Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          29kvCg0O6mkXT5EEOXCa5t0Wy3JwOPq+VSyQcHfDYGU=
Subject key identifier:   7A:46:B3:DE:40:EC:B5:E2:14:18:34:68:60:8A:8B:C9:62:F1:F4:A0
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       01989411CB06D8C8F1BBB0B0972AA397C8DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          139D
Signing time:             Sun 10 Aug 2025 13:00:50 +0000
Manifest this update:     Sun 10 Aug 2025 13:00:50 +0000
Manifest next update:     Mon 11 Aug 2025 13:00:50 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: G9rTAI7q/wQiIFRYzkFUBGyYh0e8jH7TtVazqzuLAmE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:11:cb:06:d8:c8:f1:bb:b0:b0:97:2a:a3:97:c8:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Aug 10 13:00:50 2025 GMT
            Not After : Aug 11 13:00:50 2025 GMT
        Subject: CN=7a46b3de40ecb5e214183468608a8bc962f1f4a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:38:b3:87:0d:5f:88:82:8c:9f:07:bb:aa:f9:
                    21:40:f4:83:ef:5a:1f:43:b3:2e:9f:22:02:bf:59:
                    60:68:ac:ba:c7:be:d4:b1:d2:e2:5e:90:bf:b9:57:
                    3a:27:90:8f:da:81:d2:16:5a:21:f3:e2:7d:8f:65:
                    5b:95:c1:4e:93:68:77:33:85:f5:ae:93:8a:10:9d:
                    7e:7f:56:83:62:d3:e4:bc:57:d7:7c:e1:f8:c9:81:
                    99:9f:ca:cf:6f:ed:a2:a1:1e:b3:a4:3a:89:d7:19:
                    c0:10:fd:4d:a5:5e:e8:be:31:4d:16:e8:95:01:23:
                    da:95:29:4e:fb:b7:09:0a:1d:fb:1f:ff:3b:94:4b:
                    5a:08:99:60:a3:a8:b9:b5:a2:72:de:10:1c:ae:2c:
                    37:ec:51:56:b9:72:82:28:6f:cb:41:c8:57:a7:13:
                    9f:5f:03:6e:8b:6c:55:43:bd:30:6b:e8:ee:1a:1e:
                    73:79:0a:d8:0a:67:c2:fc:fa:54:a9:46:31:68:6e:
                    7f:0a:c9:6b:bb:de:09:8e:1c:d3:93:48:2c:b5:28:
                    45:b3:63:9c:64:b5:0a:d2:1e:d7:a6:ad:76:47:3e:
                    e3:9a:35:fc:c4:fb:5b:b5:5f:f5:93:45:ce:39:5f:
                    5e:cd:d1:82:ae:b6:a4:86:34:66:1a:f5:d7:25:11:
                    96:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:46:B3:DE:40:EC:B5:E2:14:18:34:68:60:8A:8B:C9:62:F1:F4:A0
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:28:55:91:0d:f8:b9:0b:26:da:d8:e7:c0:e6:94:b4:e6:e9:
         1e:7d:87:51:82:5f:97:6a:79:74:75:93:ca:02:3d:16:ea:aa:
         f4:34:22:d7:85:7e:8d:c0:58:94:97:50:a0:f7:c6:c4:1b:a2:
         bf:64:39:e4:6e:9f:7d:25:e1:47:27:29:4f:43:d2:30:7b:8b:
         92:45:41:f1:c2:71:72:60:5a:2c:eb:95:1e:4f:9d:87:1f:69:
         9b:0c:e8:be:a0:8f:f9:ef:5e:2a:d1:ef:76:9d:84:32:a7:06:
         b6:a4:cd:45:76:c9:89:f3:eb:94:85:17:8b:ab:66:b3:73:cf:
         49:04:30:c8:58:1c:ad:91:f9:b7:b0:53:da:ba:81:8d:d6:b7:
         d5:e6:6f:5d:db:22:f6:fb:1d:19:93:3b:a4:e6:d6:bd:ef:e8:
         a1:60:ef:36:78:1f:88:e1:11:23:92:88:9e:e2:b4:da:44:11:
         6e:5a:73:81:32:d6:e0:8b:8b:28:e7:87:36:7a:f9:19:e5:1e:
         04:6e:1e:fa:43:9a:b1:7c:e2:8b:91:1f:c5:55:63:dd:65:4a:
         be:ea:2e:60:4f:ca:fa:ac:26:b8:6f:f2:8c:94:e6:0c:4c:91:
         38:af:16:38:f0:12:e2:a9:ce:22:15:c8:7e:94:28:21:16:47:
         f4:7a:68:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUEcsG2Mjxu7Cwlyqjl8jdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjUwODEwMTMwMDUwWhcNMjUwODExMTMwMDUwWjAzMTEwLwYDVQQD
Eyg3YTQ2YjNkZTQwZWNiNWUyMTQxODM0Njg2MDhhOGJjOTYyZjFmNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDizhw1fiIKMnwe7qvkhQPSD71of
Q7MunyICv1lgaKy6x77UsdLiXpC/uVc6J5CP2oHSFloh8+J9j2VblcFOk2h3M4X1
rpOKEJ1+f1aDYtPkvFfXfOH4yYGZn8rPb+2ioR6zpDqJ1xnAEP1NpV7ovjFNFuiV
ASPalSlO+7cJCh37H/87lEtaCJlgo6i5taJy3hAcriw37FFWuXKCKG/LQchXpxOf
XwNui2xVQ70wa+juGh5zeQrYCmfC/PpUqUYxaG5/Cslru94JjhzTk0gstShFs2Oc
ZLUK0h7Xpq12Rz7jmjX8xPtbtV/1k0XOOV9ezdGCrrakhjRmGvXXJRGWdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpGs95A7LXiFBg0aGCKi8li8fSgMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADChVkQ34
uQsm2tjnwOaUtObpHn2HUYJfl2p5dHWTygI9Fuqq9DQi14V+jcBYlJdQoPfGxBui
v2Q55G6ffSXhRycpT0PSMHuLkkVB8cJxcmBaLOuVHk+dhx9pmwzovqCP+e9eKtHv
dp2EMqcGtqTNRXbJifPrlIUXi6tms3PPSQQwyFgcrZH5t7BT2rqBjda31eZvXdsi
9vsdGZM7pObWve/ooWDvNngfiOERI5KInuK02kQRblpzgTLW4IuLKOeHNnr5GeUe
BG4e+kOasXzii5EfxVVj3WVKvuouYE/K+qwmuG/yjJTmDEyROK8WOPAS4qnOIhXI
fpQoIRZH9Hposw==
-----END CERTIFICATE-----