Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File:                     ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier:          WWqi9+8VeeNvZe6Xe7vHIxfJ1S9sNz/76IuTF983GSg=
Subject key identifier:   00:D7:51:1B:D8:E8:CE:EA:CB:87:F8:04:F5:27:36:C1:46:D8:71:A4
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer:       /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial:       0197635EE0BC52E896458516134D2D9B3541
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number:          010C
Signing time:             Thu 12 Jun 2025 09:00:51 +0000
Manifest this update:     Thu 12 Jun 2025 09:00:51 +0000
Manifest next update:     Fri 13 Jun 2025 09:00:51 +0000
Files and hashes:         1: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: GrMLhVy0qI1y+0a/fxCu0nxs7awqmSEwURtkDNJnYw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:5e:e0:bc:52:e8:96:45:85:16:13:4d:2d:9b:35:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
        Validity
            Not Before: Jun 12 09:00:51 2025 GMT
            Not After : Jun 13 09:00:51 2025 GMT
        Subject: CN=00d7511bd8e8ceeacb87f804f52736c146d871a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:66:7c:43:58:c9:ba:99:08:84:ef:d7:6c:a4:
                    ce:a1:90:a4:13:bd:d5:98:2d:4f:7c:5f:ed:4f:35:
                    b0:8a:6a:fd:cd:95:ef:25:3c:eb:4a:0c:3f:01:c7:
                    a7:3f:65:4b:c7:f6:af:b8:ae:eb:61:88:25:e6:fa:
                    1a:6f:0e:e6:d8:79:a9:ea:7d:12:b6:df:86:9c:ee:
                    24:68:b9:60:00:40:d6:45:be:d8:e9:ec:19:56:78:
                    ec:6e:68:72:4c:a8:b1:0f:7d:3d:be:6c:ea:d1:27:
                    88:5e:fb:30:89:3a:e2:16:7d:bb:89:60:2c:85:99:
                    45:89:0c:1f:16:35:a2:de:96:f7:9a:bb:35:19:09:
                    33:75:4b:15:ed:7e:2c:4f:7b:4e:36:9d:9e:2c:fe:
                    50:c3:1e:8f:80:26:7a:ac:be:87:3e:11:d0:21:48:
                    8f:44:36:56:44:76:9f:29:12:65:f4:75:f5:1e:f7:
                    40:78:a8:b3:92:4f:a7:a6:e9:ed:35:83:fb:5e:80:
                    e7:c6:f3:2d:23:1f:c2:35:8d:49:26:9d:48:3b:cd:
                    b1:ac:f9:16:e2:0c:0c:76:de:d2:ac:a5:00:20:1f:
                    36:50:57:e3:cf:59:7a:de:f3:15:0d:e9:2c:09:71:
                    c3:e3:bf:20:69:ec:74:cf:fa:f5:b3:dd:e7:11:cb:
                    9b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:D7:51:1B:D8:E8:CE:EA:CB:87:F8:04:F5:27:36:C1:46:D8:71:A4
            X509v3 Authority Key Identifier:
                keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:68:a6:d5:db:6c:93:45:b8:83:31:14:1a:6c:9b:88:ef:d4:
         cd:8d:c9:bb:84:01:20:f4:de:73:c3:6d:f3:5c:44:28:68:a1:
         8c:42:3c:cc:72:2d:10:e1:d6:b5:06:c3:47:91:44:48:59:2d:
         58:68:d2:9b:09:dc:cc:b1:50:4a:d2:e5:b5:d4:9d:21:95:21:
         89:3c:bb:05:25:b0:fe:72:de:99:18:ee:f7:4a:e1:18:41:17:
         4f:0c:13:e9:2a:c2:35:ad:55:c7:e4:0f:c5:b0:75:18:71:82:
         94:cd:a2:3e:1d:5e:45:c7:b1:29:0e:be:03:75:70:f5:a8:68:
         6e:5f:df:50:22:c4:05:f7:72:c6:14:d4:7b:f4:43:0f:2e:5e:
         29:3d:ac:dd:0c:8b:49:b2:61:48:34:28:cc:d3:7b:2d:b0:35:
         1b:fd:64:85:4e:61:15:3b:86:71:16:c1:37:e8:04:73:4f:cc:
         51:4b:d6:e7:c6:22:d8:9a:d9:b7:8f:6d:59:a2:a9:95:75:fa:
         57:6e:8a:0d:69:20:a9:33:dc:4d:f4:96:f6:a3:e1:e8:21:e1:
         ee:69:1c:ab:bb:9c:0b:38:46:0a:85:07:31:5b:34:61:12:f4:
         71:50:96:a1:c3:ba:20:40:89:a3:c9:f5:4c:35:91:d1:42:0a:
         57:93:68:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjXuC8UuiWRYUWE00tmzVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjUwNjEyMDkwMDUxWhcNMjUwNjEzMDkwMDUxWjAzMTEwLwYDVQQD
EygwMGQ3NTExYmQ4ZThjZWVhY2I4N2Y4MDRmNTI3MzZjMTQ2ZDg3MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmZ8Q1jJupkIhO/XbKTOoZCkE73V
mC1PfF/tTzWwimr9zZXvJTzrSgw/AcenP2VLx/avuK7rYYgl5voabw7m2Hmp6n0S
tt+GnO4kaLlgAEDWRb7Y6ewZVnjsbmhyTKixD309vmzq0SeIXvswiTriFn27iWAs
hZlFiQwfFjWi3pb3mrs1GQkzdUsV7X4sT3tONp2eLP5Qwx6PgCZ6rL6HPhHQIUiP
RDZWRHafKRJl9HX1HvdAeKizkk+npuntNYP7XoDnxvMtIx/CNY1JJp1IO82xrPkW
4gwMdt7SrKUAIB82UFfjz1l63vMVDeksCXHD478gaex0z/r1s93nEcubnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADXURvY6M7qy4f4BPUnNsFG2HGkMB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS2im1dts
k0W4gzEUGmybiO/UzY3Ju4QBIPTec8Nt81xEKGihjEI8zHItEOHWtQbDR5FESFkt
WGjSmwnczLFQStLltdSdIZUhiTy7BSWw/nLemRju90rhGEEXTwwT6SrCNa1Vx+QP
xbB1GHGClM2iPh1eRcexKQ6+A3Vw9ahobl/fUCLEBfdyxhTUe/RDDy5eKT2s3QyL
SbJhSDQozNN7LbA1G/1khU5hFTuGcRbBN+gEc0/MUUvW58Yi2JrZt49tWaKplXX6
V26KDWkgqTPcTfSW9qPh6CHh7mkcq7ucCzhGCoUHMVs0YRL0cVCWocO6IECJo8n1
TDWR0UIKV5NoNA==
-----END CERTIFICATE-----