Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
File:                     zQwDKJL2la9ME_sKyoBD0Xsbl78.mft (raw, json)
Hash identifier:          WZFWJTg/tK7wOikh4qjz+T0DedfXVzEVxB1paSlonAM=
Subject key identifier:   B6:D2:93:61:DA:50:5D:B2:A6:40:A5:FA:E2:2F:17:68:A9:F2:8A:62
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Certificate issuer:       /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial:       0197700796F68A2AD97A929C3FF110E60A8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
Manifest number:          0932
Signing time:             Sat 14 Jun 2025 20:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:34 +0000
Files and hashes:         1: zQwDKJL2la9ME_sKyoBD0Xsbl78.crl (hash: rIv4EnJXm2zpTJXowp8ZGgGGuHmfLKlCoJbwzoNThDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:96:f6:8a:2a:d9:7a:92:9c:3f:f1:10:e6:0a:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
        Validity
            Not Before: Jun 14 20:00:34 2025 GMT
            Not After : Jun 15 20:00:34 2025 GMT
        Subject: CN=b6d29361da505db2a640a5fae22f1768a9f28a62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:72:fc:3d:78:f0:a2:ef:0a:0e:a5:2d:36:a9:
                    d9:3f:46:ed:64:cb:d7:9b:76:7c:0d:24:e4:76:b6:
                    47:b2:3d:2a:37:08:5c:8a:b2:fc:29:b1:82:1a:85:
                    7e:6a:1f:dd:06:fc:e7:7f:9d:32:7e:10:b9:55:4f:
                    01:76:73:dd:38:d9:f8:10:c5:f0:00:78:ad:e8:81:
                    1f:54:6e:4c:c1:19:b6:e2:c0:2c:d5:f3:a7:47:f9:
                    11:74:08:a4:55:fc:fe:8d:67:51:f8:30:c8:e3:f1:
                    16:58:40:0e:7d:78:0a:07:01:4e:ac:91:ef:fb:8d:
                    04:46:a9:6b:04:f5:5f:23:30:9d:97:bf:c8:11:13:
                    eb:96:87:60:43:b3:56:75:cc:5e:0c:53:42:79:89:
                    36:91:25:c9:5b:c5:e4:1c:b9:41:ad:2e:c5:5e:e5:
                    07:37:3f:55:d6:6a:65:88:01:95:50:79:c1:30:cd:
                    b6:7d:1a:b2:00:92:8d:17:ad:eb:ea:d6:da:ab:76:
                    9f:ed:f8:b7:b5:7b:3b:31:d7:ab:cd:32:f8:06:31:
                    ee:55:ac:ca:59:92:07:f3:8d:62:ac:2a:c1:c9:85:
                    7f:a2:93:05:56:65:0a:ee:af:34:71:63:35:ff:d3:
                    11:8c:4f:16:5e:6f:27:24:49:5b:15:54:5b:18:e2:
                    c0:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D2:93:61:DA:50:5D:B2:A6:40:A5:FA:E2:2F:17:68:A9:F2:8A:62
            X509v3 Authority Key Identifier:
                keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:e0:3a:ea:4c:9e:50:69:b8:f8:5e:f9:64:af:97:8a:7c:68:
         7a:4d:1e:9e:cc:bf:c1:39:13:8b:13:91:95:57:7b:5c:52:63:
         56:54:93:56:26:30:a3:e5:8f:d9:63:e3:b8:57:52:6b:2e:a6:
         e3:53:ed:dc:2e:d5:2c:fb:82:d1:39:e4:c8:ad:6c:68:ff:63:
         a3:37:03:da:db:e3:96:07:19:3c:2d:36:ba:91:f5:c3:97:87:
         4f:25:e1:59:e5:b0:13:7a:70:73:a5:45:83:27:b9:8d:ed:b9:
         1c:03:51:c1:8e:64:2a:59:20:ba:14:56:80:64:38:32:86:b2:
         bb:74:3a:f5:d6:67:d1:33:a9:76:38:ba:88:49:74:41:0b:ec:
         d1:ef:27:6f:67:d7:63:5d:4a:40:cc:51:c8:6e:4a:f6:3f:89:
         68:af:53:8d:a0:ea:90:3a:32:b6:4f:4f:50:9d:80:51:27:ee:
         40:b4:8d:f8:97:c4:2c:99:67:73:95:4e:e8:52:40:28:d6:dd:
         f2:7f:94:68:98:e2:e4:6c:18:3d:67:ee:b4:f8:ab:b5:10:85:
         2b:51:8d:3f:14:07:c6:90:c8:3e:8d:ef:ae:89:c1:fe:a5:18:
         60:3e:23:0a:1b:12:2d:8a:02:81:e8:51:e5:69:b8:fe:9e:97:
         d4:fa:02:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB5b2iirZepKcP/EQ5gqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjUwNjE0MjAwMDM0WhcNMjUwNjE1MjAwMDM0WjAzMTEwLwYDVQQD
EyhiNmQyOTM2MWRhNTA1ZGIyYTY0MGE1ZmFlMjJmMTc2OGE5ZjI4YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HL8PXjwou8KDqUtNqnZP0btZMvX
m3Z8DSTkdrZHsj0qNwhcirL8KbGCGoV+ah/dBvznf50yfhC5VU8BdnPdONn4EMXw
AHit6IEfVG5MwRm24sAs1fOnR/kRdAikVfz+jWdR+DDI4/EWWEAOfXgKBwFOrJHv
+40ERqlrBPVfIzCdl7/IERPrlodgQ7NWdcxeDFNCeYk2kSXJW8XkHLlBrS7FXuUH
Nz9V1mpliAGVUHnBMM22fRqyAJKNF63r6tbaq3af7fi3tXs7MderzTL4BjHuVazK
WZIH841irCrByYV/opMFVmUK7q80cWM1/9MRjE8WXm8nJElbFVRbGOLAgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbSk2HaUF2ypkCl+uIvF2ip8opiMB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzuA66kye
UGm4+F75ZK+Xinxoek0ensy/wTkTixORlVd7XFJjVlSTViYwo+WP2WPjuFdSay6m
41Pt3C7VLPuC0TnkyK1saP9jozcD2tvjlgcZPC02upH1w5eHTyXhWeWwE3pwc6VF
gye5je25HANRwY5kKlkguhRWgGQ4Moayu3Q69dZn0TOpdji6iEl0QQvs0e8nb2fX
Y11KQMxRyG5K9j+JaK9TjaDqkDoytk9PUJ2AUSfuQLSN+JfELJlnc5VO6FJAKNbd
8n+UaJji5GwYPWfutPirtRCFK1GNPxQHxpDIPo3vronB/qUYYD4jChsSLYoCgehR
5Wm4/p6X1PoCyw==
-----END CERTIFICATE-----