Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
File:                     z32kMRhYgiWjduwhScczbEYzZEA.mft (raw, json)
Hash identifier:          lriOLw84A5oLtYZaEld/djaU+7uj5OOWDce1r1bHKl4=
Subject key identifier:   F5:43:BB:A8:9C:E3:66:D0:6B:37:A5:A3:E3:65:13:31:91:FB:80:43
Authority key identifier: CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40
Certificate issuer:       /CN=cf7da43118588225a376ec2149c7336c46336440
Certificate serial:       01976F2C6DC6678E6ECC4F398BBA52299F0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
Manifest number:          0DAE
Signing time:             Sat 14 Jun 2025 16:01:11 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:11 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:11 +0000
Files and hashes:         1: z32kMRhYgiWjduwhScczbEYzZEA.crl (hash: Zb1w8nwVOquxAf0A5ly75iRP1rTf3NElcK2+bJIjR38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:6d:c6:67:8e:6e:cc:4f:39:8b:ba:52:29:9f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7da43118588225a376ec2149c7336c46336440
        Validity
            Not Before: Jun 14 16:01:11 2025 GMT
            Not After : Jun 15 16:01:11 2025 GMT
        Subject: CN=f543bba89ce366d06b37a5a3e365133191fb8043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a7:0b:e7:bc:b3:25:54:12:91:38:af:dc:fc:
                    cb:18:65:04:25:f2:5b:38:fa:3b:c9:3b:5c:5d:13:
                    17:42:b9:9a:dd:34:e5:56:c3:2b:d1:9b:77:f6:f0:
                    cf:7b:65:46:c1:89:c6:fb:d6:48:80:9e:0a:17:0e:
                    32:06:5f:a2:fd:df:78:23:4b:5e:2e:4e:fc:36:1d:
                    36:b3:9e:ac:9c:b0:c8:50:44:7b:a5:a3:fa:8f:2e:
                    32:3f:6a:cb:9a:72:46:f5:4e:0a:9e:a3:91:5a:3d:
                    28:c1:8e:dd:5a:7e:0e:06:d1:cb:4a:7f:4f:31:0b:
                    31:b1:46:43:70:8c:a6:17:3b:0f:cf:a3:2c:65:6c:
                    e2:9d:17:4b:5b:1a:f8:ce:05:12:85:3d:4d:4e:99:
                    17:8c:0e:b1:3b:db:90:f6:77:2a:39:c0:be:83:47:
                    ff:63:84:2b:14:4d:b2:fc:b3:55:eb:a7:6d:90:2e:
                    ca:8d:ae:7b:02:62:56:d5:15:da:ed:af:e4:da:55:
                    b6:22:4a:f7:e4:e6:5e:e9:73:95:93:b5:09:da:20:
                    7b:97:9b:4b:88:0c:2c:b5:2b:75:ab:6f:6b:5c:67:
                    89:9c:fa:7b:a2:4b:56:78:62:7e:ed:1f:4a:e9:fe:
                    33:38:9f:9b:97:53:1e:fe:6d:f5:ae:8d:d8:bb:91:
                    b9:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:43:BB:A8:9C:E3:66:D0:6B:37:A5:A3:E3:65:13:31:91:FB:80:43
            X509v3 Authority Key Identifier:
                keyid:CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:f6:e7:95:7e:32:8c:37:bf:a7:e4:a2:58:35:3d:48:bb:3e:
         3c:7b:d1:a6:f0:aa:5b:10:82:4b:44:88:af:8d:48:d6:d2:39:
         64:bb:15:bb:3e:5c:d1:b4:03:e7:bd:65:57:6f:ee:92:de:d1:
         57:6c:1d:7f:a8:42:58:e3:a0:22:32:86:8b:00:22:7e:19:9a:
         cb:44:be:ba:5a:8d:6d:63:87:b2:5c:99:55:29:88:c8:72:88:
         82:82:bf:b0:10:a8:27:dd:f9:08:ca:6b:67:d4:fb:b5:41:5e:
         6d:c5:8e:dc:fc:dc:ea:db:45:94:cf:01:fe:8e:49:3a:33:c0:
         71:92:e2:15:8b:9b:71:e2:49:00:45:7b:be:0a:de:8e:88:99:
         ec:1b:fb:2b:25:c0:87:ef:0c:6a:23:ab:12:ae:c0:4f:96:61:
         a3:61:7e:4e:63:5d:54:07:19:c6:21:6b:c4:6b:2f:3a:64:da:
         f7:c1:27:50:2c:83:73:16:82:6f:6d:3f:38:6e:da:be:ed:f6:
         d0:90:4c:79:20:78:16:dd:69:ac:0f:64:36:94:2e:b9:e4:ab:
         71:7d:72:54:f2:38:3e:8f:71:98:b4:b2:b2:e1:15:85:80:e3:
         a9:74:4a:cd:79:be:c2:4f:dc:23:8b:44:a7:d7:95:dc:a2:64:
         dd:7f:5f:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLG3GZ45uzE85i7pSKZ8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2RhNDMxMTg1ODgyMjVhMzc2ZWMyMTQ5YzczMzZjNDYz
MzY0NDAwHhcNMjUwNjE0MTYwMTExWhcNMjUwNjE1MTYwMTExWjAzMTEwLwYDVQQD
EyhmNTQzYmJhODljZTM2NmQwNmIzN2E1YTNlMzY1MTMzMTkxZmI4MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqcL57yzJVQSkTiv3PzLGGUEJfJb
OPo7yTtcXRMXQrma3TTlVsMr0Zt39vDPe2VGwYnG+9ZIgJ4KFw4yBl+i/d94I0te
Lk78Nh02s56snLDIUER7paP6jy4yP2rLmnJG9U4KnqORWj0owY7dWn4OBtHLSn9P
MQsxsUZDcIymFzsPz6MsZWzinRdLWxr4zgUShT1NTpkXjA6xO9uQ9ncqOcC+g0f/
Y4QrFE2y/LNV66dtkC7Kja57AmJW1RXa7a/k2lW2Ikr35OZe6XOVk7UJ2iB7l5tL
iAwstSt1q29rXGeJnPp7oktWeGJ+7R9K6f4zOJ+bl1Me/m31ro3Yu5G5GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVDu6ic42bQazelo+NlEzGR+4BDMB8GA1UdIwQY
MBaAFM99pDEYWIIlo3bsIUnHM2xGM2RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUt
YzVmMTdlYWI0MWQ1LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUtYzVmMTdlYWI0MWQ1
LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKvbnlX4y
jDe/p+SiWDU9SLs+PHvRpvCqWxCCS0SIr41I1tI5ZLsVuz5c0bQD571lV2/ukt7R
V2wdf6hCWOOgIjKGiwAifhmay0S+ulqNbWOHslyZVSmIyHKIgoK/sBCoJ935CMpr
Z9T7tUFebcWO3Pzc6ttFlM8B/o5JOjPAcZLiFYubceJJAEV7vgrejoiZ7Bv7KyXA
h+8MaiOrEq7AT5Zho2F+TmNdVAcZxiFrxGsvOmTa98EnUCyDcxaCb20/OG7avu32
0JBMeSB4Ft1prA9kNpQuueSrcX1yVPI4Po9xmLSysuEVhYDjqXRKzXm+wk/cI4tE
p9eV3KJk3X9fIg==
-----END CERTIFICATE-----