Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File:                     ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier:          i6SzNyAJpd1hBScZM3l5sy/pv8vtEJQX/F2ke3VTFJ8=
Subject key identifier:   28:D1:57:07:BA:B6:1B:7E:95:DF:1C:5E:8B:3E:D3:81:FC:35:E8:0D
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer:       /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial:       0197654CD112665FA461C8BB4B8FD8A79CEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number:          010D
Signing time:             Thu 12 Jun 2025 18:00:22 +0000
Manifest this update:     Thu 12 Jun 2025 18:00:22 +0000
Manifest next update:     Fri 13 Jun 2025 18:00:22 +0000
Files and hashes:         1: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: CZMOCox2kvEDsGAeQCq6NvMS4z0mWqGdP6+Z1J7Bfmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:4c:d1:12:66:5f:a4:61:c8:bb:4b:8f:d8:a7:9c:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
        Validity
            Not Before: Jun 12 18:00:22 2025 GMT
            Not After : Jun 13 18:00:22 2025 GMT
        Subject: CN=28d15707bab61b7e95df1c5e8b3ed381fc35e80d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:01:31:9a:f1:dc:3f:ce:93:2d:03:a6:56:5f:
                    81:20:cf:09:14:5a:51:62:cf:68:ab:08:92:de:7a:
                    fe:0c:a7:ad:35:06:a3:ac:e8:65:b7:15:de:3c:72:
                    a7:85:f6:d8:12:06:3c:5c:db:fd:80:23:0c:31:50:
                    ca:a7:28:65:06:e9:fd:59:fd:c8:ee:e3:0f:02:be:
                    6d:3a:c0:11:7d:1c:04:26:4c:65:7c:3b:be:e5:4b:
                    a1:b1:78:30:40:bf:62:a1:f5:ff:13:3d:9c:32:7c:
                    de:33:8a:fd:91:80:ba:50:d6:6e:a1:ae:24:06:39:
                    1f:61:e9:e5:03:72:b2:1a:b8:0b:e7:f0:d4:91:b7:
                    21:da:7d:62:1d:1c:47:bc:cd:3f:11:6a:ae:ed:91:
                    a6:8c:16:f0:63:ab:fc:29:cf:5c:fd:f4:2e:67:e9:
                    ad:38:e2:76:1a:9f:82:ad:be:20:a3:98:08:0a:ea:
                    a4:1b:6b:5e:69:59:1a:b1:bc:34:42:d1:7b:64:8f:
                    46:b7:b8:fa:d4:b3:73:26:76:4a:2f:b8:23:b9:e2:
                    93:1c:9c:19:16:80:ac:8b:c5:29:86:15:58:5e:50:
                    ee:e7:56:1f:53:2a:81:fd:44:7c:67:92:ef:c1:89:
                    11:78:4a:4b:fc:e2:f6:76:32:c9:e1:56:3d:4d:06:
                    1d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:D1:57:07:BA:B6:1B:7E:95:DF:1C:5E:8B:3E:D3:81:FC:35:E8:0D
            X509v3 Authority Key Identifier:
                keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:fb:76:af:27:e7:70:c5:1b:9d:59:9e:55:02:2b:d0:69:bb:
         9f:3c:d4:3d:bb:e8:24:1e:e9:0b:1b:6a:71:ac:12:48:f3:f9:
         b5:e1:cc:24:e1:99:48:1d:46:24:4f:a0:76:0d:24:d8:05:c2:
         1a:98:bb:51:1f:3a:aa:af:e1:2e:9a:59:e3:d6:f4:99:95:3a:
         53:3a:cf:a3:83:b6:9e:de:ec:91:be:6d:e7:3f:1e:ce:85:72:
         a7:1d:8e:31:d0:d0:9f:31:83:90:88:f3:f4:b6:33:20:5c:89:
         f2:c5:da:d0:6e:1b:37:58:08:fd:da:e5:e9:e7:58:d8:94:16:
         5d:55:f3:df:92:f1:0b:4d:c8:9d:56:3b:e7:42:e5:8f:ab:43:
         3d:94:99:78:aa:a9:44:83:87:24:8d:83:2f:4e:e0:7d:2a:8b:
         bd:b8:19:d8:73:fc:c9:8e:06:dd:aa:16:81:22:a9:39:b4:87:
         8d:e0:40:b0:7a:a1:40:2f:e9:8b:e0:92:ac:09:ea:61:3e:d9:
         09:1c:8b:93:c7:32:9b:1f:61:9e:2c:df:1b:17:bd:15:94:92:
         9c:fd:c5:66:8c:dc:59:88:52:3f:ea:49:f7:b1:cc:b9:27:6e:
         28:4c:54:74:d4:a0:7a:f3:e4:8e:c4:8c:43:57:8e:f4:f9:8d:
         a8:89:93:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTNESZl+kYci7S4/Yp5zsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjUwNjEyMTgwMDIyWhcNMjUwNjEzMTgwMDIyWjAzMTEwLwYDVQQD
EygyOGQxNTcwN2JhYjYxYjdlOTVkZjFjNWU4YjNlZDM4MWZjMzVlODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygExmvHcP86TLQOmVl+BIM8JFFpR
Ys9oqwiS3nr+DKetNQajrOhltxXePHKnhfbYEgY8XNv9gCMMMVDKpyhlBun9Wf3I
7uMPAr5tOsARfRwEJkxlfDu+5UuhsXgwQL9iofX/Ez2cMnzeM4r9kYC6UNZuoa4k
BjkfYenlA3KyGrgL5/DUkbch2n1iHRxHvM0/EWqu7ZGmjBbwY6v8Kc9c/fQuZ+mt
OOJ2Gp+Crb4go5gICuqkG2teaVkasbw0QtF7ZI9Gt7j61LNzJnZKL7gjueKTHJwZ
FoCsi8UphhVYXlDu51YfUyqB/UR8Z5LvwYkReEpL/OL2djLJ4VY9TQYdSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjRVwe6tht+ld8cXos+04H8NegNMB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACft2ryfn
cMUbnVmeVQIr0Gm7nzzUPbvoJB7pCxtqcawSSPP5teHMJOGZSB1GJE+gdg0k2AXC
Gpi7UR86qq/hLppZ49b0mZU6UzrPo4O2nt7skb5t5z8ezoVypx2OMdDQnzGDkIjz
9LYzIFyJ8sXa0G4bN1gI/drl6edY2JQWXVXz35LxC03InVY750Llj6tDPZSZeKqp
RIOHJI2DL07gfSqLvbgZ2HP8yY4G3aoWgSKpObSHjeBAsHqhQC/pi+CSrAnqYT7Z
CRyLk8cymx9hnizfGxe9FZSSnP3FZozcWYhSP+pJ97HMuSduKExUdNSgevPkjsSM
Q1eO9PmNqImTlg==
-----END CERTIFICATE-----