Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.mft
File:                     ZSgr9Sv7gPEQazwOzfoaVDMwUIY.mft (raw, json)
Hash identifier:          Ht+xr330DgybCyDsiqktC2ENdDfkPPWUdB8suJpfgyk=
Subject key identifier:   BF:B1:46:27:66:56:A6:54:B8:55:29:D8:D2:44:6D:A9:57:66:18:1E
Authority key identifier: 65:28:2B:F5:2B:FB:80:F1:10:6B:3C:0E:CD:FA:1A:54:33:30:50:86
Certificate issuer:       /CN=65282bf52bfb80f1106b3c0ecdfa1a5433305086
Certificate serial:       01967755CE939B88728DD7C948E7C5335DC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.mft
Manifest number:          11F0
Signing time:             Sun 27 Apr 2025 13:00:34 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:34 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:34 +0000
Files and hashes:         1: ZSgr9Sv7gPEQazwOzfoaVDMwUIY.crl (hash: IBhH12EvUx4gj0L2lkayLjmFksu05zoXg7tI9uubWIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:55:ce:93:9b:88:72:8d:d7:c9:48:e7:c5:33:5d:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65282bf52bfb80f1106b3c0ecdfa1a5433305086
        Validity
            Not Before: Apr 27 13:00:34 2025 GMT
            Not After : Apr 28 13:00:34 2025 GMT
        Subject: CN=bfb146276656a654b85529d8d2446da95766181e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:27:23:c3:ab:7a:a1:98:f6:6f:5a:7b:cd:53:
                    2e:83:93:b5:fc:95:64:d7:0b:6c:f5:39:90:18:92:
                    8d:58:70:a9:45:8b:a7:76:a9:85:22:0b:ce:81:0c:
                    25:73:42:a6:bc:36:e2:7d:1e:3a:78:d1:44:64:a4:
                    86:f4:9c:fc:ab:1f:51:f5:32:e5:db:02:58:99:5b:
                    ab:81:db:e5:37:84:13:75:7d:57:7d:2f:8e:9d:a6:
                    9e:67:5f:bc:1a:b1:ae:72:1a:7a:7f:dd:aa:8e:ca:
                    e0:3e:1c:ea:96:9c:e5:e0:4f:86:4d:c4:ff:fb:2b:
                    97:bb:87:06:d1:4e:a5:a2:3d:c5:e8:bf:15:00:90:
                    f9:c4:34:50:be:3b:d7:5f:35:90:4e:53:19:96:5d:
                    54:b2:8c:2a:c5:3d:f1:6c:77:bd:3d:53:fa:6c:89:
                    81:a2:fb:36:91:aa:ad:57:e8:19:46:b9:3b:ba:0c:
                    6f:ae:5d:4e:d2:75:6d:6b:a1:da:51:0d:a2:6a:ac:
                    4b:fa:05:0d:3d:d9:b5:7d:3a:65:b5:a3:04:67:d4:
                    09:80:1e:96:36:a2:10:d9:5f:d6:89:76:f7:74:70:
                    d2:73:f2:9d:5a:b6:f5:93:80:4d:ee:3d:ca:b0:25:
                    96:1e:33:ec:42:fd:c2:1a:51:0d:f3:46:7d:1d:f1:
                    c0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:B1:46:27:66:56:A6:54:B8:55:29:D8:D2:44:6D:A9:57:66:18:1E
            X509v3 Authority Key Identifier:
