Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
File:                     Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json)
Hash identifier:          7rDgOz/PheFuENr5lH6CzE7OdVwXf3/g47/UZcd4p88=
Subject key identifier:   1F:07:54:B8:21:DC:02:65:1C:BA:74:F3:80:52:FC:04:93:63:2A:90
Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F
Certificate issuer:       /CN=6773703eb4eab367ab9de91a2ac41ee32014030f
Certificate serial:       01968390D0008B73CFC2D0608711CB99B578
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
Manifest number:          07DE
Signing time:             Tue 29 Apr 2025 22:00:27 +0000
Manifest this update:     Tue 29 Apr 2025 22:00:27 +0000
Manifest next update:     Wed 30 Apr 2025 22:00:27 +0000
Files and hashes:         1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: VLQ+9ej5re5BfeIwdgU0n7BMQM8gTzUODwmohfFtvoU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:90:d0:00:8b:73:cf:c2:d0:60:87:11:cb:99:b5:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f
        Validity
            Not Before: Apr 29 22:00:27 2025 GMT
            Not After : Apr 30 22:00:27 2025 GMT
        Subject: CN=1f0754b821dc02651cba74f38052fc0493632a90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:9a:39:b6:78:09:62:d0:78:10:26:3f:7c:0c:
                    4a:68:5c:df:e4:9a:e1:21:6e:ea:0d:d9:f3:a7:41:
                    f1:fd:52:ce:f8:54:77:c3:e6:80:15:ba:20:86:7a:
                    90:4b:f6:fe:bb:2d:44:29:b5:80:32:01:b2:4c:ae:
                    bb:a2:d2:b0:16:4e:6d:19:f8:94:2b:d9:b2:86:f3:
                    6a:53:fb:71:1b:38:9d:d8:c2:91:4b:c4:61:ab:ac:
                    cb:b9:cf:3e:7e:e4:4d:6d:0b:63:94:fe:eb:60:11:
                    25:39:a6:37:c7:14:e4:f6:ee:83:32:77:d1:b0:75:
                    91:ce:45:7f:3c:64:7e:27:05:5e:70:e1:1f:03:22:
                    01:67:a5:dc:5b:7a:95:31:57:c5:11:aa:1c:19:b5:
                    33:28:b9:2f:64:95:74:63:f8:76:90:3f:0f:64:bf:
                    64:d9:55:11:36:b5:6e:8d:d5:52:c7:55:8f:a6:c9:
                    e4:ad:97:30:80:a2:63:9c:e1:ed:3f:6d:50:f0:09:
                    c3:9f:c3:0d:7e:c2:cd:d6:f6:4e:8d:11:54:82:a4:
                    b2:9d:7a:97:63:10:77:74:24:88:90:70:85:53:02:
                    69:bc:60:56:38:27:21:b0:57:db:a0:b3:13:53:4e:
                    39:fe:80:10:a0:76:a4:fd:91:ab:44:a7:40:95:bb:
                    aa:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:07:54:B8:21:DC:02:65:1C:BA:74:F3:80:52:FC:04:93:63:2A:90
            X509v3 Authority Key Identifier:
                keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:72:8a:a9:3f:a4:e4:8c:b2:08:3c:8f:a1:cb:03:cf:75:ec:
         78:d9:9e:0a:57:40:47:9d:65:da:74:6a:85:4a:99:69:0a:4e:
         be:ce:3c:f5:79:30:e8:e4:53:9a:4a:e0:fe:ae:98:cc:6a:fa:
         b2:8f:18:dc:d4:62:1f:53:5d:42:8d:20:3f:d5:96:19:a3:1b:
         87:c5:a9:8f:26:6e:12:7a:a7:6d:b5:71:9c:66:40:6a:67:da:
         c6:b2:ba:24:c9:be:ce:57:6a:b6:3e:5f:17:fd:16:14:eb:d2:
         fd:11:a9:3a:94:3d:d0:32:26:c4:7b:e2:e0:73:d3:93:17:57:
         a9:dc:8f:13:3c:84:9b:26:f5:12:2d:16:9d:c2:5f:b0:d6:45:
         60:0d:51:0f:f6:db:cb:25:6d:ce:b7:4b:41:b3:35:4a:77:0c:
         e7:4d:2a:8e:4a:26:21:aa:32:ae:64:99:72:06:fe:c3:98:b1:
         c4:7a:ed:ff:d3:09:81:a9:0e:dc:b3:e3:4d:1a:f3:6a:ef:77:
         9e:cc:73:5f:6b:b0:a6:f5:22:ee:ca:ca:ac:3c:64:46:02:89:
         0d:07:02:0b:97:a4:ed:e3:b1:af:6a:e1:ba:32:2f:e3:ef:0e:
         8d:9b:52:9d:d0:28:64:0a:66:ed:3a:db:d1:d5:10:59:b1:a5:
         25:4e:ba:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkNAAi3PPwtBghxHLmbV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx
NDAzMGYwHhcNMjUwNDI5MjIwMDI3WhcNMjUwNDMwMjIwMDI3WjAzMTEwLwYDVQQD
EygxZjA3NTRiODIxZGMwMjY1MWNiYTc0ZjM4MDUyZmMwNDkzNjMyYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5o5tngJYtB4ECY/fAxKaFzf5Jrh
IW7qDdnzp0Hx/VLO+FR3w+aAFboghnqQS/b+uy1EKbWAMgGyTK67otKwFk5tGfiU
K9myhvNqU/txGzid2MKRS8Rhq6zLuc8+fuRNbQtjlP7rYBElOaY3xxTk9u6DMnfR
sHWRzkV/PGR+JwVecOEfAyIBZ6XcW3qVMVfFEaocGbUzKLkvZJV0Y/h2kD8PZL9k
2VURNrVujdVSx1WPpsnkrZcwgKJjnOHtP21Q8AnDn8MNfsLN1vZOjRFUgqSynXqX
YxB3dCSIkHCFUwJpvGBWOCchsFfboLMTU045/oAQoHak/ZGrRKdAlbuqywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8HVLgh3AJlHLp084BS/ASTYyqQMB8GA1UdIwQY
MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt
NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5
LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmHKKqT+k
5IyyCDyPocsDz3XseNmeCldAR51l2nRqhUqZaQpOvs489Xkw6ORTmkrg/q6YzGr6
so8Y3NRiH1NdQo0gP9WWGaMbh8WpjyZuEnqnbbVxnGZAamfaxrK6JMm+zldqtj5f
F/0WFOvS/RGpOpQ90DImxHvi4HPTkxdXqdyPEzyEmyb1Ei0WncJfsNZFYA1RD/bb
yyVtzrdLQbM1SncM500qjkomIaoyrmSZcgb+w5ixxHrt/9MJgakO3LPjTRrzau93
nsxzX2uwpvUi7srKrDxkRgKJDQcCC5ek7eOxr2rhujIv4+8OjZtSndAoZApm7Trb
0dUQWbGlJU66lQ==
-----END CERTIFICATE-----