Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          KgC5dwsju7O/99w/oa1oSwYlQoUgF+J8AN9+lPPtoIE=
Subject key identifier:   22:78:38:13:33:FD:A7:B8:01:A4:60:52:44:EC:83:2A:8D:FA:90:D9
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       0197512151F7D2BD55BCFEB589EF9FA80837
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          09B9
Signing time:             Sun 08 Jun 2025 20:00:27 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:27 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:27 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: QMo+CfDYJkzm+x4k4j3etkTHaw3I8obA96z1ZIRcILM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:51:f7:d2:bd:55:bc:fe:b5:89:ef:9f:a8:08:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Jun  8 20:00:27 2025 GMT
            Not After : Jun  9 20:00:27 2025 GMT
        Subject: CN=2278381333fda7b801a4605244ec832a8dfa90d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8c:4e:ee:49:63:d6:1e:ee:40:b7:8d:af:84:
                    c6:6b:7b:45:4c:8e:1d:73:55:1e:86:70:10:69:89:
                    54:62:80:6a:12:0c:f0:5f:d1:d2:62:77:22:ba:a6:
                    d3:a2:7b:94:ae:04:1e:06:33:05:38:30:ea:7f:85:
                    d4:3f:d2:73:1c:97:dd:ba:15:da:e9:ce:23:23:c5:
                    ed:e5:18:60:ba:02:2b:98:c0:37:4c:4d:1d:9f:a6:
                    c0:28:6e:47:83:e1:7c:99:61:bf:84:da:05:95:4b:
                    e3:b4:af:4f:9a:a3:63:05:67:c2:ca:a6:51:c9:33:
                    8e:cc:fc:ae:73:21:30:b4:08:9c:5c:77:c8:da:46:
                    7b:22:1e:35:83:e5:81:bc:a5:77:45:5b:5e:7e:18:
                    58:6e:24:45:25:9c:4b:e5:da:e3:e8:c0:49:6e:53:
                    81:c6:2e:f0:ce:cd:21:87:ae:4f:43:cc:53:65:0a:
                    51:2d:6b:16:01:c9:2c:de:2a:a2:59:b9:51:c4:27:
                    76:21:96:18:69:1a:59:38:48:c1:14:71:bf:3a:c8:
                    34:a0:58:a6:1f:8f:2d:12:5d:4b:a8:d3:0a:f3:27:
                    8e:43:88:b6:b9:85:96:53:50:8c:7a:ed:b5:21:68:
                    67:03:39:dc:a1:21:35:a7:f7:c7:5e:0a:b9:87:ca:
                    7e:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:78:38:13:33:FD:A7:B8:01:A4:60:52:44:EC:83:2A:8D:FA:90:D9
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:d5:73:e5:21:7e:10:37:ea:a5:f7:53:9d:86:2c:df:0f:1e:
         59:8b:46:1a:4e:54:a7:cf:ea:82:32:ce:07:77:74:9f:c1:ed:
         00:d8:df:e8:2e:82:ee:d3:a7:bd:36:9f:9a:9d:e4:e2:56:dd:
         5e:05:af:fa:e0:8f:f4:03:72:e7:e5:18:42:fd:e8:bc:6e:ce:
         73:51:01:f3:98:e5:b2:4f:c2:80:73:f9:7d:e4:67:f4:04:47:
         ca:f3:95:5a:98:4f:39:6b:72:e3:db:99:e2:e3:75:38:10:2a:
         32:3a:ec:23:4a:47:03:3d:67:d6:26:e5:a5:43:18:13:11:f2:
         cd:9c:9e:a6:f5:0b:09:b2:81:7a:1d:1b:84:95:e1:a1:54:dc:
         a3:59:3e:ac:a4:b9:5e:2c:7c:4c:ca:a4:4d:bc:cc:9d:f7:3e:
         74:a6:a8:09:a3:aa:31:ba:11:90:a5:ea:d3:2e:34:90:b2:b4:
         21:fc:94:8e:9b:b0:4f:d8:c7:19:81:b7:d0:37:c9:00:ec:3c:
         2a:c1:f0:20:56:f9:4c:41:9e:ec:73:27:68:c4:82:5a:87:f5:
         89:13:06:db:85:04:c0:cc:a5:a1:1c:c0:2a:37:38:73:3a:6b:
         86:2a:3d:2a:9b:dc:4b:32:16:08:ea:03:33:8a:4a:0f:2c:39:
         fd:20:d0:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIVH30r1VvP61ie+fqAg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwNjA4MjAwMDI3WhcNMjUwNjA5MjAwMDI3WjAzMTEwLwYDVQQD
EygyMjc4MzgxMzMzZmRhN2I4MDFhNDYwNTI0NGVjODMyYThkZmE5MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04xO7klj1h7uQLeNr4TGa3tFTI4d
c1UehnAQaYlUYoBqEgzwX9HSYnciuqbTonuUrgQeBjMFODDqf4XUP9JzHJfduhXa
6c4jI8Xt5RhgugIrmMA3TE0dn6bAKG5Hg+F8mWG/hNoFlUvjtK9PmqNjBWfCyqZR
yTOOzPyucyEwtAicXHfI2kZ7Ih41g+WBvKV3RVtefhhYbiRFJZxL5drj6MBJblOB
xi7wzs0hh65PQ8xTZQpRLWsWAcks3iqiWblRxCd2IZYYaRpZOEjBFHG/Osg0oFim
H48tEl1LqNMK8yeOQ4i2uYWWU1CMeu21IWhnAzncoSE1p/fHXgq5h8p+kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJ4OBMz/ae4AaRgUkTsgyqN+pDZMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEActVz5SF+
EDfqpfdTnYYs3w8eWYtGGk5Up8/qgjLOB3d0n8HtANjf6C6C7tOnvTafmp3k4lbd
XgWv+uCP9ANy5+UYQv3ovG7Oc1EB85jlsk/CgHP5feRn9ARHyvOVWphPOWty49uZ
4uN1OBAqMjrsI0pHAz1n1iblpUMYExHyzZyepvULCbKBeh0bhJXhoVTco1k+rKS5
Xix8TMqkTbzMnfc+dKaoCaOqMboRkKXq0y40kLK0IfyUjpuwT9jHGYG30DfJAOw8
KsHwIFb5TEGe7HMnaMSCWof1iRMG24UEwMyloRzAKjc4czprhio9KpvcSzIWCOoD
M4pKDyw5/SDQlw==
-----END CERTIFICATE-----