1e:e7:0b:55:e1:5d:68:
         ea:4b:42:ad:79:0c:59:d4:34:45:e4:a3:71:83:01:b0:66:d2:
         40:ba:a1:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQtBGYwufDXu5lzoX8POu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjUwNjA4MTgwMTA3WhcNMjUwNjA5MTgwMTA3WjAzMTEwLwYDVQQD
EygzMjQ2Yjc0OGUzNjcxYTk4NjRkMzY2NTBkYTJjMzI2ZGE4OTI5NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna+EpKahgkuk0vOF3sn2oRpeb/yf
aKBQy06BcWdS5K45L1XJTca/2fEYchD5IYWgR5qn94OlJxl3GXUclqZbjlSouR6x
FOrhWNsLOIKNJYQaHgKwFSfi9EOiS+CrATW2giCMj45/oLqTkz0GV/t5ycOUXnOv
sXO5vZ87zPtbHlCJoy3Eol65cmIkvnhpTi1HeLedhffwgsqwtvRXNiWBDvWtVaPA
WFCu2lMAHzpaPXAdAGspARHkw7LYb2/7R87o2zyQy9apiaHRWBibxkZi4JYEdH1S
yloEzLqMeDioH4N7gG5gSZqFiPgj+4Z0wv33kmDSCR3QA128k0xVq8mzIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJGt0jjZxqYZNNmUNosMm2okpR0MB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAayDRJw7U
DQgmOIV78xu92GL/zwVYXylO2XF5djhxU/vSMGUxii98oSsUoe6zbZa7KmUZlO2c
hF0/ALXpq3azc0AnSxMnPW1hu0CXjJuWwpK1aJa0VQgoWSekJQUrMBVunHhLKVId
R8YWQQjEn63YyJhR+3/yADlj+Oe1WVmhmkK1nZfC/QIYI4J3E9az0i5UCld1vHqo
yNTOCQErlL/qpwdjsJTGEZ9J5I25X7x3RHl5fK9kFIMfRMr6pm+s8w4Vqk3uv6ws
LTSMkzn3IWWh9hZFoGER7g7EJqx07cWdIEJvhhoe5wtV4V1o6ktCrXkMWdQ0ReSj
cYMBsGbSQLqh0g==
-----END CERTIFICATE-----