Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          D4+nUbtIgnhKkDkEtVC3Lvr/Ail9Ct3t6anL7gmOshc=
Subject key identifier:   7B:C2:22:3B:B7:2E:AD:E8:B9:66:4C:32:D3:8C:03:1C:00:BE:E2:E2
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       01977308A014EEB38AF71B8293AF22C14E2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0DFA
Signing time:             Sun 15 Jun 2025 10:00:34 +0000
Manifest this update:     Sun 15 Jun 2025 10:00:34 +0000
Manifest next update:     Mon 16 Jun 2025 10:00:34 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: jGIeh45+HR4KLqzHQNapTgkwt8VE8saTC45mCZMNgUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:73:08:a0:14:ee:b3:8a:f7:1b:82:93:af:22:c1:4e:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Jun 15 10:00:34 2025 GMT
            Not After : Jun 16 10:00:34 2025 GMT
        Subject: CN=7bc2223bb72eade8b9664c32d38c031c00bee2e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f3:42:5b:a8:7a:b8:c4:45:23:3a:51:32:a0:
                    e6:b9:cd:45:a1:a4:c9:75:fb:35:b6:5a:09:19:1e:
                    28:c6:f8:2b:c4:b6:69:e9:77:3b:dd:28:2a:47:9c:
                    21:48:2e:33:6c:55:06:82:7a:74:2d:e9:c3:69:d1:
                    a9:e4:d6:dc:66:dc:ac:56:c3:94:e9:95:8f:cb:95:
                    aa:98:20:bf:80:24:ec:be:5f:cb:c9:7a:ac:07:22:
                    56:64:e6:ae:c6:df:45:3c:7f:85:41:33:12:82:05:
                    42:7f:e3:f9:05:38:06:f4:02:43:9d:ad:6c:06:e1:
                    1a:8d:ec:9a:02:4f:5e:f5:52:db:9b:9b:77:4b:b4:
                    0c:c1:08:a3:f9:eb:8d:87:eb:e1:82:d8:23:0a:de:
                    a2:1d:4c:cb:03:21:ee:e0:aa:59:17:0c:00:88:46:
                    0d:5e:a9:1d:c5:de:94:3f:49:80:49:5f:7f:80:f8:
                    14:5d:49:1a:79:87:d7:ba:6b:76:c2:d6:c9:cd:18:
                    84:bb:b7:2a:8c:a5:38:ff:77:b2:73:87:34:77:96:
                    01:2a:de:c8:11:02:69:df:e6:2b:59:cc:67:f6:ec:
                    fa:e2:34:cd:35:7c:e8:c2:f2:22:87:4e:d5:e5:9d:
                    1e:09:06:23:3e:25:bc:e0:e4:60:cc:28:a8:d8:cf:
                    05:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:C2:22:3B:B7:2E:AD:E8:B9:66:4C:32:D3:8C:03:1C:00:BE:E2:E2
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:7d:8f:2b:64:6f:dd:57:ff:de:4a:00:ce:f4:d0:d7:16:9c:
         4c:bc:39:61:ff:28:e6:da:5d:57:40:f8:83:e7:8f:30:98:61:
         81:67:65:a2:eb:c3:cb:d8:dc:ff:10:7d:d0:a9:ee:01:d4:82:
         cd:6b:24:6d:f8:3c:1b:a3:e0:ca:e8:c3:d4:e5:c4:fb:0a:f9:
         ff:f8:74:85:bf:f4:19:af:a6:42:e1:90:e5:55:8d:2c:a3:4d:
         e5:b2:86:c9:e5:89:76:ef:c1:be:bc:92:84:28:bd:7a:63:93:
         f1:fa:d8:51:42:32:ed:74:b3:5d:d1:dd:40:4e:63:01:de:53:
         67:9e:b1:ad:13:38:5b:ff:2d:ee:83:bf:e7:c7:92:8b:a2:36:
         9d:a1:c0:16:50:2f:70:bb:5a:13:6b:4d:a2:1b:43:4e:22:19:
         2d:cf:08:0f:39:d5:fb:6f:d3:56:99:17:6c:d0:50:d6:c4:6c:
         3a:a3:40:e8:f7:b5:57:0d:1f:08:8b:bb:a9:a4:f4:36:3c:f6:
         d4:d7:e7:b1:75:52:aa:cb:a0:31:20:c4:a5:63:4f:89:67:f5:
         f6:90:ed:5d:b2:82:47:32:e6:8c:04:08:0f:c0:09:24:63:fa:
         76:29:21:22:9e:05:20:50:0b:d7:be:2e:b4:c7:2e:80:7f:26:
         d4:60:18:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzCKAU7rOK9xuCk68iwU4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUwNjE1MTAwMDM0WhcNMjUwNjE2MTAwMDM0WjAzMTEwLwYDVQQD
Eyg3YmMyMjIzYmI3MmVhZGU4Yjk2NjRjMzJkMzhjMDMxYzAwYmVlMmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfNCW6h6uMRFIzpRMqDmuc1FoaTJ
dfs1tloJGR4oxvgrxLZp6Xc73SgqR5whSC4zbFUGgnp0LenDadGp5NbcZtysVsOU
6ZWPy5WqmCC/gCTsvl/LyXqsByJWZOauxt9FPH+FQTMSggVCf+P5BTgG9AJDna1s
BuEajeyaAk9e9VLbm5t3S7QMwQij+euNh+vhgtgjCt6iHUzLAyHu4KpZFwwAiEYN
Xqkdxd6UP0mASV9/gPgUXUkaeYfXumt2wtbJzRiEu7cqjKU4/3eyc4c0d5YBKt7I
EQJp3+YrWcxn9uz64jTNNXzowvIih07V5Z0eCQYjPiW84ORgzCio2M8FLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvCIju3Lq3ouWZMMtOMAxwAvuLiMB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALX2PK2Rv
3Vf/3koAzvTQ1xacTLw5Yf8o5tpdV0D4g+ePMJhhgWdlouvDy9jc/xB90KnuAdSC
zWskbfg8G6PgyujD1OXE+wr5//h0hb/0Ga+mQuGQ5VWNLKNN5bKGyeWJdu/BvryS
hCi9emOT8frYUUIy7XSzXdHdQE5jAd5TZ56xrRM4W/8t7oO/58eSi6I2naHAFlAv
cLtaE2tNohtDTiIZLc8IDznV+2/TVpkXbNBQ1sRsOqNA6Pe1Vw0fCIu7qaT0Njz2
1NfnsXVSqsugMSDEpWNPiWf19pDtXbKCRzLmjAQID8AJJGP6dikhIp4FIFAL174u
tMcugH8m1GAYZA==
-----END CERTIFICATE-----