Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
File:                     z32kMRhYgiWjduwhScczbEYzZEA.mft (raw, json)
Hash identifier:          ZUtCzadNKTJK8GWo52WBE9F/VmRRagCRytx5JCN1QlQ=
Subject key identifier:   A8:98:EF:DD:E3:55:42:DC:22:CC:4A:B2:DF:C5:6E:73:BD:2D:D6:74
Authority key identifier: CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40
Certificate issuer:       /CN=cf7da43118588225a376ec2149c7336c46336440
Certificate serial:       019873E2E67F931F17FAF49C0B9ED7BED8F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
Manifest number:          0E35
Signing time:             Mon 04 Aug 2025 07:01:46 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:46 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:46 +0000
Files and hashes:         1: z32kMRhYgiWjduwhScczbEYzZEA.crl (hash: GZIypMbiDDCp78ms5SLTeKhfOMtmfkUtb5JYlsRIqQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:e6:7f:93:1f:17:fa:f4:9c:0b:9e:d7:be:d8:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7da43118588225a376ec2149c7336c46336440
        Validity
            Not Before: Aug  4 07:01:46 2025 GMT
            Not After : Aug  5 07:01:46 2025 GMT
        Subject: CN=a898efdde35542dc22cc4ab2dfc56e73bd2dd674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:0b:7d:cc:2c:47:d0:19:06:c8:64:55:3f:c7:
                    d6:1d:67:af:a0:d0:d5:dd:c9:78:07:2e:7e:f6:2c:
                    17:63:b1:60:42:48:4a:9c:36:91:e9:11:69:0c:60:
                    d4:ce:8e:2b:2c:f6:37:79:6b:ca:0c:53:8f:52:09:
                    d1:c3:fd:36:70:c8:df:b5:a1:b2:e7:9d:11:77:a4:
                    2d:55:92:91:0d:d2:e5:cc:67:ab:e1:75:22:c7:36:
                    77:68:26:9d:a6:e7:b0:ac:5a:8c:a9:41:16:c6:b2:
                    0c:eb:66:9e:0e:8d:9e:ab:62:6c:fd:20:18:1f:24:
                    14:89:c0:66:aa:d6:c1:a9:01:4a:4f:d8:e2:2c:75:
                    95:88:1c:8e:df:87:ba:ae:47:98:08:3c:14:f6:8e:
                    4e:35:38:00:4b:d1:65:74:f6:3c:24:f3:ab:b9:21:
                    10:ea:aa:b9:9f:db:24:46:d7:d2:96:cd:fb:39:8d:
                    9d:2b:ca:7b:0c:2c:29:2f:d0:e3:f6:c7:ad:8d:c5:
                    b9:60:a7:77:68:18:5e:0e:7f:82:75:66:2b:92:9e:
                    9d:66:48:56:3e:ab:ad:09:23:3d:cc:74:d9:f1:8d:
                    18:b5:d4:36:7c:95:bb:6d:f6:53:ec:50:1c:4c:ee:
                    c7:26:cb:ba:b9:ff:65:0d:46:ce:32:68:8e:2c:e5:
                    7f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:98:EF:DD:E3:55:42:DC:22:CC:4A:B2:DF:C5:6E:73:BD:2D:D6:74
            X509v3 Authority Key Identifier:
                keyid:CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:eb:56:1d:39:36:20:00:77:eb:8f:16:8e:c4:70:d7:5c:b0:
         20:2f:87:65:db:e6:44:24:07:5b:1a:8c:2b:5a:fb:bd:51:e3:
         d3:fe:7b:7b:1b:83:21:a1:00:0f:44:32:22:0a:b1:cf:98:0a:
         2a:63:04:e0:63:c4:b3:0f:3b:a5:b6:b1:33:8e:da:fe:73:14:
         09:11:ba:1d:1d:5f:a8:cf:aa:a8:be:91:49:31:5e:55:16:a6:
         ab:0c:10:95:36:18:da:53:9c:03:91:b7:4d:5e:22:f2:89:0d:
         44:fe:24:24:28:18:d0:00:56:10:46:8d:b5:14:ef:d1:34:59:
         1b:93:82:0b:77:d7:ca:34:f7:7b:cf:c6:17:91:fe:30:7b:b9:
         b4:6d:26:e8:9c:33:0c:2f:d6:c5:92:1a:40:0d:1d:63:f9:45:
         06:72:44:64:0f:56:ee:44:2b:a1:65:f4:82:db:05:7f:83:bc:
         f4:0e:c8:53:45:11:0c:83:a0:24:58:26:19:77:3c:42:85:e5:
         7a:eb:05:04:a9:4e:02:89:19:9e:53:71:91:ee:ec:03:a1:28:
         8e:31:0a:73:82:d8:5d:fb:32:3f:32:bb:66:d3:e9:99:16:89:
         58:85:9b:57:6c:f0:c7:0f:e2:2f:ba:13:90:13:0b:f8:d1:cd:
         cc:f9:12:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4uZ/kx8X+vScC57XvtjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2RhNDMxMTg1ODgyMjVhMzc2ZWMyMTQ5YzczMzZjNDYz
MzY0NDAwHhcNMjUwODA0MDcwMTQ2WhcNMjUwODA1MDcwMTQ2WjAzMTEwLwYDVQQD
EyhhODk4ZWZkZGUzNTU0MmRjMjJjYzRhYjJkZmM1NmU3M2JkMmRkNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9At9zCxH0BkGyGRVP8fWHWevoNDV
3cl4By5+9iwXY7FgQkhKnDaR6RFpDGDUzo4rLPY3eWvKDFOPUgnRw/02cMjftaGy
550Rd6QtVZKRDdLlzGer4XUixzZ3aCadpuewrFqMqUEWxrIM62aeDo2eq2Js/SAY
HyQUicBmqtbBqQFKT9jiLHWViByO34e6rkeYCDwU9o5ONTgAS9FldPY8JPOruSEQ
6qq5n9skRtfSls37OY2dK8p7DCwpL9Dj9setjcW5YKd3aBheDn+CdWYrkp6dZkhW
PqutCSM9zHTZ8Y0YtdQ2fJW7bfZT7FAcTO7HJsu6uf9lDUbOMmiOLOV/FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiY793jVULcIsxKst/FbnO9LdZ0MB8GA1UdIwQY
MBaAFM99pDEYWIIlo3bsIUnHM2xGM2RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUt
YzVmMTdlYWI0MWQ1LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUtYzVmMTdlYWI0MWQ1
LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHutWHTk2
IAB3648WjsRw11ywIC+HZdvmRCQHWxqMK1r7vVHj0/57exuDIaEAD0QyIgqxz5gK
KmME4GPEsw87pbaxM47a/nMUCRG6HR1fqM+qqL6RSTFeVRamqwwQlTYY2lOcA5G3
TV4i8okNRP4kJCgY0ABWEEaNtRTv0TRZG5OCC3fXyjT3e8/GF5H+MHu5tG0m6Jwz
DC/WxZIaQA0dY/lFBnJEZA9W7kQroWX0gtsFf4O89A7IU0URDIOgJFgmGXc8QoXl
eusFBKlOAokZnlNxke7sA6EojjEKc4LYXfsyPzK7ZtPpmRaJWIWbV2zwxw/iL7oT
kBML+NHNzPkSaw==
-----END CERTIFICATE-----