Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          j+Tmgd1KokRXq+8EDx3DzOZMiYmTUqYJL71Ek+A/kiw=
Subject key identifier:   ED:3B:6D:28:42:AF:3B:7C:C2:A3:89:CB:37:8D:1C:16:88:43:93:B7
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       019771BF312978A213570F9C8EA11C3F8782
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          0931
Signing time:             Sun 15 Jun 2025 04:00:44 +0000
Manifest this update:     Sun 15 Jun 2025 04:00:44 +0000
Manifest next update:     Mon 16 Jun 2025 04:00:44 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: OYpNaW18wamHNoMrrKQusls00v8Qx2Y5usychX5Nz2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:bf:31:29:78:a2:13:57:0f:9c:8e:a1:1c:3f:87:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Jun 15 04:00:44 2025 GMT
            Not After : Jun 16 04:00:44 2025 GMT
        Subject: CN=ed3b6d2842af3b7cc2a389cb378d1c16884393b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:10:f5:a4:27:f6:08:58:1f:c8:01:df:29:bd:
                    4f:9b:ba:bc:76:67:28:87:2c:5a:a4:32:e4:5d:f4:
                    a4:63:19:b0:08:36:34:46:6e:78:45:4b:d1:db:63:
                    25:b5:92:4d:2f:65:6a:a6:cd:0e:90:d2:2c:c1:e9:
                    cf:6d:c4:ee:26:02:e8:15:36:a3:f8:ca:da:d8:6e:
                    ad:ce:b0:5a:4d:da:28:24:36:50:8a:23:f6:18:0f:
                    51:9b:d4:65:bc:45:4d:71:cb:82:b8:c2:ca:e0:80:
                    cd:48:e0:ff:2e:34:1e:b9:c5:ab:e7:8d:81:8e:24:
                    f6:92:6b:ab:c9:83:a3:2a:86:97:2f:2c:bb:ea:7d:
                    9f:39:d2:98:da:5e:bb:d2:44:b5:aa:d2:23:fb:cd:
                    48:2e:cd:ce:09:e3:d9:59:93:aa:e5:b4:a9:06:7f:
                    b7:9a:1b:34:91:f7:1b:6a:01:b2:47:32:0f:aa:3f:
                    bb:89:cb:9f:75:24:18:63:cc:fc:50:a8:00:bc:ec:
                    5a:19:2e:ce:ee:5e:66:55:77:56:d2:92:3c:e5:6d:
                    b9:98:75:1b:34:21:3e:fd:47:26:d4:ed:bc:ae:99:
                    77:ca:47:b5:7c:31:d3:ae:35:74:68:c3:3e:a6:44:
                    bc:c7:39:34:29:d1:82:84:97:e3:0a:2e:34:1a:06:
                    1d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:3B:6D:28:42:AF:3B:7C:C2:A3:89:CB:37:8D:1C:16:88:43:93:B7
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:f9:6a:10:40:47:cb:a1:07:47:ff:31:c5:a0:f4:cd:b9:43:
         24:71:9e:d3:0c:01:d3:89:52:c7:66:be:73:17:11:19:2c:13:
         fa:60:0c:d9:77:02:57:72:c5:eb:73:62:36:6c:bf:c1:0b:f1:
         31:ab:0f:6d:30:2e:18:74:98:97:e0:5c:4d:99:f1:f4:d8:bd:
         b5:dd:b5:aa:c7:a7:5a:bb:ba:81:26:13:d8:47:29:54:95:16:
         da:6d:bf:f3:16:4b:dd:5b:04:0f:45:9e:7e:22:75:2d:b1:e3:
         13:b4:32:58:2f:2a:1a:ff:17:bd:46:a7:b1:17:5e:d4:0f:34:
         6f:b0:ef:dd:d3:6b:d2:5f:b3:57:10:d5:38:a9:85:6f:f2:d3:
         f6:6f:34:b4:68:ff:c0:ae:dc:c9:6a:91:b1:ea:84:c1:75:04:
         64:8e:16:5a:31:e3:7b:a3:2f:5e:f5:c1:16:5e:16:de:39:28:
         2b:2f:09:5c:38:85:fe:f6:06:80:76:e1:cf:c4:b8:67:4d:97:
         af:eb:0f:c0:10:93:d5:f3:38:64:89:20:d9:c2:dd:2f:d8:02:
         f8:d6:a4:06:24:3f:fb:dd:a2:b2:f7:cc:2e:23:ba:e6:22:a7:
         33:87:98:f0:1f:af:68:6d:e0:37:d9:29:16:a8:e6:1b:2e:66:
         7c:ff:81:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxvzEpeKITVw+cjqEcP4eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwNjE1MDQwMDQ0WhcNMjUwNjE2MDQwMDQ0WjAzMTEwLwYDVQQD
EyhlZDNiNmQyODQyYWYzYjdjYzJhMzg5Y2IzNzhkMWMxNjg4NDM5M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBD1pCf2CFgfyAHfKb1Pm7q8dmco
hyxapDLkXfSkYxmwCDY0Rm54RUvR22MltZJNL2Vqps0OkNIswenPbcTuJgLoFTaj
+Mra2G6tzrBaTdooJDZQiiP2GA9Rm9RlvEVNccuCuMLK4IDNSOD/LjQeucWr542B
jiT2kmuryYOjKoaXLyy76n2fOdKY2l670kS1qtIj+81ILs3OCePZWZOq5bSpBn+3
mhs0kfcbagGyRzIPqj+7icufdSQYY8z8UKgAvOxaGS7O7l5mVXdW0pI85W25mHUb
NCE+/Ucm1O28rpl3yke1fDHTrjV0aMM+pkS8xzk0KdGChJfjCi40GgYdPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO07bShCrzt8wqOJyzeNHBaIQ5O3MB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdflqEEBH
y6EHR/8xxaD0zblDJHGe0wwB04lSx2a+cxcRGSwT+mAM2XcCV3LF63NiNmy/wQvx
MasPbTAuGHSYl+BcTZnx9Ni9td21qsenWru6gSYT2EcpVJUW2m2/8xZL3VsED0We
fiJ1LbHjE7QyWC8qGv8XvUansRde1A80b7Dv3dNr0l+zVxDVOKmFb/LT9m80tGj/
wK7cyWqRseqEwXUEZI4WWjHje6MvXvXBFl4W3jkoKy8JXDiF/vYGgHbhz8S4Z02X
r+sPwBCT1fM4ZIkg2cLdL9gC+NakBiQ/+92isvfMLiO65iKnM4eY8B+vaG3gN9kp
FqjmGy5mfP+B6g==
-----END CERTIFICATE-----