Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          Ksw+UpbrcKaBvsb8EPul14meVK7eCBUYAXelcRb1e9I=
Subject key identifier:   2A:CC:14:E7:BE:F0:0A:9C:8B:81:0C:92:FA:67:9E:FE:83:13:C4:90
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       019645C49A55CEB67DC4C6B8D115D568B50F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          8A
Signing time:             Thu 17 Apr 2025 22:00:34 +0000
Manifest this update:     Thu 17 Apr 2025 22:00:34 +0000
Manifest next update:     Fri 18 Apr 2025 22:00:34 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: GDL0qjEc/D1PMH2VYBPa38U/pbUKqj+ERxZIRkvfy2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c4:9a:55:ce:b6:7d:c4:c6:b8:d1:15:d5:68:b5:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: Apr 17 22:00:34 2025 GMT
            Not After : Apr 18 22:00:34 2025 GMT
        Subject: CN=2acc14e7bef00a9c8b810c92fa679efe8313c490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f4:3c:d5:9c:5c:2e:38:d2:32:28:a7:c7:1b:
                    13:9f:2f:d6:61:5b:97:c3:81:bb:b1:7e:93:61:55:
                    74:82:a6:1e:81:b6:a0:de:94:7d:19:f1:c4:12:e2:
                    43:da:b5:b8:ab:c1:8b:88:5c:26:51:ab:67:bc:89:
                    34:0f:ae:4a:09:4c:8b:42:98:ec:4c:64:98:03:70:
                    65:ba:44:1b:82:e8:33:15:33:4e:4c:27:a3:17:ab:
                    8d:65:a5:2a:b4:37:fa:dd:3f:b2:6b:9a:e9:be:60:
                    75:0a:49:fe:e6:af:d6:48:4f:b0:6e:d0:d0:dd:ec:
                    e4:c0:9e:39:0e:e2:6a:86:96:e7:fe:27:52:9d:5c:
                    67:cc:d7:ed:45:5a:94:4a:3c:4e:9a:d8:e5:53:fd:
                    a5:3f:14:3b:0b:fa:b9:8f:96:3f:fd:ae:50:e0:3f:
                    27:96:25:49:1f:76:2f:04:d1:98:86:c0:c9:89:fe:
                    6b:49:0d:6e:95:99:15:ac:ad:65:e8:18:0f:7c:9a:
                    93:2f:00:2b:e8:dc:28:70:96:20:ec:7a:15:b7:ca:
                    d7:08:9f:db:2e:a2:76:12:dd:23:cd:d5:7a:e4:08:
                    cb:c9:aa:ca:9c:55:e6:50:aa:4a:f1:6c:c7:26:22:
                    dc:e9:89:f3:26:0f:35:2b:7b:c2:a4:c7:6f:b3:68:
                    35:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:CC:14:E7:BE:F0:0A:9C:8B:81:0C:92:FA:67:9E:FE:83:13:C4:90
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:fa:8d:ee:40:5e:6a:81:75:11:85:50:5c:51:1f:69:21:b4:
         d5:11:f6:6a:47:a3:13:43:45:36:59:25:50:1c:63:bc:33:be:
         f2:ae:2f:ae:b1:f4:79:28:35:0a:bc:71:5a:c1:b0:5b:35:90:
         fb:3d:e6:f6:36:96:5f:5b:74:39:b0:e2:28:c1:2b:27:7d:5f:
         76:ff:89:ad:17:4d:c4:8e:28:37:a3:70:ad:98:16:1d:9d:dc:
         2f:9e:3d:7e:87:ef:e0:db:d2:34:d8:ac:1a:c3:51:a9:79:82:
         9e:79:96:f5:88:f6:fa:72:87:43:ee:7c:8b:6d:46:eb:5d:fc:
         ae:c1:94:d5:5b:c1:12:99:3b:f6:d5:d3:1a:13:ac:54:d6:4a:
         46:41:60:36:be:8b:cd:9d:0b:59:8c:70:6c:38:1d:8a:2c:c5:
         2e:23:ac:4b:ac:6d:39:44:86:cc:8b:74:54:9c:c8:de:34:d3:
         97:d5:f2:6e:9f:30:c2:64:44:46:d3:03:51:3d:9b:e4:3a:d7:
         c4:04:d5:2e:51:9c:e7:a7:8e:9e:2f:f0:8c:65:46:b6:fd:6e:
         ce:33:62:1f:b4:4a:75:be:9e:e6:e5:06:00:5b:9f:93:22:9d:
         1b:2b:48:f8:4a:31:dd:92:c9:e0:76:55:8a:e3:e7:49:2e:55:
         e6:f8:ff:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxJpVzrZ9xMa40RXVaLUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjUwNDE3MjIwMDM0WhcNMjUwNDE4MjIwMDM0WjAzMTEwLwYDVQQD
EygyYWNjMTRlN2JlZjAwYTljOGI4MTBjOTJmYTY3OWVmZTgzMTNjNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvQ81ZxcLjjSMiinxxsTny/WYVuX
w4G7sX6TYVV0gqYegbag3pR9GfHEEuJD2rW4q8GLiFwmUatnvIk0D65KCUyLQpjs
TGSYA3BlukQbgugzFTNOTCejF6uNZaUqtDf63T+ya5rpvmB1Ckn+5q/WSE+wbtDQ
3ezkwJ45DuJqhpbn/idSnVxnzNftRVqUSjxOmtjlU/2lPxQ7C/q5j5Y//a5Q4D8n
liVJH3YvBNGYhsDJif5rSQ1ulZkVrK1l6BgPfJqTLwAr6NwocJYg7HoVt8rXCJ/b
LqJ2Et0jzdV65AjLyarKnFXmUKpK8WzHJiLc6YnzJg81K3vCpMdvs2g1ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrMFOe+8Aqci4EMkvpnnv6DE8SQMB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPqN7kBe
aoF1EYVQXFEfaSG01RH2akejE0NFNlklUBxjvDO+8q4vrrH0eSg1CrxxWsGwWzWQ
+z3m9jaWX1t0ObDiKMErJ31fdv+JrRdNxI4oN6NwrZgWHZ3cL549fofv4NvSNNis
GsNRqXmCnnmW9Yj2+nKHQ+58i21G6138rsGU1VvBEpk79tXTGhOsVNZKRkFgNr6L
zZ0LWYxwbDgdiizFLiOsS6xtOUSGzIt0VJzI3jTTl9Xybp8wwmRERtMDUT2b5DrX
xATVLlGc56eOni/wjGVGtv1uzjNiH7RKdb6e5uUGAFufkyKdGytI+Eox3ZLJ4HZV
iuPnSS5V5vj/tQ==
-----END CERTIFICATE-----