Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          jD7Tzaf9swyk9vYd296j4lOYl5WXvxmfJsiWchHOzSA=
Subject key identifier:   60:C5:27:B4:AA:33:E2:67:DC:B9:2C:D9:D0:27:C8:EB:43:AA:D6:93
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       019759EE2C5305E96DA2D9F57D719BCD5B3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          0119
Signing time:             Tue 10 Jun 2025 13:01:10 +0000
Manifest this update:     Tue 10 Jun 2025 13:01:10 +0000
Manifest next update:     Wed 11 Jun 2025 13:01:10 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: O4WtDk1Qs2p3RyQAVkBYi+tzofSLLpo4gjVAd2C7cSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ee:2c:53:05:e9:6d:a2:d9:f5:7d:71:9b:cd:5b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: Jun 10 13:01:10 2025 GMT
            Not After : Jun 11 13:01:10 2025 GMT
        Subject: CN=60c527b4aa33e267dcb92cd9d027c8eb43aad693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:a2:71:a3:ba:b2:99:e3:63:00:ec:7c:c9:3b:
                    d1:89:35:7d:f1:5f:14:66:62:6a:b8:cd:e4:2d:04:
                    f5:e8:58:46:a6:3d:93:b1:3e:60:bf:25:b4:3a:bc:
                    b8:06:e6:95:dc:dd:3d:32:e9:59:ab:4e:47:f4:1f:
                    57:54:93:ac:a8:13:c6:7b:6d:6c:0f:72:69:8d:09:
                    e7:ab:64:2a:33:3b:7f:c6:ff:2c:95:47:5d:62:da:
                    d9:2e:b6:64:59:06:6d:4d:58:76:e5:e3:e1:28:2d:
                    42:bd:d1:2c:de:c1:f4:43:e6:9d:bb:5e:14:6d:5c:
                    37:2e:d2:96:f6:47:77:01:db:95:8a:b2:22:1d:a2:
                    ff:a7:72:6a:f6:71:1e:dc:11:10:53:2d:68:f4:05:
                    71:1f:f7:71:15:c5:83:d0:73:ce:24:24:8b:85:e2:
                    43:96:af:22:53:02:b1:4b:a5:32:38:49:27:26:6f:
                    9a:c4:3b:6e:22:dc:10:c5:c7:29:3e:c4:1d:3b:5b:
                    93:f6:33:06:f7:70:e0:f0:b9:13:54:33:21:db:cc:
                    bc:9b:ba:38:b6:cd:6d:d0:7e:7c:e6:e7:3d:bb:47:
                    df:5e:e6:27:2e:1e:9b:56:30:45:ed:23:16:cb:b0:
                    5c:97:f8:cb:7b:16:80:b0:2d:59:af:c1:66:fc:64:
                    4c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C5:27:B4:AA:33:E2:67:DC:B9:2C:D9:D0:27:C8:EB:43:AA:D6:93
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:a0:cb:05:60:34:16:3f:8e:2b:f9:67:e4:13:62:12:53:11:
         9b:26:8d:b6:89:6d:25:4a:db:d1:fd:8d:28:a7:a6:a7:05:95:
         23:3b:9b:8b:84:01:54:86:eb:74:d4:92:12:75:d0:a2:c9:df:
         ce:fc:aa:01:0d:34:db:e1:fb:f1:c3:35:a3:70:28:c6:0d:bd:
         60:c3:0f:29:bc:9d:91:d5:e3:67:74:80:57:8a:a6:28:cf:da:
         ed:68:8c:bd:20:ab:de:de:fd:5a:b5:b2:43:79:cd:70:78:5a:
         7b:72:3e:ec:5c:9a:be:a8:f7:7e:c5:79:55:8f:70:6a:14:ec:
         de:9b:fa:7b:ea:90:6c:d5:5d:e4:92:7c:6b:9e:44:3e:d4:e1:
         cf:2b:78:19:89:9b:52:a5:20:4a:17:46:f4:e6:94:80:fa:74:
         bb:36:f8:14:8a:88:4d:3b:8f:0e:5c:51:f6:ce:b5:1a:b8:42:
         d7:fd:4c:ba:85:b8:e7:e0:5f:cd:99:43:70:38:f1:2f:44:d5:
         d2:3c:57:35:75:53:43:cd:ec:ad:bc:7c:17:53:89:eb:01:15:
         30:8c:09:91:d7:60:9a:15:a1:cb:87:02:9a:68:79:52:90:7f:
         07:aa:f5:32:37:0f:bf:7a:2e:bf:37:5c:80:13:0e:0c:71:a9:
         7b:86:fd:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7ixTBeltotn1fXGbzVs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjUwNjEwMTMwMTEwWhcNMjUwNjExMTMwMTEwWjAzMTEwLwYDVQQD
Eyg2MGM1MjdiNGFhMzNlMjY3ZGNiOTJjZDlkMDI3YzhlYjQzYWFkNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaJxo7qymeNjAOx8yTvRiTV98V8U
ZmJquM3kLQT16FhGpj2TsT5gvyW0Ory4BuaV3N09MulZq05H9B9XVJOsqBPGe21s
D3JpjQnnq2QqMzt/xv8slUddYtrZLrZkWQZtTVh25ePhKC1CvdEs3sH0Q+adu14U
bVw3LtKW9kd3AduVirIiHaL/p3Jq9nEe3BEQUy1o9AVxH/dxFcWD0HPOJCSLheJD
lq8iUwKxS6UyOEknJm+axDtuItwQxccpPsQdO1uT9jMG93Dg8LkTVDMh28y8m7o4
ts1t0H585uc9u0ffXuYnLh6bVjBF7SMWy7Bcl/jLexaAsC1Zr8Fm/GRMMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDFJ7SqM+Jn3Lks2dAnyOtDqtaTMB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqDLBWA0
Fj+OK/ln5BNiElMRmyaNtoltJUrb0f2NKKempwWVIzubi4QBVIbrdNSSEnXQosnf
zvyqAQ002+H78cM1o3Aoxg29YMMPKbydkdXjZ3SAV4qmKM/a7WiMvSCr3t79WrWy
Q3nNcHhae3I+7Fyavqj3fsV5VY9wahTs3pv6e+qQbNVd5JJ8a55EPtThzyt4GYmb
UqUgShdG9OaUgPp0uzb4FIqITTuPDlxR9s61GrhC1/1MuoW45+BfzZlDcDjxL0TV
0jxXNXVTQ83srbx8F1OJ6wEVMIwJkddgmhWhy4cCmmh5UpB/B6r1MjcPv3ouvzdc
gBMODHGpe4b9wA==
-----END CERTIFICATE-----