Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
File:                     ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json)
Hash identifier:          udHuximGl1jBfuIC2d4tzMT3b6qAu349ptJ6G6XbBzo=
Subject key identifier:   DB:F6:53:B9:FB:AD:EA:59:38:BE:71:0B:4D:F4:0B:20:7F:14:20:2E
Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3
Certificate issuer:       /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
Certificate serial:       0197537E0ED358D5A740F863F5D87C9786CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
Manifest number:          0E2E
Signing time:             Mon 09 Jun 2025 07:00:59 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:59 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:59 +0000
Files and hashes:         1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: c1WzEZv7kjCmeDNgZh0EnwTsIf8eZapXUtdwTzWYmZ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7e:0e:d3:58:d5:a7:40:f8:63:f5:d8:7c:97:86:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
        Validity
            Not Before: Jun  9 07:00:59 2025 GMT
            Not After : Jun 10 07:00:59 2025 GMT
        Subject: CN=dbf653b9fbadea5938be710b4df40b207f14202e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:fa:4c:ea:36:bc:9d:20:88:92:23:bd:93:23:
                    63:ad:53:10:c5:48:fb:90:0e:b7:17:4e:08:93:ed:
                    a1:c7:7c:f5:fc:0d:f1:94:b9:da:6e:94:b0:23:47:
                    a2:dc:cc:57:ab:7b:0e:0a:f8:9d:27:7a:c6:70:2c:
                    6c:59:60:0b:08:9c:b1:2e:5b:17:ad:45:26:cc:4b:
                    04:8e:4b:0c:56:20:9b:eb:89:6e:08:5e:d4:07:2f:
                    bc:2d:b8:3b:34:a6:38:d7:e6:e0:fc:63:1e:01:42:
                    f2:0f:b3:35:ee:98:b1:62:70:4e:0f:d5:5e:6a:01:
                    e5:d7:61:83:93:1f:a1:47:8d:d6:6d:41:a3:a1:f6:
                    b6:a4:b1:48:d6:e1:dc:4c:f9:6d:fd:e1:8c:d3:72:
                    78:8e:fa:17:c6:86:e3:08:77:c4:82:5d:83:2b:1f:
                    db:d4:04:be:5f:e2:42:b1:b4:00:f6:c0:02:1f:71:
                    ee:a2:e1:8b:ff:da:ed:3b:13:77:5e:c1:42:19:86:
                    e0:c8:8b:b3:66:77:53:9a:bf:93:4b:ba:91:4c:4e:
                    d2:29:dd:8d:34:a6:cd:63:20:e7:0e:11:fe:14:c7:
                    b7:26:23:aa:84:d7:86:12:5e:40:8e:d3:07:50:69:
                    55:1e:bc:c1:ad:03:d3:5a:2b:2f:bc:45:65:56:cc:
                    2a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F6:53:B9:FB:AD:EA:59:38:BE:71:0B:4D:F4:0B:20:7F:14:20:2E
            X509v3 Authority Key Identifier:
                keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:12:27:88:20:ab:f3:bf:f7:f7:b9:5e:7f:0b:6b:b8:56:e2:
         90:3b:2e:ca:ea:bd:3b:75:8e:35:20:69:12:0c:4d:14:72:02:
         30:d3:0b:f1:34:c0:65:a9:78:c6:aa:40:29:c6:88:38:ae:da:
         f1:b9:42:a3:38:51:9d:cd:45:bb:d8:1a:ab:b8:d1:8c:7e:6d:
         77:31:6d:8f:8e:62:52:01:c5:35:29:6a:e2:2d:de:38:9a:c2:
         8b:e2:ac:15:53:f0:34:8f:3e:25:61:2c:f1:2c:a0:18:58:ef:
         ad:40:9b:9c:00:49:61:8e:c4:9a:95:9f:1f:ba:64:b0:de:af:
         fd:a1:bd:98:2f:31:fd:3a:a5:c0:db:75:f5:db:e9:73:68:81:
         13:dc:bf:5b:59:b9:fb:35:3b:85:51:fb:8f:0c:c6:fa:0d:36:
         db:c8:4b:61:84:db:0e:47:7f:83:38:59:74:85:f7:eb:29:51:
         dc:66:0d:28:a2:3e:78:ea:81:22:bf:05:01:55:cf:45:6b:7f:
         f5:a4:3f:13:db:e4:7b:b8:66:71:1f:56:a8:f8:1c:51:38:5a:
         56:90:a6:bd:5e:ef:94:01:f8:b9:e6:53:c2:79:91:58:c5:a3:
         a3:55:7b:c8:ec:d4:d2:3a:0c:7b:e7:e5:34:a5:15:f4:72:e0:
         d7:31:ac:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfg7TWNWnQPhj9dh8l4bPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2
M2FhYjMwHhcNMjUwNjA5MDcwMDU5WhcNMjUwNjEwMDcwMDU5WjAzMTEwLwYDVQQD
EyhkYmY2NTNiOWZiYWRlYTU5MzhiZTcxMGI0ZGY0MGIyMDdmMTQyMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vpM6ja8nSCIkiO9kyNjrVMQxUj7
kA63F04Ik+2hx3z1/A3xlLnabpSwI0ei3MxXq3sOCvidJ3rGcCxsWWALCJyxLlsX
rUUmzEsEjksMViCb64luCF7UBy+8Lbg7NKY41+bg/GMeAULyD7M17pixYnBOD9Ve
agHl12GDkx+hR43WbUGjofa2pLFI1uHcTPlt/eGM03J4jvoXxobjCHfEgl2DKx/b
1AS+X+JCsbQA9sACH3HuouGL/9rtOxN3XsFCGYbgyIuzZndTmr+TS7qRTE7SKd2N
NKbNYyDnDhH+FMe3JiOqhNeGEl5AjtMHUGlVHrzBrQPTWisvvEVlVswqNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNv2U7n7repZOL5xC030CyB/FCAuMB8GA1UdIwQY
MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt
YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2
LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADBIniCCr
87/397lefwtruFbikDsuyuq9O3WONSBpEgxNFHICMNML8TTAZal4xqpAKcaIOK7a
8blCozhRnc1Fu9gaq7jRjH5tdzFtj45iUgHFNSlq4i3eOJrCi+KsFVPwNI8+JWEs
8SygGFjvrUCbnABJYY7EmpWfH7pksN6v/aG9mC8x/TqlwNt19dvpc2iBE9y/W1m5
+zU7hVH7jwzG+g0228hLYYTbDkd/gzhZdIX36ylR3GYNKKI+eOqBIr8FAVXPRWt/
9aQ/E9vke7hmcR9WqPgcUThaVpCmvV7vlAH4ueZTwnmRWMWjo1V7yOzU0joMe+fl
NKUV9HLg1zGsdA==
-----END CERTIFICATE-----