Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
File:                     ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json)
Hash identifier:          mMNNP9EBJ7tivaLZ6TVg4Ag0BhAhQPuKvEY+u7gAU78=
Subject key identifier:   D7:8D:E5:4F:A4:F0:07:B3:7B:81:EB:41:A7:97:45:D9:E5:CD:D2:EA
Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3
Certificate issuer:       /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
Certificate serial:       01975D25C67587FF0265B54811F059E2395D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
Manifest number:          0E33
Signing time:             Wed 11 Jun 2025 04:00:46 +0000
Manifest this update:     Wed 11 Jun 2025 04:00:46 +0000
Manifest next update:     Thu 12 Jun 2025 04:00:46 +0000
Files and hashes:         1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: xRkiEKrdtKPUUhsUePPVcTfjCkYqUWuOXGhUYKmyvZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:25:c6:75:87:ff:02:65:b5:48:11:f0:59:e2:39:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
        Validity
            Not Before: Jun 11 04:00:46 2025 GMT
            Not After : Jun 12 04:00:46 2025 GMT
        Subject: CN=d78de54fa4f007b37b81eb41a79745d9e5cdd2ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5c:aa:ee:ff:3e:4a:99:0f:aa:77:91:59:2f:
                    e4:bb:c6:e4:2b:5d:25:6e:b7:b9:4e:5b:b5:78:79:
                    f1:be:fb:49:e1:0a:6d:38:90:cb:32:91:7b:16:1f:
                    a4:58:f1:41:f4:44:68:e5:23:a1:eb:ae:ad:45:1d:
                    62:21:47:c1:0c:1d:a0:01:db:f0:8c:42:1f:b1:3c:
                    05:1e:8b:9a:7d:64:ce:03:ec:81:f0:0d:20:fb:15:
                    c7:4a:2a:20:b8:23:8d:e0:ae:5e:46:20:4f:f3:d6:
                    1a:19:4b:62:12:0f:44:60:96:d6:cf:09:70:2a:87:
                    a5:22:53:c8:05:cd:e1:81:28:b0:fb:89:68:35:b8:
                    a6:f2:3b:40:a3:ea:68:06:2f:cf:ec:0f:5b:e8:08:
                    80:43:4b:c0:3a:a6:2a:f8:03:59:b7:b3:a6:2f:69:
                    db:4e:d9:22:a3:11:dd:1b:ba:83:d8:76:26:e4:9d:
                    fc:ee:41:28:11:ab:f9:32:9c:16:2a:5a:22:40:11:
                    38:f7:be:bf:65:80:92:06:37:d6:07:c2:94:9d:8c:
                    c8:51:83:97:2c:82:57:60:b9:05:fb:ce:82:96:b4:
                    90:90:13:ca:2f:07:a5:87:a6:f8:6e:b7:5b:00:25:
                    f1:c9:c6:45:9a:e1:8b:2c:11:d6:57:25:2c:3f:07:
                    c3:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:8D:E5:4F:A4:F0:07:B3:7B:81:EB:41:A7:97:45:D9:E5:CD:D2:EA
            X509v3 Authority Key Identifier:
                keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ce:41:e3:a9:53:c3:87:c1:0e:88:a0:10:31:57:1e:64:99:
         b1:54:5e:f0:fb:25:6f:f8:e3:e8:45:09:b6:90:df:13:e8:71:
         37:9b:cd:4f:a2:55:8f:5b:cf:93:b7:cf:98:23:6b:39:42:e0:
         2a:9f:63:19:f9:11:40:c4:a0:50:bd:bb:53:3b:2d:24:76:65:
         42:a9:14:b8:91:e8:3d:9c:cf:03:c6:74:9b:28:7f:7d:c5:f7:
         19:34:55:a4:2d:cf:c0:d9:e2:41:62:b2:1c:7e:81:b5:78:0d:
         22:cf:0c:0d:e4:a9:e9:75:99:0c:ec:d5:55:3b:78:0f:c1:6b:
         43:ae:c6:0a:52:f7:07:86:3f:a5:2f:70:2b:11:d9:3e:e6:94:
         8c:47:6c:97:d2:0e:38:37:a3:f8:97:b8:11:c4:ed:0f:26:fa:
         06:c7:ef:f2:8b:80:7b:17:7c:77:94:d3:a2:90:4d:46:d1:9d:
         28:65:56:18:69:5d:0a:bd:13:44:1f:17:92:d6:9b:45:60:f6:
         d0:25:bf:76:db:e0:36:f4:d2:57:58:77:ae:b3:59:c0:7a:99:
         af:18:ea:98:c3:b9:9b:98:9f:4b:af:5d:8d:f9:4e:76:d5:6f:
         70:95:21:81:26:a1:98:f6:ad:e2:ef:d2:2b:5d:3c:5f:32:34:
         7d:af:2b:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddJcZ1h/8CZbVIEfBZ4jldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2
M2FhYjMwHhcNMjUwNjExMDQwMDQ2WhcNMjUwNjEyMDQwMDQ2WjAzMTEwLwYDVQQD
EyhkNzhkZTU0ZmE0ZjAwN2IzN2I4MWViNDFhNzk3NDVkOWU1Y2RkMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVyq7v8+SpkPqneRWS/ku8bkK10l
bre5Tlu1eHnxvvtJ4QptOJDLMpF7Fh+kWPFB9ERo5SOh666tRR1iIUfBDB2gAdvw
jEIfsTwFHouafWTOA+yB8A0g+xXHSioguCON4K5eRiBP89YaGUtiEg9EYJbWzwlw
KoelIlPIBc3hgSiw+4loNbim8jtAo+poBi/P7A9b6AiAQ0vAOqYq+ANZt7OmL2nb
TtkioxHdG7qD2HYm5J387kEoEav5MpwWKloiQBE4976/ZYCSBjfWB8KUnYzIUYOX
LIJXYLkF+86ClrSQkBPKLwelh6b4brdbACXxycZFmuGLLBHWVyUsPwfD9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeN5U+k8Aeze4HrQaeXRdnlzdLqMB8GA1UdIwQY
MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt
YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2
LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZM5B46lT
w4fBDoigEDFXHmSZsVRe8Pslb/jj6EUJtpDfE+hxN5vNT6JVj1vPk7fPmCNrOULg
Kp9jGfkRQMSgUL27UzstJHZlQqkUuJHoPZzPA8Z0myh/fcX3GTRVpC3PwNniQWKy
HH6BtXgNIs8MDeSp6XWZDOzVVTt4D8FrQ67GClL3B4Y/pS9wKxHZPuaUjEdsl9IO
ODej+Je4EcTtDyb6Bsfv8ouAexd8d5TTopBNRtGdKGVWGGldCr0TRB8XktabRWD2
0CW/dtvgNvTSV1h3rrNZwHqZrxjqmMO5m5ifS69djflOdtVvcJUhgSahmPat4u/S
K108XzI0fa8rxQ==
-----END CERTIFICATE-----