Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          /qd2GzP3tp2WYHIks1zmu2SHSok0Hw+3I77ZQ4LA5Kk=
Subject key identifier:   73:3C:3E:8B:32:7E:B7:7E:9F:0D:30:8A:35:97:CD:3B:8B:88:9E:39
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       019754232D957DD97CABA84781F765174BEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          0116
Signing time:             Mon 09 Jun 2025 10:01:20 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:20 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:20 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: k2uWMSMUfphtUEvNrqozYHaKT47P5MZM9IzNm2ZLCmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:2d:95:7d:d9:7c:ab:a8:47:81:f7:65:17:4b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: Jun  9 10:01:20 2025 GMT
            Not After : Jun 10 10:01:20 2025 GMT
        Subject: CN=733c3e8b327eb77e9f0d308a3597cd3b8b889e39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:13:06:90:51:2d:f4:e0:3d:6b:4d:31:1b:e0:
                    4c:bb:8c:c5:73:07:da:e7:40:ec:8a:7c:82:5a:35:
                    fa:22:03:f5:fe:45:a4:6f:40:1c:84:99:50:a3:09:
                    53:70:d2:47:2e:7f:75:80:36:46:6e:51:c6:71:3e:
                    67:93:52:f2:0e:2a:c7:ca:8a:6b:f5:d3:9e:c4:2c:
                    d3:40:55:5c:e0:0c:76:6c:7b:45:e6:65:16:c3:9d:
                    f4:a0:d6:34:5a:8c:6b:d9:4c:07:87:d9:59:74:d2:
                    74:79:b3:1c:f4:be:40:13:85:65:28:32:1c:44:ea:
                    54:45:59:f5:fc:e1:79:4a:a9:9c:00:26:14:0d:8d:
                    e9:d1:54:ac:cd:5d:ff:a0:6e:0c:71:17:1c:8c:e2:
                    de:55:f9:bf:be:2c:7a:23:a5:ef:3d:12:ee:16:17:
                    b0:8c:d3:32:7e:b6:f5:ed:e0:c7:4d:07:e8:73:e0:
                    af:d3:9a:39:67:bd:09:cd:59:ae:c4:ad:53:d1:58:
                    70:29:de:ae:77:be:77:c6:63:af:7c:1d:48:cd:cf:
                    2a:59:ab:ce:af:be:98:e2:9f:1a:a3:b1:8e:7a:cd:
                    8d:45:55:ec:8f:5b:60:c4:62:d3:b9:79:14:88:81:
                    70:02:02:1f:cf:77:df:6c:e8:60:cc:cb:83:fd:bc:
                    a2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:3C:3E:8B:32:7E:B7:7E:9F:0D:30:8A:35:97:CD:3B:8B:88:9E:39
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c4:da:44:dc:c5:05:e2:17:d6:6e:71:0e:0c:8c:5c:d6:b1:
         c5:a4:14:a0:35:c8:a6:f6:8d:af:eb:ff:ee:39:9a:5a:86:25:
         57:f8:88:51:4f:99:a3:4d:8f:66:c6:18:2e:aa:88:af:10:37:
         df:c2:43:e0:01:35:40:c5:96:41:56:be:fc:50:e4:d0:80:6d:
         0b:81:41:9a:ce:c9:a8:21:31:5b:8a:ef:fd:bb:8d:e8:fd:62:
         75:af:f3:50:9c:bb:c0:c5:d4:aa:93:ba:ba:65:32:b6:bc:49:
         43:8b:a2:a8:18:eb:46:6a:da:f3:79:4b:ed:d3:d3:ef:3b:4a:
         ff:50:df:62:82:e0:26:73:37:23:17:42:bd:d4:29:ba:23:66:
         8f:31:0e:bd:b5:ec:76:9c:3c:85:db:5c:0a:e7:26:8c:f7:cf:
         90:fd:19:c1:1f:5c:31:30:5a:5a:de:26:87:bb:e5:88:03:ff:
         4b:28:b1:f8:96:b0:33:fd:a1:35:ef:3a:53:9c:83:43:78:4f:
         b7:9a:46:67:a0:02:19:89:d6:08:1e:14:34:9c:65:25:6c:5e:
         ed:58:95:2f:bc:d9:7f:c0:a2:60:1f:ba:e6:62:c1:77:88:a7:
         52:35:41:4d:27:83:d5:3a:11:82:36:cc:87:b7:62:f1:1c:0d:
         27:09:79:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIy2Vfdl8q6hHgfdlF0vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjUwNjA5MTAwMTIwWhcNMjUwNjEwMTAwMTIwWjAzMTEwLwYDVQQD
Eyg3MzNjM2U4YjMyN2ViNzdlOWYwZDMwOGEzNTk3Y2QzYjhiODg5ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hMGkFEt9OA9a00xG+BMu4zFcwfa
50DsinyCWjX6IgP1/kWkb0AchJlQowlTcNJHLn91gDZGblHGcT5nk1LyDirHyopr
9dOexCzTQFVc4Ax2bHtF5mUWw530oNY0Woxr2UwHh9lZdNJ0ebMc9L5AE4VlKDIc
ROpURVn1/OF5SqmcACYUDY3p0VSszV3/oG4McRccjOLeVfm/vix6I6XvPRLuFhew
jNMyfrb17eDHTQfoc+Cv05o5Z70JzVmuxK1T0VhwKd6ud753xmOvfB1Izc8qWavO
r76Y4p8ao7GOes2NRVXsj1tgxGLTuXkUiIFwAgIfz3ffbOhgzMuD/byiSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHM8Posyfrd+nw0wijWXzTuLiJ45MB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGsTaRNzF
BeIX1m5xDgyMXNaxxaQUoDXIpvaNr+v/7jmaWoYlV/iIUU+Zo02PZsYYLqqIrxA3
38JD4AE1QMWWQVa+/FDk0IBtC4FBms7JqCExW4rv/buN6P1ida/zUJy7wMXUqpO6
umUytrxJQ4uiqBjrRmra83lL7dPT7ztK/1DfYoLgJnM3IxdCvdQpuiNmjzEOvbXs
dpw8hdtcCucmjPfPkP0ZwR9cMTBaWt4mh7vliAP/Syix+JawM/2hNe86U5yDQ3hP
t5pGZ6ACGYnWCB4UNJxlJWxe7ViVL7zZf8CiYB+65mLBd4inUjVBTSeD1ToRgjbM
h7di8RwNJwl5Eg==
-----END CERTIFICATE-----