Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File:                     ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier:          Uhs3LEICDoQM/jw5vh8h7chyd5ruoI42VldoUIVncRE=
Subject key identifier:   9C:1D:31:EF:8B:C4:8C:46:D6:70:2C:5F:1B:13:F1:4E:F5:7F:A0:94
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer:       /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial:       019759B6BBD1ACB7C0937826988863E5C0AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number:          0107
Signing time:             Tue 10 Jun 2025 12:00:37 +0000
Manifest this update:     Tue 10 Jun 2025 12:00:37 +0000
Manifest next update:     Wed 11 Jun 2025 12:00:37 +0000
Files and hashes:         1: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: UjVB7LG2yvxMrp+6fkSGKaRZ7d6bvCU5dSAw9Jg2LFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 12:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:b6:bb:d1:ac:b7:c0:93:78:26:98:88:63:e5:c0:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
        Validity
            Not Before: Jun 10 12:00:37 2025 GMT
            Not After : Jun 11 12:00:37 2025 GMT
        Subject: CN=9c1d31ef8bc48c46d6702c5f1b13f14ef57fa094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c3:d9:eb:d7:09:6a:a1:0a:ab:f8:49:34:d4:
                    5b:a1:44:a9:76:4f:d5:91:cc:a4:33:a2:ea:a5:0d:
                    6c:4e:d3:da:bf:2a:1f:92:99:b0:40:4f:53:b6:9c:
                    7b:a9:d9:ea:df:b3:95:4c:6c:95:d9:9d:fd:7d:dd:
                    c6:6d:06:97:4a:7a:70:0b:e4:32:dd:c4:97:9f:79:
                    ff:13:91:cb:a6:3b:9e:1a:13:36:8a:fd:75:e3:28:
                    7e:3b:d4:6d:8c:76:41:54:8c:11:70:25:9d:a8:2d:
                    05:16:85:21:2a:1b:54:f2:24:74:c7:86:ab:3b:68:
                    eb:62:76:99:b3:9c:17:fd:4e:df:5b:f5:bf:f2:d6:
                    0b:2d:f6:9b:89:29:8c:8d:c5:57:d8:b6:b8:70:e4:
                    06:76:ac:3f:1e:1a:04:33:f2:95:eb:5a:07:ad:55:
                    79:c9:ed:d7:7a:fe:28:71:29:6f:f5:cb:15:ef:7c:
                    83:42:76:01:3a:30:1a:be:78:3c:a0:19:63:5c:46:
                    15:10:21:52:02:18:fe:38:96:aa:bd:96:40:31:85:
                    1f:9d:4c:e8:34:e3:cf:df:83:ed:a9:6d:d5:66:e5:
                    2c:2d:e3:23:f8:3d:1e:44:20:71:49:79:be:51:02:
                    3a:96:e0:97:62:aa:9f:c0:c5:98:71:57:3c:19:e7:
                    2d:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:1D:31:EF:8B:C4:8C:46:D6:70:2C:5F:1B:13:F1:4E:F5:7F:A0:94
            X509v3 Authority Key Identifier:
                keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d6:60:8a:5f:f7:71:27:ca:5e:c6:61:72:52:83:40:5b:59:
         b0:ee:a3:a4:b8:a0:c8:75:32:e1:41:b5:fe:95:30:ae:b7:35:
         0a:ad:57:84:de:bc:7f:72:c0:00:7b:ac:9a:c6:f4:eb:0f:ec:
         bd:20:26:c3:6d:2c:c3:d6:4b:4b:86:55:7a:19:95:5a:46:53:
         1e:ea:54:68:a2:8d:e2:43:39:43:8f:ac:4d:ad:78:49:7c:20:
         87:a5:5a:ec:7f:7c:5f:c9:6c:42:10:06:a0:32:99:a6:83:10:
         9b:db:b7:b5:e8:67:7f:06:93:c7:7d:01:d6:3b:8d:50:9e:d3:
         a6:14:94:2c:e5:e8:7f:44:c1:f4:0a:27:9f:b2:f0:ec:6b:e2:
         f0:cc:f2:b4:b8:a4:70:c6:d8:2e:d1:dd:07:89:15:ca:46:e9:
         b1:51:cf:b0:f7:f1:6b:89:05:65:8a:36:8a:0c:9c:49:6f:7a:
         79:31:9f:4d:c7:1a:c0:36:58:c9:d9:c8:cf:de:82:93:3c:e8:
         c9:5b:f4:87:b7:d6:e4:6a:1d:86:69:1d:b8:16:a4:14:23:2e:
         d0:de:07:c6:8c:4d:2c:18:93:aa:b1:ac:5b:de:c9:b4:12:ee:
         c3:29:a7:56:64:40:c4:5b:ea:1d:cf:d5:0d:6e:44:20:17:61:
         14:64:28:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZtrvRrLfAk3gmmIhj5cCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjUwNjEwMTIwMDM3WhcNMjUwNjExMTIwMDM3WjAzMTEwLwYDVQQD
Eyg5YzFkMzFlZjhiYzQ4YzQ2ZDY3MDJjNWYxYjEzZjE0ZWY1N2ZhMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncPZ69cJaqEKq/hJNNRboUSpdk/V
kcykM6LqpQ1sTtPavyofkpmwQE9Ttpx7qdnq37OVTGyV2Z39fd3GbQaXSnpwC+Qy
3cSXn3n/E5HLpjueGhM2iv114yh+O9RtjHZBVIwRcCWdqC0FFoUhKhtU8iR0x4ar
O2jrYnaZs5wX/U7fW/W/8tYLLfabiSmMjcVX2La4cOQGdqw/HhoEM/KV61oHrVV5
ye3Xev4ocSlv9csV73yDQnYBOjAavng8oBljXEYVECFSAhj+OJaqvZZAMYUfnUzo
NOPP34PtqW3VZuUsLeMj+D0eRCBxSXm+UQI6luCXYqqfwMWYcVc8Gect5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwdMe+LxIxG1nAsXxsT8U71f6CUMB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNZgil/3
cSfKXsZhclKDQFtZsO6jpLigyHUy4UG1/pUwrrc1Cq1XhN68f3LAAHusmsb06w/s
vSAmw20sw9ZLS4ZVehmVWkZTHupUaKKN4kM5Q4+sTa14SXwgh6Va7H98X8lsQhAG
oDKZpoMQm9u3tehnfwaTx30B1juNUJ7TphSULOXof0TB9Aonn7Lw7Gvi8MzytLik
cMbYLtHdB4kVykbpsVHPsPfxa4kFZYo2igycSW96eTGfTccawDZYydnIz96Ckzzo
yVv0h7fW5GodhmkduBakFCMu0N4HxoxNLBiTqrGsW97JtBLuwymnVmRAxFvqHc/V
DW5EIBdhFGQo2A==
-----END CERTIFICATE-----