Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
File:                     ZQXsmbwMbKl7--a9UkTeywKGbis.mft (raw, json)
Hash identifier:          Wqev9+tV2X5PyRXm4F7rztzzIZoUM6RoUddAdR0H4Jc=
Subject key identifier:   D8:D0:7B:9E:BB:B6:D0:6A:B5:BB:E0:2A:EF:FD:D7:04:64:3F:A3:DB
Authority key identifier: 65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B
Certificate issuer:       /CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
Certificate serial:       019681A315671A51BE5B18C4D9A3FD08F925
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
Manifest number:          0A09
Signing time:             Tue 29 Apr 2025 13:01:10 +0000
Manifest this update:     Tue 29 Apr 2025 13:01:10 +0000
Manifest next update:     Wed 30 Apr 2025 13:01:10 +0000
Files and hashes:         1: ZQXsmbwMbKl7--a9UkTeywKGbis.crl (hash: xK4yaTyKOefWKtW1V/ZsDWnOxBdm2JSG0mkEwrzfkxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a3:15:67:1a:51:be:5b:18:c4:d9:a3:fd:08:f9:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
        Validity
            Not Before: Apr 29 13:01:10 2025 GMT
            Not After : Apr 30 13:01:10 2025 GMT
        Subject: CN=d8d07b9ebbb6d06ab5bbe02aeffdd704643fa3db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:1a:28:fb:02:71:da:b0:4f:c4:99:8b:2e:f0:
                    ec:01:dc:84:a0:86:ae:9b:a3:48:d9:4e:7a:cb:f1:
                    eb:2c:db:04:d3:e7:42:bb:bc:df:1c:4a:f1:62:6d:
                    29:f3:1d:9e:38:bb:85:65:d5:40:5d:34:3f:b7:4e:
                    8b:29:9c:cb:08:f2:38:58:16:6f:31:21:7b:4e:e9:
                    fb:e0:9c:8c:be:42:4c:07:10:19:e5:9e:3e:de:f8:
                    b5:cc:d7:38:8d:b1:8c:e2:da:ad:86:56:80:23:e4:
                    c1:44:08:89:54:95:e2:c6:fe:5e:79:5d:e0:46:15:
                    1a:f1:8f:13:86:1d:d1:f6:c0:e7:e2:6f:96:0e:8a:
                    6c:47:92:53:9c:ae:ac:ff:fb:2f:34:ef:43:a0:49:
                    55:5b:59:e5:19:d8:45:2e:18:8a:26:28:e4:30:fa:
                    96:e5:30:05:08:63:4f:e6:cb:72:9c:34:db:29:45:
                    47:00:83:cf:2e:e9:2e:36:05:f4:e6:af:3f:f0:36:
                    d8:4e:fe:ac:12:d3:7f:1f:e5:9d:8a:8d:2b:23:15:
                    be:27:a1:7f:00:a0:44:f1:9a:5b:91:8d:3d:17:3b:
                    58:9c:0a:55:c3:90:2f:9f:1d:01:89:7d:39:eb:ed:
                    83:de:8f:87:f4:19:a6:4e:5b:fb:6d:f9:86:32:a8:
                    98:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:D0:7B:9E:BB:B6:D0:6A:B5:BB:E0:2A:EF:FD:D7:04:64:3F:A3:DB
            X509v3 Authority Key Identifier:
                keyid:65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:7b:64:a4:a6:45:b5:c9:7f:71:54:d1:31:67:14:30:40:b6:
         ad:9e:44:b2:04:8f:7b:79:c4:d8:e4:da:4c:b8:90:19:6d:d9:
         aa:9a:a8:2f:e5:d5:8e:ae:63:9f:12:ad:92:ee:0a:53:78:4f:
         43:5f:18:d8:54:6e:bb:84:dd:35:a8:32:a2:39:0a:20:ca:28:
         de:ab:56:92:b7:57:5e:f8:a5:02:fc:a2:f1:28:81:d4:ad:50:
         00:d8:0e:a5:73:7a:7f:d3:cf:6d:02:2c:ba:ba:e2:78:c0:eb:
         36:1d:2a:6e:d6:28:93:2f:c8:3d:9d:35:f9:dc:d5:31:e3:7a:
         32:12:09:76:06:4e:57:82:26:54:32:de:17:1c:41:5b:ec:eb:
         ef:84:41:7e:c8:24:02:be:d3:78:9d:39:29:a1:9b:de:23:03:
         14:6e:d4:77:2d:18:71:f2:04:50:dc:cf:59:e8:bd:3f:1d:7d:
         e8:71:c7:35:4d:7d:1e:ed:ae:5c:e6:c1:b3:2d:e4:6a:d6:4d:
         b8:7b:2c:15:77:8e:a6:1d:43:1d:af:a7:9f:d5:4a:71:ca:51:
         36:a5:1b:b7:29:94:79:f9:f0:07:e4:ba:78:97:32:a1:be:f9:
         a5:b0:42:d6:04:71:2c:63:00:3c:94:85:ab:a7:b3:6c:ad:f5:
         b7:be:4b:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBoxVnGlG+WxjE2aP9CPklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDVlYzk5YmMwYzZjYTk3YmZiZTZiZDUyNDRkZWNiMDI4
NjZlMmIwHhcNMjUwNDI5MTMwMTEwWhcNMjUwNDMwMTMwMTEwWjAzMTEwLwYDVQQD
EyhkOGQwN2I5ZWJiYjZkMDZhYjViYmUwMmFlZmZkZDcwNDY0M2ZhM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Boo+wJx2rBPxJmLLvDsAdyEoIau
m6NI2U56y/HrLNsE0+dCu7zfHErxYm0p8x2eOLuFZdVAXTQ/t06LKZzLCPI4WBZv
MSF7Tun74JyMvkJMBxAZ5Z4+3vi1zNc4jbGM4tqthlaAI+TBRAiJVJXixv5eeV3g
RhUa8Y8Thh3R9sDn4m+WDopsR5JTnK6s//svNO9DoElVW1nlGdhFLhiKJijkMPqW
5TAFCGNP5stynDTbKUVHAIPPLukuNgX05q8/8DbYTv6sEtN/H+Wdio0rIxW+J6F/
AKBE8ZpbkY09FztYnApVw5Avnx0BiX056+2D3o+H9BmmTlv7bfmGMqiYTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjQe567ttBqtbvgKu/91wRkP6PbMB8GA1UdIwQY
MBaAFGUF7Jm8DGype/vmvVJE3ssChm4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEt
ZmRhNWRkNTkwZjE2LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEtZmRhNWRkNTkwZjE2
LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgXtkpKZF
tcl/cVTRMWcUMEC2rZ5EsgSPe3nE2OTaTLiQGW3ZqpqoL+XVjq5jnxKtku4KU3hP
Q18Y2FRuu4TdNagyojkKIMoo3qtWkrdXXvilAvyi8SiB1K1QANgOpXN6f9PPbQIs
urrieMDrNh0qbtYoky/IPZ01+dzVMeN6MhIJdgZOV4ImVDLeFxxBW+zr74RBfsgk
Ar7TeJ05KaGb3iMDFG7Udy0YcfIEUNzPWei9Px196HHHNU19Hu2uXObBsy3katZN
uHssFXeOph1DHa+nn9VKccpRNqUbtymUefnwB+S6eJcyob75pbBC1gRxLGMAPJSF
q6ezbK31t75Lkg==
-----END CERTIFICATE-----