                keyid:65:28:2B:F5:2B:FB:80:F1:10:6B:3C:0E:CD:FA:1A:54:33:30:50:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:29:1d:9b:41:e5:d1:ef:c3:75:dc:c7:65:3e:2c:d0:24:f7:
         cb:f7:ed:a7:37:4d:2d:b7:55:37:b7:bb:50:1d:1e:9b:36:97:
         1d:0c:3e:d2:ba:c9:32:1a:79:ff:68:83:78:a3:1b:91:5c:31:
         41:42:e9:34:a4:1e:4f:8c:27:49:7e:97:9f:fc:4e:a5:73:9c:
         52:a0:e8:56:ef:54:f7:3c:53:70:be:df:30:20:12:14:cf:d8:
         cc:a7:24:ba:fd:f6:95:b9:36:7d:ec:55:9f:53:bc:de:0c:92:
         ee:89:00:0f:04:99:ff:bc:8e:84:2e:76:0c:6e:f0:c1:63:b6:
         8e:a3:ed:fd:10:17:aa:3f:ca:8b:92:7b:95:8f:d0:22:18:b5:
         24:02:3d:08:a1:a5:53:cb:f7:88:26:aa:0c:5e:0a:9d:8b:e0:
         31:94:4a:fc:1d:20:b0:00:f7:c8:bc:05:df:50:98:94:fd:c0:
         b5:0c:e7:35:e5:0e:fa:70:41:74:9c:b8:0f:b0:8f:b3:f9:4b:
         92:ab:be:c0:9c:25:3b:b7:42:ab:ac:c8:aa:de:70:0a:42:c7:
         8a:87:df:00:c3:99:ec:ce:97:66:95:16:4c:4c:50:81:05:ce:
         24:4a:08:85:74:a8:fd:a7:12:00:bc:a0:59:54:a4:06:5f:2c:
         c8:c2:6a:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3Vc6Tm4hyjdfJSOfFM13DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjgyYmY1MmJmYjgwZjExMDZiM2MwZWNkZmExYTU0MzMz
MDUwODYwHhcNMjUwNDI3MTMwMDM0WhcNMjUwNDI4MTMwMDM0WjAzMTEwLwYDVQQD
EyhiZmIxNDYyNzY2NTZhNjU0Yjg1NTI5ZDhkMjQ0NmRhOTU3NjYxODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCcjw6t6oZj2b1p7zVMug5O1/JVk
1wts9TmQGJKNWHCpRYundqmFIgvOgQwlc0KmvDbifR46eNFEZKSG9Jz8qx9R9TLl
2wJYmVurgdvlN4QTdX1XfS+OnaaeZ1+8GrGuchp6f92qjsrgPhzqlpzl4E+GTcT/
+yuXu4cG0U6loj3F6L8VAJD5xDRQvjvXXzWQTlMZll1UsowqxT3xbHe9PVP6bImB
ovs2kaqtV+gZRrk7ugxvrl1O0nVta6HaUQ2iaqxL+gUNPdm1fTpltaMEZ9QJgB6W
NqIQ2V/WiXb3dHDSc/KdWrb1k4BN7j3KsCWWHjPsQv3CGlEN80Z9HfHAIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+xRidmVqZUuFUp2NJEbalXZhgeMB8GA1UdIwQY
MBaAFGUoK/Ur+4DxEGs8Ds36GlQzMFCGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNncjlTdjdnUEVRYXp3T3pmb2FWRE13VUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kYzdlNjUtOWIzYi00MTM1LTlkYjkt
MGMxZTRmZGZhYzVhLzEvWlNncjlTdjdnUEVRYXp3T3pmb2FWRE13VUlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kYzdlNjUtOWIzYi00MTM1LTlkYjktMGMxZTRmZGZhYzVh
LzEvWlNncjlTdjdnUEVRYXp3T3pmb2FWRE13VUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApCkdm0Hl
0e/DddzHZT4s0CT3y/ftpzdNLbdVN7e7UB0emzaXHQw+0rrJMhp5/2iDeKMbkVwx
QULpNKQeT4wnSX6Xn/xOpXOcUqDoVu9U9zxTcL7fMCASFM/YzKckuv32lbk2fexV
n1O83gyS7okADwSZ/7yOhC52DG7wwWO2jqPt/RAXqj/Ki5J7lY/QIhi1JAI9CKGl
U8v3iCaqDF4KnYvgMZRK/B0gsAD3yLwF31CYlP3AtQznNeUO+nBBdJy4D7CPs/lL
kqu+wJwlO7dCq6zIqt5wCkLHioffAMOZ7M6XZpUWTExQgQXOJEoIhXSo/acSALyg
WVSkBl8syMJqEA==
-----END CERTIFICATE-----