Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          qHC/LwthPRIPY+GQWn8V5x7jbzqE8q0sGc1vltinBCI=
Subject key identifier:   75:01:96:0E:55:3E:2E:2C:71:F3:A4:A0:83:AD:A4:13:C8:5E:EF:D7
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       01965613A82701FBAA70D8EBB17A3905E398
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0937
Signing time:             Mon 21 Apr 2025 02:00:50 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:50 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:50 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: y9ppyGrG3uZCvsvJ2ag0cN+Qhh6hLnW+oPV2d1CVoAA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:a8:27:01:fb:aa:70:d8:eb:b1:7a:39:05:e3:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Apr 21 02:00:50 2025 GMT
            Not After : Apr 22 02:00:50 2025 GMT
        Subject: CN=7501960e553e2e2c71f3a4a083ada413c85eefd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ba:04:c1:ba:5b:13:b3:79:bf:a6:f1:15:97:
                    95:6c:70:ee:7e:45:6a:d8:87:ea:72:8d:03:54:cc:
                    4f:37:bd:5c:6f:18:8c:55:62:de:2b:d8:6d:56:bf:
                    5f:98:59:59:2d:83:f7:22:c0:88:ad:48:a9:7b:5d:
                    0d:4b:e5:37:0c:2d:43:37:b0:6e:06:10:33:2b:53:
                    44:57:23:b9:be:b4:56:c6:b5:06:32:b0:59:af:22:
                    dc:fa:16:63:af:c9:82:a7:0d:f7:47:30:51:21:a8:
                    e9:f9:44:12:fb:78:58:b8:d6:80:1a:25:d0:db:03:
                    d6:b9:75:b0:1b:4c:08:46:1f:00:1a:31:98:4f:fc:
                    b1:6a:4d:6e:4b:99:e8:35:8d:5b:11:d3:fe:3a:f7:
                    0b:e8:eb:47:34:04:88:da:9a:70:91:d2:b1:bc:8a:
                    f1:d9:cf:8d:64:72:bd:b9:3d:a8:a8:fa:2f:b3:cd:
                    67:55:f5:c7:46:cd:b9:e5:11:78:42:12:4e:19:fa:
                    6e:b1:56:d3:4f:2b:96:c6:93:12:b9:43:93:01:e0:
                    f2:39:bc:9a:00:27:4a:ea:e7:29:57:e4:7b:52:43:
                    0c:1d:79:5e:ff:d5:38:42:03:33:d8:94:c3:52:af:
                    63:3e:e5:48:c6:52:c8:1e:5f:4e:40:a2:92:b3:f9:
                    17:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:01:96:0E:55:3E:2E:2C:71:F3:A4:A0:83:AD:A4:13:C8:5E:EF:D7
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:76:c1:4d:c0:f6:94:29:3f:9b:c5:d1:13:96:d5:b8:5f:9c:
         a2:10:2c:c0:b0:b7:55:dd:0e:fa:eb:14:7b:3f:2d:d0:79:e8:
         c2:f5:b5:65:71:af:4a:de:7a:cd:39:5f:d3:0b:fa:64:92:d6:
         e6:7c:e1:a0:82:a7:9c:cd:ec:be:d8:bc:0c:fa:3e:10:61:ca:
         fe:c7:df:6c:df:4b:6a:9f:f4:08:fb:a9:14:bd:e6:58:6c:b1:
         7c:77:e7:c5:9b:9b:5b:c3:fc:94:11:68:0f:a2:38:92:c8:fa:
         da:42:72:1e:ab:dc:40:ba:b4:b0:d9:99:2c:5d:5d:f5:6e:b2:
         9e:a6:02:36:7f:14:83:a9:44:a7:3f:c9:46:25:a1:33:aa:86:
         d1:11:78:8b:3a:74:f3:e5:73:29:f3:f9:cb:75:2d:93:fe:6e:
         9e:b4:79:90:36:ec:d9:39:98:22:44:3a:27:a3:e7:55:e9:4e:
         8b:10:0d:26:d0:62:07:73:ac:9a:5e:27:fe:e4:1d:e6:29:97:
         1c:d8:53:56:82:71:41:ef:b2:38:aa:56:9c:46:2c:8b:6e:15:
         c9:74:4b:61:04:76:b0:1d:c7:3b:9d:20:c2:ef:a1:64:a0:62:
         1e:99:4d:b7:26:33:ff:5a:ce:21:85:c9:bc:5f:b9:98:bb:0d:
         a1:6c:e0:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE6gnAfuqcNjrsXo5BeOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwNDIxMDIwMDUwWhcNMjUwNDIyMDIwMDUwWjAzMTEwLwYDVQQD
Eyg3NTAxOTYwZTU1M2UyZTJjNzFmM2E0YTA4M2FkYTQxM2M4NWVlZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LoEwbpbE7N5v6bxFZeVbHDufkVq
2Ifqco0DVMxPN71cbxiMVWLeK9htVr9fmFlZLYP3IsCIrUipe10NS+U3DC1DN7Bu
BhAzK1NEVyO5vrRWxrUGMrBZryLc+hZjr8mCpw33RzBRIajp+UQS+3hYuNaAGiXQ
2wPWuXWwG0wIRh8AGjGYT/yxak1uS5noNY1bEdP+OvcL6OtHNASI2ppwkdKxvIrx
2c+NZHK9uT2oqPovs81nVfXHRs255RF4QhJOGfpusVbTTyuWxpMSuUOTAeDyObya
ACdK6ucpV+R7UkMMHXle/9U4QgMz2JTDUq9jPuVIxlLIHl9OQKKSs/kXAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUBlg5VPi4scfOkoIOtpBPIXu/XMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf3bBTcD2
lCk/m8XRE5bVuF+cohAswLC3Vd0O+usUez8t0HnowvW1ZXGvSt56zTlf0wv6ZJLW
5nzhoIKnnM3svti8DPo+EGHK/sffbN9Lap/0CPupFL3mWGyxfHfnxZubW8P8lBFo
D6I4ksj62kJyHqvcQLq0sNmZLF1d9W6ynqYCNn8Ug6lEpz/JRiWhM6qG0RF4izp0
8+VzKfP5y3Utk/5unrR5kDbs2TmYIkQ6J6PnVelOixANJtBiB3Osml4n/uQd5imX
HNhTVoJxQe+yOKpWnEYsi24VyXRLYQR2sB3HO50gwu+hZKBiHplNtyYz/1rOIYXJ
vF+5mLsNoWzg8A==
-----END CERTIFICATE-----