Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
File:                     cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft (raw, json)
Hash identifier:          Hmctn6sWMGuJvYZBupdn0iZUSzpUB8oZZ2UgD9//WXU=
Subject key identifier:   30:3A:C2:C8:01:63:45:25:F2:B0:62:93:F1:93:3E:C5:B8:FA:3B:5C
Authority key identifier: 71:92:F3:56:0C:15:B9:4D:1E:F4:97:72:68:45:D7:86:78:6B:C7:62
Certificate issuer:       /CN=7192f3560c15b94d1ef497726845d786786bc762
Certificate serial:       01974E57651578C62C33A87C1336103FE78D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
Manifest number:          0CB3
Signing time:             Sun 08 Jun 2025 07:00:39 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:39 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:39 +0000
Files and hashes:         1: cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl (hash: G8zr6BcIUY3tKqnX1jdnjhSmiWR+55MZDafduj7Y1SA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:65:15:78:c6:2c:33:a8:7c:13:36:10:3f:e7:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7192f3560c15b94d1ef497726845d786786bc762
        Validity
            Not Before: Jun  8 07:00:39 2025 GMT
            Not After : Jun  9 07:00:39 2025 GMT
        Subject: CN=303ac2c801634525f2b06293f1933ec5b8fa3b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:56:95:17:e4:93:fd:cc:f6:3e:3e:e0:7b:ad:
                    40:a4:0d:f7:64:e9:6d:56:0c:59:27:a2:d8:7e:4f:
                    f5:b6:d5:20:f4:4e:10:89:2b:27:3e:d9:8a:98:84:
                    71:74:d9:02:82:a6:35:e1:43:47:00:59:09:27:4a:
                    f4:03:ed:31:8e:ee:83:a4:4e:71:0b:79:ec:ad:0f:
                    45:9c:e1:14:97:7f:e2:65:3d:52:86:60:c1:bf:3f:
                    32:95:18:48:36:22:cd:05:74:a3:dc:d4:35:8e:2d:
                    29:06:c2:e4:fa:91:c4:89:06:30:5a:fc:56:36:5f:
                    14:3d:7b:1e:a1:6d:4a:cb:b1:ce:3f:e0:8b:34:de:
                    fe:cf:d1:20:04:a4:a8:b9:f1:e1:16:bd:12:79:b7:
                    6f:40:30:fb:f3:fe:c5:09:11:70:d2:ee:74:7d:8e:
                    67:ca:af:53:4b:1d:e1:a1:e8:75:70:22:b8:28:eb:
                    4f:f6:a0:16:6b:0a:73:76:e2:b8:f4:96:37:ee:05:
                    14:ce:b1:db:ac:d7:3f:a9:80:77:e2:ea:85:44:14:
                    8e:ce:2b:8f:d2:2b:c5:df:eb:64:6a:6c:5c:1f:5b:
                    3e:27:e8:7d:9a:f3:3d:56:a8:ca:fa:4b:8a:00:c1:
                    fd:5e:49:ba:05:70:57:1a:c7:77:a9:d4:12:6b:87:
                    5a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:3A:C2:C8:01:63:45:25:F2:B0:62:93:F1:93:3E:C5:B8:FA:3B:5C
