Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          s2Xd01rgBcmbPfAyNysLFk/pFpfh3ve7LtQqVjn1hYk=
Subject key identifier:   F8:4E:C7:A7:E6:5A:5D:61:C5:A5:15:95:59:B8:20:35:A4:27:A3:84
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019676B0DF46352C889B06B236EAE4267386
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          137C
Signing time:             Sun 27 Apr 2025 10:00:24 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:24 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:24 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: NfXZrjhaun5Na5oTtrAOTTBInZ0f42ITKaZy5pV/f+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:df:46:35:2c:88:9b:06:b2:36:ea:e4:26:73:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Apr 27 10:00:24 2025 GMT
            Not After : Apr 28 10:00:24 2025 GMT
        Subject: CN=f84ec7a7e65a5d61c5a5159559b82035a427a384
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:83:13:d0:3a:8f:8d:a9:a6:1f:a4:b0:9e:bf:
                    f8:32:d8:e0:70:e2:54:5e:90:a3:c9:c6:5b:e2:41:
                    80:c4:b6:38:fd:5c:3e:1f:09:03:5f:30:c8:31:e7:
                    21:05:d3:ab:4e:ce:f0:45:29:e8:0f:92:41:c8:f6:
                    0f:c8:11:e2:e5:5f:52:88:59:c4:e7:33:a9:01:4e:
                    f6:10:76:a9:66:8e:1d:30:f6:15:ba:70:7f:f1:ee:
                    d6:d5:44:6f:dd:b0:68:30:5e:db:ae:bb:e0:27:13:
                    d8:45:e4:fe:67:be:02:9a:b9:81:6b:b2:9d:f7:9b:
                    1a:71:5c:c6:16:7d:98:52:39:30:b5:b8:e4:d3:8b:
                    69:ae:c5:1b:f9:a6:e7:0a:75:ff:82:9c:96:db:8f:
                    c4:91:de:19:fc:58:ff:e0:de:b4:36:e9:a6:12:27:
                    3e:44:4a:a2:71:22:02:34:b9:c2:b7:f7:97:96:d6:
                    59:aa:1d:a9:df:6d:ba:23:0f:9e:69:13:8a:6a:ed:
                    df:e1:8f:2f:2c:28:c4:f2:29:12:7e:33:f4:53:7a:
                    f4:e8:d2:ec:6a:32:a8:f8:9d:0b:a5:30:04:5d:66:
                    1a:1f:fd:32:c3:d2:99:0c:48:66:a5:4d:1b:96:f9:
                    40:7d:67:13:4f:5d:0e:ba:11:af:90:dd:65:ce:37:
                    e4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:4E:C7:A7:E6:5A:5D:61:C5:A5:15:95:59:B8:20:35:A4:27:A3:84
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:8f:61:e2:58:38:ab:1e:2e:15:b6:ba:8e:f4:22:fb:3d:7f:
         7f:91:19:22:3a:c9:32:b9:39:16:ff:da:25:78:df:f9:1d:40:
         8b:58:1d:a8:3b:98:05:4d:af:db:bf:b9:bd:68:f6:27:4a:d2:
         8e:c3:e5:65:d3:26:6d:30:92:8a:4d:57:20:5d:4a:c9:e7:29:
         69:16:c7:69:a2:24:4e:31:31:27:2e:a7:f8:92:d7:9e:ca:22:
         a6:89:47:4b:91:b5:02:51:28:2e:69:12:10:b4:2a:bc:6f:e5:
         34:5c:86:22:20:89:c0:58:3f:cd:e6:03:bd:91:26:53:55:2f:
         f9:ad:6d:ba:59:cd:5d:7c:89:47:2d:d4:95:e8:d6:39:c4:e5:
         38:0d:31:1e:17:8c:b9:e5:c2:1e:5e:b9:70:25:43:35:13:f1:
         0c:d7:25:43:b7:02:a3:f6:d6:f6:7e:5f:20:c1:0b:ef:a8:aa:
         e2:20:ed:22:83:a2:54:13:48:ab:26:64:86:de:8b:a6:c6:cf:
         88:a5:37:aa:9e:23:56:3a:fe:80:84:b2:e9:21:d2:4f:48:c4:
         e8:59:7e:1d:96:1c:87:b5:44:b1:99:77:4e:15:dc:f7:e7:97:
         39:0d:a3:c0:cf:9d:ef:b8:de:58:81:39:a7:bb:f8:ca:83:b6:
         5a:55:b3:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sN9GNSyImwayNurkJnOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwNDI3MTAwMDI0WhcNMjUwNDI4MTAwMDI0WjAzMTEwLwYDVQQD
EyhmODRlYzdhN2U2NWE1ZDYxYzVhNTE1OTU1OWI4MjAzNWE0MjdhMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4MT0DqPjammH6Swnr/4MtjgcOJU
XpCjycZb4kGAxLY4/Vw+HwkDXzDIMechBdOrTs7wRSnoD5JByPYPyBHi5V9SiFnE
5zOpAU72EHapZo4dMPYVunB/8e7W1URv3bBoMF7brrvgJxPYReT+Z74CmrmBa7Kd
95sacVzGFn2YUjkwtbjk04tprsUb+abnCnX/gpyW24/Ekd4Z/Fj/4N60NummEic+
REqicSICNLnCt/eXltZZqh2p3226Iw+eaROKau3f4Y8vLCjE8ikSfjP0U3r06NLs
ajKo+J0LpTAEXWYaH/0yw9KZDEhmpU0blvlAfWcTT10OuhGvkN1lzjfkYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhOx6fmWl1hxaUVlVm4IDWkJ6OEMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARo9h4lg4
qx4uFba6jvQi+z1/f5EZIjrJMrk5Fv/aJXjf+R1Ai1gdqDuYBU2v27+5vWj2J0rS
jsPlZdMmbTCSik1XIF1KyecpaRbHaaIkTjExJy6n+JLXnsoipolHS5G1AlEoLmkS
ELQqvG/lNFyGIiCJwFg/zeYDvZEmU1Uv+a1tulnNXXyJRy3UlejWOcTlOA0xHheM
ueXCHl65cCVDNRPxDNclQ7cCo/bW9n5fIMEL76iq4iDtIoOiVBNIqyZkht6LpsbP
iKU3qp4jVjr+gISy6SHST0jE6Fl+HZYch7VEsZl3ThXc9+eXOQ2jwM+d77jeWIE5
p7v4yoO2WlWzMQ==
-----END CERTIFICATE-----