Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
File:                     z32kMRhYgiWjduwhScczbEYzZEA.mft (raw, json)
Hash identifier:          /OROExp36hnLZ6WloYJ9hKtQM72FP72KlehkyqWtCwY=
Subject key identifier:   E1:D2:39:AB:7C:50:21:FA:0C:21:E9:59:FD:7A:B8:F9:35:D0:08:B8
Authority key identifier: CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40
Certificate issuer:       /CN=cf7da43118588225a376ec2149c7336c46336440
Certificate serial:       019679E9D2086BF633E3B71A952BE3777826
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
Manifest number:          0D2F
Signing time:             Mon 28 Apr 2025 01:01:28 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:28 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:28 +0000
Files and hashes:         1: z32kMRhYgiWjduwhScczbEYzZEA.crl (hash: vm7QWK2zLqXoqZ4czyvx0PjjPIJf1eBex+EI9af0kWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 01:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:d2:08:6b:f6:33:e3:b7:1a:95:2b:e3:77:78:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7da43118588225a376ec2149c7336c46336440
        Validity
            Not Before: Apr 28 01:01:28 2025 GMT
            Not After : Apr 29 01:01:28 2025 GMT
        Subject: CN=e1d239ab7c5021fa0c21e959fd7ab8f935d008b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3d:e6:65:cb:0a:b0:2c:94:97:56:a8:b3:71:
                    f4:91:9a:af:c2:d7:e0:01:e4:aa:e7:27:0b:20:55:
                    b9:4b:7a:4d:dd:92:3c:94:7f:d1:a6:f0:47:74:b1:
                    40:25:93:ff:5b:3a:7d:df:0e:f2:03:5b:d6:16:71:
                    cd:d6:1f:63:23:75:5d:00:ef:d9:6b:05:e9:90:48:
                    af:41:f5:c9:b8:55:5a:95:90:c1:09:08:f9:86:49:
                    d2:61:77:8c:18:4e:1e:5e:4c:df:03:00:d5:8a:19:
                    9c:b2:d5:8a:ac:c9:2c:e3:df:73:f4:a1:81:78:e6:
                    18:4d:14:21:cc:71:7a:90:fa:03:7b:35:3c:d8:67:
                    d5:78:96:be:37:3f:82:c6:8f:7c:3e:b8:21:a3:39:
                    c8:83:fe:67:e1:8a:2e:c4:42:f0:82:06:31:e0:54:
                    67:cc:36:2a:47:ef:8d:89:bc:4d:4f:62:91:e5:e6:
                    27:ca:10:aa:ff:25:dc:17:c3:b1:f1:41:1f:ef:8d:
                    00:44:d8:fa:4d:f3:6d:d7:19:7b:43:25:bd:74:d3:
                    fd:f3:00:02:4d:05:d7:96:f2:75:ed:04:d5:f8:cf:
                    43:08:8f:b9:31:a0:ca:f5:90:2e:46:37:72:44:d6:
                    9d:7c:af:2a:ef:fb:b2:50:65:29:bb:31:b6:10:14:
                    f7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:D2:39:AB:7C:50:21:FA:0C:21:E9:59:FD:7A:B8:F9:35:D0:08:B8
            X509v3 Authority Key Identifier:
                keyid:CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:e1:2b:10:fb:65:0e:08:7c:93:22:2d:83:2e:34:45:a3:ed:
         d3:bb:6e:de:bb:25:0b:62:37:1f:ba:ca:30:27:15:5a:25:ed:
         fc:af:62:0d:52:12:99:60:33:12:5a:51:41:6a:b9:4c:d2:c2:
         9a:2d:85:c2:d8:1e:63:f6:d8:e7:2d:1f:72:cd:cb:45:18:b6:
         3d:fd:21:10:98:b0:5d:f4:cf:47:29:aa:a9:60:22:fe:59:8c:
         6a:77:77:77:18:2a:29:9d:c9:50:c6:b6:fb:01:5a:31:4b:aa:
         c8:cd:fa:ba:8b:5f:b2:58:0f:d9:ce:a7:87:c3:28:bc:3d:11:
         de:6b:c2:14:f5:3c:89:e8:79:84:4f:da:f9:09:41:30:af:76:
         16:87:d4:f2:d9:1b:a9:c0:52:7d:ea:24:8d:8b:07:45:ec:d6:
         d2:54:5f:ac:a0:52:78:8d:b7:05:0e:dd:b3:3a:09:8d:ea:bd:
         53:a6:ab:b5:a9:7c:ac:88:79:4e:84:d7:5c:eb:d2:1b:77:4b:
         32:6e:c9:70:c2:cc:72:de:29:69:4c:92:4e:14:20:1a:13:ea:
         01:89:28:56:e4:1c:56:ff:da:0d:f6:6b:4f:82:d0:8f:6b:37:
         e3:88:4e:57:19:d6:55:f9:40:1d:45:8e:f5:f3:8a:77:ac:9a:
         be:b0:32:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56dIIa/Yz47calSvjd3gmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2RhNDMxMTg1ODgyMjVhMzc2ZWMyMTQ5YzczMzZjNDYz
MzY0NDAwHhcNMjUwNDI4MDEwMTI4WhcNMjUwNDI5MDEwMTI4WjAzMTEwLwYDVQQD
EyhlMWQyMzlhYjdjNTAyMWZhMGMyMWU5NTlmZDdhYjhmOTM1ZDAwOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD3mZcsKsCyUl1aos3H0kZqvwtfg
AeSq5ycLIFW5S3pN3ZI8lH/RpvBHdLFAJZP/Wzp93w7yA1vWFnHN1h9jI3VdAO/Z
awXpkEivQfXJuFValZDBCQj5hknSYXeMGE4eXkzfAwDVihmcstWKrMks499z9KGB
eOYYTRQhzHF6kPoDezU82GfVeJa+Nz+Cxo98PrghoznIg/5n4YouxELwggYx4FRn
zDYqR++NibxNT2KR5eYnyhCq/yXcF8Ox8UEf740ARNj6TfNt1xl7QyW9dNP98wAC
TQXXlvJ17QTV+M9DCI+5MaDK9ZAuRjdyRNadfK8q7/uyUGUpuzG2EBT3iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHSOat8UCH6DCHpWf16uPk10Ai4MB8GA1UdIwQY
MBaAFM99pDEYWIIlo3bsIUnHM2xGM2RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUt
YzVmMTdlYWI0MWQ1LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUtYzVmMTdlYWI0MWQ1
LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+ErEPtl
Dgh8kyItgy40RaPt07tu3rslC2I3H7rKMCcVWiXt/K9iDVISmWAzElpRQWq5TNLC
mi2FwtgeY/bY5y0fcs3LRRi2Pf0hEJiwXfTPRymqqWAi/lmMand3dxgqKZ3JUMa2
+wFaMUuqyM36uotfslgP2c6nh8MovD0R3mvCFPU8ieh5hE/a+QlBMK92FofU8tkb
qcBSfeokjYsHRezW0lRfrKBSeI23BQ7dszoJjeq9U6artal8rIh5ToTXXOvSG3dL
Mm7JcMLMct4paUySThQgGhPqAYkoVuQcVv/aDfZrT4LQj2s344hOVxnWVflAHUWO
9fOKd6yavrAyYw==
-----END CERTIFICATE-----