            X509v3 Authority Key Identifier:
                keyid:71:92:F3:56:0C:15:B9:4D:1E:F4:97:72:68:45:D7:86:78:6B:C7:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:33:0b:79:c1:10:1d:20:60:13:ee:12:e1:ac:36:c1:66:7f:
         92:46:6f:18:40:b7:1e:d0:92:f2:35:7e:fc:de:35:52:fb:ff:
         ae:00:43:76:cb:c4:4f:f5:99:cc:9e:b1:c2:e3:0d:0a:44:83:
         8f:80:55:34:e8:15:0b:d2:4d:ee:ca:17:cf:83:e9:57:83:aa:
         bf:bc:dd:b3:04:dd:f0:f8:da:75:e2:18:f1:3e:4a:b7:a8:aa:
         fe:d8:55:40:7c:a1:9d:71:94:b3:d7:6d:9c:e4:09:bc:0d:0e:
         b6:0f:e4:74:3e:64:99:3c:52:7f:be:fa:eb:ad:3e:b7:27:d7:
         62:f3:dd:79:c6:6e:b7:e9:b6:43:dd:bb:46:d3:f6:6d:bc:42:
         43:15:16:a0:6e:85:06:2b:70:75:a5:52:3d:0e:7c:11:88:84:
         72:af:3f:e6:2f:33:34:6e:86:a4:e0:e4:74:ac:15:03:c9:e7:
         4c:7a:91:fa:eb:ac:48:b9:c9:a4:a9:fc:4b:c4:01:19:35:5d:
         3b:fd:8b:7a:94:34:66:f8:7d:4b:50:84:6e:eb:85:57:04:a7:
         0f:1d:25:67:79:0f:56:81:53:e5:df:4a:96:1d:6c:74:b0:70:
         fd:e7:ce:b1:9e:7c:32:7d:3d:c1:89:21:5f:cd:c7:22:c3:9a:
         5b:12:ed:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV2UVeMYsM6h8EzYQP+eNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTJmMzU2MGMxNWI5NGQxZWY0OTc3MjY4NDVkNzg2Nzg2
YmM3NjIwHhcNMjUwNjA4MDcwMDM5WhcNMjUwNjA5MDcwMDM5WjAzMTEwLwYDVQQD
EygzMDNhYzJjODAxNjM0NTI1ZjJiMDYyOTNmMTkzM2VjNWI4ZmEzYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFaVF+ST/cz2Pj7ge61ApA33ZOlt
VgxZJ6LYfk/1ttUg9E4QiSsnPtmKmIRxdNkCgqY14UNHAFkJJ0r0A+0xju6DpE5x
C3nsrQ9FnOEUl3/iZT1ShmDBvz8ylRhINiLNBXSj3NQ1ji0pBsLk+pHEiQYwWvxW
Nl8UPXseoW1Ky7HOP+CLNN7+z9EgBKSoufHhFr0SebdvQDD78/7FCRFw0u50fY5n
yq9TSx3hoeh1cCK4KOtP9qAWawpzduK49JY37gUUzrHbrNc/qYB34uqFRBSOziuP
0ivF3+tkamxcH1s+J+h9mvM9VqjK+kuKAMH9Xkm6BXBXGsd3qdQSa4daTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDA6wsgBY0Ul8rBik/GTPsW4+jtcMB8GA1UdIwQY
MBaAFHGS81YMFblNHvSXcmhF14Z4a8diMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82OWEwMzQtYjUwOC00MmU4LTk5ZTgt
NzVlZTI0YTNmOTZiLzEvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82OWEwMzQtYjUwOC00MmU4LTk5ZTgtNzVlZTI0YTNmOTZi
LzEvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApjMLecEQ
HSBgE+4S4aw2wWZ/kkZvGEC3HtCS8jV+/N41Uvv/rgBDdsvET/WZzJ6xwuMNCkSD
j4BVNOgVC9JN7soXz4PpV4Oqv7zdswTd8PjadeIY8T5Kt6iq/thVQHyhnXGUs9dt
nOQJvA0Otg/kdD5kmTxSf776660+tyfXYvPdecZut+m2Q927RtP2bbxCQxUWoG6F
BitwdaVSPQ58EYiEcq8/5i8zNG6GpODkdKwVA8nnTHqR+uusSLnJpKn8S8QBGTVd
O/2LepQ0Zvh9S1CEbuuFVwSnDx0lZ3kPVoFT5d9Klh1sdLBw/efOsZ58Mn09wYkh
X83HIsOaWxLtZA==
-----END CERTIFICATE-----