Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          QBMmZK8P/4ciB/fUmTYE4DPtFF3uHDRU0Tqb0Cqq0g8=
Subject key identifier:   29:BF:C9:D5:60:49:02:53:F4:34:AA:39:FC:5A:48:6C:E6:20:1B:70
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       0196760C2DC66BCA0A4BE509B83CE6409B19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0D77
Signing time:             Sun 27 Apr 2025 07:00:31 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:31 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:31 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: 5iwGt99un1xfYiUkJmtwhr1TZ8cBvFZL1wi6Fc/UzwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:2d:c6:6b:ca:0a:4b:e5:09:b8:3c:e6:40:9b:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Apr 27 07:00:31 2025 GMT
            Not After : Apr 28 07:00:31 2025 GMT
        Subject: CN=29bfc9d560490253f434aa39fc5a486ce6201b70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fa:eb:b4:6b:4f:ab:eb:a5:18:53:90:c9:4e:
                    79:59:83:e0:dc:02:79:7b:80:3f:1e:b0:47:34:4f:
                    c2:a0:3b:93:e2:ce:1a:45:48:36:9b:9b:5f:fd:73:
                    ef:04:1c:83:8e:f9:6c:b4:b6:df:af:15:31:50:f1:
                    60:bd:0f:5b:98:8d:40:82:b1:bb:50:a3:e9:a9:fa:
                    b3:7a:95:02:50:fd:8f:0c:6a:8b:ac:31:80:ff:ab:
                    77:c7:4c:22:4c:b9:09:1a:89:80:31:3c:ff:54:41:
                    1c:19:8f:b3:11:cb:fb:68:89:58:f3:c6:1b:be:1f:
                    2f:f8:da:92:3e:22:84:86:c8:48:3b:49:63:41:36:
                    64:af:65:e3:68:a4:f6:7d:bb:de:ff:4f:0d:c3:d7:
                    35:3c:99:71:fa:52:8f:2c:c5:11:12:e2:f6:c2:a6:
                    e8:ba:60:c0:79:0e:aa:c4:47:b9:e6:0e:d9:9d:9f:
                    11:58:d5:76:89:35:4a:98:d0:88:57:44:f5:cc:fa:
                    b4:f9:60:32:f3:93:d9:5c:95:5b:d3:c4:75:69:7a:
                    b6:30:dc:32:52:bb:02:4f:b7:f6:33:b8:a5:2e:57:
                    01:ed:45:95:59:fe:65:ce:f0:db:d9:63:fe:e6:3a:
                    3d:a5:7f:d5:2c:2b:3c:44:0d:05:f4:94:2c:61:cd:
                    02:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:BF:C9:D5:60:49:02:53:F4:34:AA:39:FC:5A:48:6C:E6:20:1B:70
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:4c:51:42:3f:1a:16:88:a0:e9:d1:da:ed:12:fe:34:0f:7a:
         3a:53:72:99:2a:4c:ca:45:60:57:1c:50:3b:2e:32:c9:fd:a3:
         a4:4f:0e:e8:7f:9d:64:a5:90:f1:90:03:5d:0a:f6:99:c8:36:
         80:6c:26:2f:2e:6e:47:26:62:4b:91:15:55:17:b4:eb:22:b7:
         32:ee:dc:d7:84:82:49:e5:af:05:eb:b5:09:fd:8f:89:e6:21:
         39:88:a0:79:5c:3b:4c:1d:d7:45:df:44:5d:6c:13:47:57:36:
         44:9a:d0:80:57:5f:49:0a:93:f0:b2:66:ec:ed:39:16:51:d2:
         ad:94:01:a3:0a:13:c7:ce:69:93:8d:b1:2e:95:5e:09:8d:eb:
         4c:49:5f:2f:c1:7b:d2:6d:7e:8f:e6:c0:ca:55:5a:88:92:70:
         f4:49:17:01:85:26:73:14:69:21:c4:84:8c:3b:24:83:88:1d:
         38:db:4d:70:d5:87:53:c8:ed:db:2f:16:f0:ee:4f:cd:d4:e7:
         2c:3e:23:cd:fc:87:ed:65:a9:9f:ed:74:d8:62:38:47:35:71:
         3f:a1:72:9c:6b:d6:67:cb:ea:d6:07:cf:f4:76:68:1e:ac:85:
         57:b6:2a:bb:e1:4c:29:ba:4d:ad:4f:85:86:cb:99:bc:fd:29:
         ca:35:27:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DC3Ga8oKS+UJuDzmQJsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUwNDI3MDcwMDMxWhcNMjUwNDI4MDcwMDMxWjAzMTEwLwYDVQQD
EygyOWJmYzlkNTYwNDkwMjUzZjQzNGFhMzlmYzVhNDg2Y2U2MjAxYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvrrtGtPq+ulGFOQyU55WYPg3AJ5
e4A/HrBHNE/CoDuT4s4aRUg2m5tf/XPvBByDjvlstLbfrxUxUPFgvQ9bmI1AgrG7
UKPpqfqzepUCUP2PDGqLrDGA/6t3x0wiTLkJGomAMTz/VEEcGY+zEcv7aIlY88Yb
vh8v+NqSPiKEhshIO0ljQTZkr2XjaKT2fbve/08Nw9c1PJlx+lKPLMUREuL2wqbo
umDAeQ6qxEe55g7ZnZ8RWNV2iTVKmNCIV0T1zPq0+WAy85PZXJVb08R1aXq2MNwy
UrsCT7f2M7ilLlcB7UWVWf5lzvDb2WP+5jo9pX/VLCs8RA0F9JQsYc0C+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm/ydVgSQJT9DSqOfxaSGzmIBtwMB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANExRQj8a
Foig6dHa7RL+NA96OlNymSpMykVgVxxQOy4yyf2jpE8O6H+dZKWQ8ZADXQr2mcg2
gGwmLy5uRyZiS5EVVRe06yK3Mu7c14SCSeWvBeu1Cf2PieYhOYigeVw7TB3XRd9E
XWwTR1c2RJrQgFdfSQqT8LJm7O05FlHSrZQBowoTx85pk42xLpVeCY3rTElfL8F7
0m1+j+bAylVaiJJw9EkXAYUmcxRpIcSEjDskg4gdONtNcNWHU8jt2y8W8O5PzdTn
LD4jzfyH7WWpn+102GI4RzVxP6FynGvWZ8vq1gfP9HZoHqyFV7Yqu+FMKbpNrU+F
hsuZvP0pyjUnog==
-----END CERTIFICATE-----