Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File:                     ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier:          lBpedeYJl+Emq6nYO4noGc6O+H5G2F8b7TADohMbOuc=
Subject key identifier:   3D:58:57:A3:25:30:96:25:F1:8F:B0:E0:90:4B:F8:E0:0B:45:D5:BF
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer:       /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial:       01976D06B08837030AF155AF2827ABFA4873
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number:          0111
Signing time:             Sat 14 Jun 2025 06:00:44 +0000
Manifest this update:     Sat 14 Jun 2025 06:00:44 +0000
Manifest next update:     Sun 15 Jun 2025 06:00:44 +0000
Files and hashes:         1: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: VZQ9GrlyYMOz/lypjewA0F7sSBAgISCR1bjvCCeAxYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:b0:88:37:03:0a:f1:55:af:28:27:ab:fa:48:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
        Validity
            Not Before: Jun 14 06:00:44 2025 GMT
            Not After : Jun 15 06:00:44 2025 GMT
        Subject: CN=3d5857a325309625f18fb0e0904bf8e00b45d5bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c3:5b:9f:e5:24:4a:64:9f:27:1f:f2:82:bd:
                    46:ad:4e:64:b2:70:d9:40:9f:b7:b7:d9:5e:ee:48:
                    01:9e:2a:1d:fc:17:a9:9e:14:8e:55:84:0a:f2:1d:
                    cb:9e:51:90:2a:ab:db:3f:ef:07:4a:50:0d:2e:2b:
                    3d:82:30:e2:2b:15:90:d8:ac:d5:17:49:38:fc:e4:
                    3c:b2:8f:3c:ba:3c:c4:a6:1a:0e:b3:29:1c:42:db:
                    c7:11:dd:98:60:40:e4:07:eb:ec:a6:5d:5b:e2:e2:
                    0f:bf:56:80:e8:52:22:df:9b:19:14:5e:59:e6:7d:
                    6e:71:36:f8:b9:29:46:5a:96:6c:ac:69:3f:d2:cd:
                    6c:a6:77:5e:d7:f8:ed:bb:88:40:52:c2:b7:ac:7d:
                    5b:a1:ed:b7:77:0b:a9:ff:d9:f6:db:fa:ff:3a:81:
                    5b:bd:0b:55:d7:cb:2e:0f:00:be:22:6a:04:e0:bb:
                    77:5e:7f:a3:e5:33:4f:a1:64:6d:c0:53:57:84:6e:
                    36:73:ec:7d:9e:87:9b:89:66:62:f1:c1:09:63:0f:
                    7b:83:08:56:5f:a2:2a:95:a1:0d:8e:24:ef:ad:4b:
                    cd:9d:13:2c:2b:f3:7b:71:9f:cf:34:96:0a:32:08:
                    7e:48:25:7e:6d:c7:ac:d9:91:5e:3e:e2:e4:b5:aa:
                    8d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:58:57:A3:25:30:96:25:F1:8F:B0:E0:90:4B:F8:E0:0B:45:D5:BF
            X509v3 Authority Key Identifier:
                keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c8:cb:62:4c:85:f0:42:4a:d0:85:dc:97:a2:2c:83:ca:03:
         3d:73:ac:46:b6:07:3f:06:bf:a8:28:d0:ff:d4:a4:4e:00:f2:
         8d:f1:37:6e:d9:1b:38:98:ca:cd:aa:39:89:3f:0f:8f:69:e4:
         ad:7d:50:46:48:f7:24:73:1c:a4:27:9f:ed:c4:b6:9f:39:3b:
         ef:79:46:38:5e:72:7a:90:ee:68:f6:79:d0:e4:70:87:2f:50:
         7e:67:70:4c:44:52:d5:00:e9:f2:01:d5:35:61:26:08:69:d5:
         28:35:b1:e0:e1:46:6b:f8:3a:c9:07:09:78:18:2c:5e:e9:35:
         51:81:32:b5:58:31:f9:44:f2:41:d1:96:7c:72:0d:ff:5b:0f:
         99:c4:7a:b4:4b:11:2a:41:e5:87:83:e6:ed:9f:d5:ea:0e:fa:
         fc:9b:85:b8:95:56:e9:b3:a7:f6:e2:67:66:ed:0a:fb:26:64:
         63:fc:37:5d:d2:50:d0:94:47:b5:27:0b:42:d5:f1:9c:3e:1a:
         b5:51:f4:9c:29:84:2a:c3:70:ae:3c:83:ea:6c:a0:c3:c5:43:
         90:83:01:dc:77:c5:c8:d1:d6:9d:1e:69:aa:66:52:f8:f0:35:
         69:c7:20:73:4d:3e:85:cc:83:fd:3a:72:6a:a1:f5:a3:15:11:
         71:da:dd:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBrCINwMK8VWvKCer+khzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjUwNjE0MDYwMDQ0WhcNMjUwNjE1MDYwMDQ0WjAzMTEwLwYDVQQD
EygzZDU4NTdhMzI1MzA5NjI1ZjE4ZmIwZTA5MDRiZjhlMDBiNDVkNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcNbn+UkSmSfJx/ygr1GrU5ksnDZ
QJ+3t9le7kgBniod/BepnhSOVYQK8h3LnlGQKqvbP+8HSlANLis9gjDiKxWQ2KzV
F0k4/OQ8so88ujzEphoOsykcQtvHEd2YYEDkB+vspl1b4uIPv1aA6FIi35sZFF5Z
5n1ucTb4uSlGWpZsrGk/0s1spnde1/jtu4hAUsK3rH1boe23dwup/9n22/r/OoFb
vQtV18suDwC+ImoE4Lt3Xn+j5TNPoWRtwFNXhG42c+x9noebiWZi8cEJYw97gwhW
X6IqlaENjiTvrUvNnRMsK/N7cZ/PNJYKMgh+SCV+bces2ZFePuLktaqNswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1YV6MlMJYl8Y+w4JBL+OALRdW/MB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcjLYkyF
8EJK0IXcl6Isg8oDPXOsRrYHPwa/qCjQ/9SkTgDyjfE3btkbOJjKzao5iT8Pj2nk
rX1QRkj3JHMcpCef7cS2nzk773lGOF5yepDuaPZ50ORwhy9QfmdwTERS1QDp8gHV
NWEmCGnVKDWx4OFGa/g6yQcJeBgsXuk1UYEytVgx+UTyQdGWfHIN/1sPmcR6tEsR
KkHlh4Pm7Z/V6g76/JuFuJVW6bOn9uJnZu0K+yZkY/w3XdJQ0JRHtScLQtXxnD4a
tVH0nCmEKsNwrjyD6mygw8VDkIMB3HfFyNHWnR5pqmZS+PA1accgc00+hcyD/Tpy
aqH1oxURcdrdsg==
-----END CERTIFICATE-----