Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
File:                     Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json)
Hash identifier:          TqKp6rl4mIJ4wyo8lGBQivVd93hywNUiXYlIH9yof9A=
Subject key identifier:   11:EF:D7:A4:FB:34:16:85:85:6E:FF:DD:ED:4F:71:3B:82:C8:09:2F
Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F
Certificate issuer:       /CN=6773703eb4eab367ab9de91a2ac41ee32014030f
Certificate serial:       01976F2C3AF4AAEB32B315CD34B702F3A995
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
Manifest number:          0858
Signing time:             Sat 14 Jun 2025 16:00:59 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:59 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:59 +0000
Files and hashes:         1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: l1sdtOME0l8cDiZrXy9krJN88Xm5iurBMDZGVWkeesw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:3a:f4:aa:eb:32:b3:15:cd:34:b7:02:f3:a9:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f
        Validity
            Not Before: Jun 14 16:00:59 2025 GMT
            Not After : Jun 15 16:00:59 2025 GMT
        Subject: CN=11efd7a4fb341685856effdded4f713b82c8092f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:1e:74:d6:67:d7:03:ab:62:39:a8:7b:b3:48:
                    ee:b0:3c:d1:1d:d0:4f:58:25:a7:e7:0a:c2:5e:71:
                    bc:88:c4:22:8c:fb:64:6a:97:18:ed:de:4d:7b:c2:
                    68:90:6b:cc:1b:72:31:23:d0:80:07:6a:09:58:aa:
                    75:21:1e:1b:0c:af:4b:e9:da:14:95:ed:ef:5a:31:
                    68:61:61:da:f0:c5:c4:f8:17:b0:e3:8b:f5:b7:c5:
                    bd:d7:ec:f6:e5:a9:6e:d8:87:42:39:b6:a7:8f:7e:
                    c4:c1:64:76:a6:55:aa:0d:37:d3:bb:17:e7:ca:be:
                    f3:ba:c9:2f:09:12:df:89:f0:a2:c1:2b:d2:5e:2f:
                    a7:5c:15:13:64:ca:95:47:90:0f:5c:f2:26:76:53:
                    ad:d8:23:4a:53:14:98:cb:13:e3:3e:77:0d:b7:19:
                    53:2d:ee:41:96:f5:c6:a2:3b:9c:35:ba:58:12:4d:
                    4e:26:a0:1e:b0:14:71:7f:e0:04:d5:67:61:11:97:
                    2a:be:bb:13:cd:23:9c:7a:22:99:ec:0f:04:45:01:
                    82:e3:1e:d0:1a:17:d1:89:ce:f4:1a:76:01:44:f2:
                    77:f3:47:16:dd:61:61:98:c8:32:30:98:62:aa:79:
                    de:32:8e:00:f1:49:29:1d:b0:be:a7:fe:77:1b:16:
                    61:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:EF:D7:A4:FB:34:16:85:85:6E:FF:DD:ED:4F:71:3B:82:C8:09:2F
            X509v3 Authority Key Identifier:
                keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:63:9c:4a:22:39:73:e6:cf:36:2d:fc:7c:a2:40:0c:e2:2c:
         84:fa:68:b1:35:92:ce:f9:76:cc:22:c3:d8:ef:97:4f:ae:fd:
         6f:3c:9f:aa:a4:66:aa:c8:c8:54:5d:e2:8d:67:8e:19:15:d7:
         d2:70:a0:72:64:cd:59:be:d9:e3:1d:6f:fd:bf:9b:84:42:bf:
         42:bb:22:29:19:34:17:d3:aa:4a:7b:97:66:c6:71:8e:e5:27:
         67:12:f1:ba:47:81:bd:2f:d8:29:fa:97:7c:a0:b3:3d:e0:19:
         3f:0a:f5:be:a1:e4:97:7c:a1:c7:27:22:0d:3e:e6:1a:ee:77:
         9b:b5:0a:b4:9c:dd:e3:fe:bc:6e:19:d3:05:f3:77:61:f3:e1:
         21:8c:4b:f3:25:2c:cb:2c:bc:53:1d:39:5c:82:48:ca:3c:17:
         fd:b4:e7:58:88:1c:10:f9:c5:1a:df:23:0e:61:89:e6:a5:4d:
         65:eb:8a:f5:55:85:e7:32:0b:04:be:31:fd:93:b0:3e:32:22:
         73:6d:07:d1:76:8b:76:bb:ff:cd:88:b8:fa:80:b7:b4:4a:81:
         92:2f:70:e6:fa:e6:85:c3:10:0c:cb:02:e1:fd:06:2a:75:a7:
         b0:9f:bb:9d:1f:69:a5:f8:b3:9e:c5:65:eb:5f:10:1d:7c:bc:
         97:4a:34:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLDr0qusysxXNNLcC86mVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx
NDAzMGYwHhcNMjUwNjE0MTYwMDU5WhcNMjUwNjE1MTYwMDU5WjAzMTEwLwYDVQQD
EygxMWVmZDdhNGZiMzQxNjg1ODU2ZWZmZGRlZDRmNzEzYjgyYzgwOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR501mfXA6tiOah7s0jusDzRHdBP
WCWn5wrCXnG8iMQijPtkapcY7d5Ne8JokGvMG3IxI9CAB2oJWKp1IR4bDK9L6doU
le3vWjFoYWHa8MXE+Bew44v1t8W91+z25alu2IdCObanj37EwWR2plWqDTfTuxfn
yr7zuskvCRLfifCiwSvSXi+nXBUTZMqVR5APXPImdlOt2CNKUxSYyxPjPncNtxlT
Le5BlvXGojucNbpYEk1OJqAesBRxf+AE1WdhEZcqvrsTzSOceiKZ7A8ERQGC4x7Q
GhfRic70GnYBRPJ380cW3WFhmMgyMJhiqnneMo4A8UkpHbC+p/53GxZh+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHv16T7NBaFhW7/3e1PcTuCyAkvMB8GA1UdIwQY
MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt
NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5
LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZWOcSiI5
c+bPNi38fKJADOIshPposTWSzvl2zCLD2O+XT679bzyfqqRmqsjIVF3ijWeOGRXX
0nCgcmTNWb7Z4x1v/b+bhEK/QrsiKRk0F9OqSnuXZsZxjuUnZxLxukeBvS/YKfqX
fKCzPeAZPwr1vqHkl3yhxyciDT7mGu53m7UKtJzd4/68bhnTBfN3YfPhIYxL8yUs
yyy8Ux05XIJIyjwX/bTnWIgcEPnFGt8jDmGJ5qVNZeuK9VWF5zILBL4x/ZOwPjIi
c20H0XaLdrv/zYi4+oC3tEqBki9w5vrmhcMQDMsC4f0GKnWnsJ+7nR9ppfiznsVl
618QHXy8l0o08A==
-----END CERTIFICATE-----