Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          PTWb7oban/COAhV/UGSATQH6g88o/pDt0HtBJDH8eBY=
Subject key identifier:   3E:F7:57:CD:60:20:92:5D:1B:ED:1C:FE:C5:44:B2:07:F8:31:A5:BD
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       0196748C4026617F03B37E942D91F86FF96B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0932
Signing time:             Sun 27 Apr 2025 00:01:10 +0000
Manifest this update:     Sun 27 Apr 2025 00:01:10 +0000
Manifest next update:     Mon 28 Apr 2025 00:01:10 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: vQnDOH8qpmwWD9qWnZbNUdYB763A1blz3cS9WqpQRhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:8c:40:26:61:7f:03:b3:7e:94:2d:91:f8:6f:f9:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Apr 27 00:01:10 2025 GMT
            Not After : Apr 28 00:01:10 2025 GMT
        Subject: CN=3ef757cd6020925d1bed1cfec544b207f831a5bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f9:55:64:fc:4b:df:a6:37:7c:59:8e:cd:05:
                    84:79:7a:b6:97:f9:04:40:d0:21:3e:f0:51:c8:16:
                    97:01:bd:b3:72:2d:ab:c0:e3:6e:a1:96:ab:ba:2e:
                    45:5d:45:8c:45:e1:5d:e3:f4:27:ba:81:7d:54:7e:
                    91:14:25:a4:97:66:c0:63:50:ba:ca:6f:58:9e:1d:
                    bc:60:f1:05:e2:bb:f7:ef:e3:7d:c5:ef:d8:5c:e9:
                    da:b1:99:c9:1e:24:04:76:94:44:5e:0e:6e:c3:52:
                    33:a7:a5:c4:0d:b9:a4:ac:1f:8e:a5:6f:41:fd:4b:
                    34:2e:c4:91:9a:f9:d2:fe:20:95:76:16:e5:a8:0f:
                    2d:b2:74:62:9e:60:2d:90:cf:03:19:e6:3e:04:14:
                    7b:e2:b7:48:f0:16:5a:8d:95:e1:f0:ba:8c:dd:34:
                    5b:1e:ed:ca:31:a4:4d:69:fc:f2:3c:ef:08:da:fa:
                    c6:7b:a1:2f:5d:99:5c:49:4b:28:ed:c3:2d:69:44:
                    f1:2e:3e:71:13:17:72:d1:69:2f:b2:91:42:dc:a3:
                    44:75:76:72:d1:99:56:f8:09:a7:dd:40:79:53:71:
                    4a:f0:ed:d2:83:3d:91:c3:23:79:e9:42:c2:32:52:
                    73:6a:3f:78:62:5d:7a:9e:54:17:80:8a:38:05:57:
                    d7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F7:57:CD:60:20:92:5D:1B:ED:1C:FE:C5:44:B2:07:F8:31:A5:BD
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:15:87:93:39:da:71:96:78:88:e1:b5:64:97:b2:4f:75:27:
         ef:5b:88:e3:dc:1f:f8:b4:c8:fd:3d:23:ed:c9:a9:6a:69:29:
         20:b6:64:ed:9e:a9:9d:4c:e2:84:2c:1a:53:22:e9:62:8a:20:
         04:04:3a:db:36:d1:7a:6f:f2:e0:75:fd:d1:f7:96:a4:13:2c:
         ec:7d:83:f0:a2:9d:de:f9:c3:86:b1:c2:f0:a9:5c:71:27:6a:
         11:68:46:60:f2:af:43:21:84:42:5a:73:0b:34:ea:d3:96:37:
         6a:45:1d:7b:30:f5:a2:1b:a9:f9:7c:a1:1c:38:97:0b:92:19:
         92:1a:9d:aa:24:b6:07:bc:f5:aa:87:d1:ef:bc:09:07:a4:ce:
         35:1c:48:9f:fd:94:8c:f2:17:d3:02:48:5c:f4:fb:08:47:29:
         d9:c3:c2:44:c7:cc:2f:13:76:0b:23:86:24:83:0b:85:c0:57:
         aa:1d:c5:9e:e2:ec:88:b7:70:09:98:87:6a:fb:46:e1:3c:a7:
         8c:dd:df:c5:71:a3:7b:08:7c:c3:7e:b2:27:c9:42:28:07:3f:
         fc:05:9d:21:5c:43:00:f3:d3:08:2c:49:29:9a:ba:10:45:1e:
         02:df:3c:11:9d:a1:76:eb:0d:68:43:43:de:b6:40:0c:36:bc:
         dc:93:24:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0jEAmYX8Ds36ULZH4b/lrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUwNDI3MDAwMTEwWhcNMjUwNDI4MDAwMTEwWjAzMTEwLwYDVQQD
EygzZWY3NTdjZDYwMjA5MjVkMWJlZDFjZmVjNTQ0YjIwN2Y4MzFhNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5flVZPxL36Y3fFmOzQWEeXq2l/kE
QNAhPvBRyBaXAb2zci2rwONuoZarui5FXUWMReFd4/QnuoF9VH6RFCWkl2bAY1C6
ym9Ynh28YPEF4rv37+N9xe/YXOnasZnJHiQEdpREXg5uw1Izp6XEDbmkrB+OpW9B
/Us0LsSRmvnS/iCVdhblqA8tsnRinmAtkM8DGeY+BBR74rdI8BZajZXh8LqM3TRb
Hu3KMaRNafzyPO8I2vrGe6EvXZlcSUso7cMtaUTxLj5xExdy0WkvspFC3KNEdXZy
0ZlW+Amn3UB5U3FK8O3Sgz2RwyN56ULCMlJzaj94Yl16nlQXgIo4BVfXlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD73V81gIJJdG+0c/sVEsgf4MaW9MB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPRWHkzna
cZZ4iOG1ZJeyT3Un71uI49wf+LTI/T0j7cmpamkpILZk7Z6pnUzihCwaUyLpYoog
BAQ62zbRem/y4HX90feWpBMs7H2D8KKd3vnDhrHC8KlccSdqEWhGYPKvQyGEQlpz
CzTq05Y3akUdezD1ohup+XyhHDiXC5IZkhqdqiS2B7z1qofR77wJB6TONRxIn/2U
jPIX0wJIXPT7CEcp2cPCRMfMLxN2CyOGJIMLhcBXqh3FnuLsiLdwCZiHavtG4Tyn
jN3fxXGjewh8w36yJ8lCKAc//AWdIVxDAPPTCCxJKZq6EEUeAt88EZ2hdusNaEND
3rZADDa83JMkjQ==
-----END CERTIFICATE-----