Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          64TKkLjhEC61zShD5oAwyTAMPUo5Gti2OLpg2A2SRFs=
Subject key identifier:   3C:D1:D5:D1:B1:42:96:AB:24:B1:AA:B8:8E:5F:2C:DE:7B:FC:8F:33
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       01976F2BA9048F9EEC85D88DEAF9A6210C96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          0EF0
Signing time:             Sat 14 Jun 2025 16:00:21 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:21 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:21 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: jdfxg7r6IO4bwGZ8AdJYAqxL6B5XGNCJNVGhTy9THBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:a9:04:8f:9e:ec:85:d8:8d:ea:f9:a6:21:0c:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: Jun 14 16:00:21 2025 GMT
            Not After : Jun 15 16:00:21 2025 GMT
        Subject: CN=3cd1d5d1b14296ab24b1aab88e5f2cde7bfc8f33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ba:ef:c8:6e:b3:d7:30:49:e6:b1:8d:ad:de:
                    3c:f2:3a:75:11:b4:8d:d8:ad:65:a3:8f:d0:64:76:
                    b5:15:12:f1:d9:f4:39:25:b3:a0:cf:53:d0:16:ad:
                    e8:11:28:db:fe:7e:62:cd:94:13:00:4b:9b:04:ad:
                    e0:da:32:a5:fc:ed:af:fe:74:20:76:87:82:02:43:
                    7a:34:5a:39:ea:94:05:e2:fb:33:f8:68:2c:e9:a0:
                    c7:9d:b0:c1:ab:16:46:a8:49:60:b2:7d:5b:58:15:
                    ea:2f:0e:af:25:90:23:58:a6:c1:88:71:8c:4f:a8:
                    cf:22:e7:fd:c3:05:34:22:8b:06:92:e2:0d:dd:61:
                    75:b2:7e:22:b9:25:40:d7:9d:f7:46:fe:fa:74:af:
                    24:a0:fd:c0:3d:e4:04:2f:d6:7f:c1:db:1f:6f:48:
                    a0:7f:02:90:83:4b:5c:53:4c:6e:33:89:63:53:5a:
                    ea:8c:1c:12:29:b3:4d:95:75:a9:26:84:b4:90:d0:
                    14:26:4f:25:b7:c7:b2:96:ec:69:03:28:94:2d:a4:
                    18:f9:d5:1f:7a:33:b6:e6:13:a2:64:ca:b3:6c:8a:
                    76:8d:0e:0d:17:3a:e6:4b:ec:a3:d0:2f:fd:fa:be:
                    e3:45:dd:bd:5f:f9:8a:ec:e3:b5:bf:36:ac:4e:6b:
                    b8:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D1:D5:D1:B1:42:96:AB:24:B1:AA:B8:8E:5F:2C:DE:7B:FC:8F:33
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:6e:df:47:1b:35:ea:99:cf:11:f2:e3:80:34:84:a7:9c:23:
         58:84:16:48:3d:3c:8d:36:fe:a1:c9:14:bc:80:b0:f2:fd:9c:
         2b:29:23:f7:8b:62:96:ea:e0:dd:66:4b:36:97:e2:9f:90:7c:
         44:ca:42:f1:8a:f1:03:28:90:24:28:9d:71:68:23:4c:f8:d2:
         d6:3e:63:da:4b:bd:5d:02:4a:b2:57:9d:2d:da:00:f2:ef:4d:
         f8:c4:04:e8:8e:8c:50:22:50:16:cd:25:e5:69:06:b5:fa:ae:
         36:8c:70:5b:0e:d2:4d:f0:af:bf:da:dc:1e:c2:9f:82:16:8b:
         ef:df:0e:6e:d0:9d:a7:7f:7f:6d:e3:11:25:f3:9b:17:fc:75:
         cd:fd:76:2a:e5:75:68:5e:65:30:8f:70:c8:29:8a:cc:38:6a:
         9b:1e:7b:1d:33:93:08:ea:7c:64:d5:9d:eb:84:c3:a5:1d:2d:
         d0:f7:88:bf:c0:20:5d:02:85:33:36:f7:4a:6d:a4:57:9e:aa:
         85:82:69:6a:6a:b8:4d:a9:48:d7:45:2b:48:c7:d6:6f:b2:94:
         90:bd:58:f7:1e:21:34:bf:ce:f0:f1:72:03:0e:53:7c:5d:6c:
         8c:0d:5d:e4:28:37:85:85:5c:ad:e6:6e:25:e7:75:b3:49:cd:
         d6:17:9d:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK6kEj57shdiN6vmmIQyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjUwNjE0MTYwMDIxWhcNMjUwNjE1MTYwMDIxWjAzMTEwLwYDVQQD
EygzY2QxZDVkMWIxNDI5NmFiMjRiMWFhYjg4ZTVmMmNkZTdiZmM4ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorrvyG6z1zBJ5rGNrd488jp1EbSN
2K1lo4/QZHa1FRLx2fQ5JbOgz1PQFq3oESjb/n5izZQTAEubBK3g2jKl/O2v/nQg
doeCAkN6NFo56pQF4vsz+Ggs6aDHnbDBqxZGqElgsn1bWBXqLw6vJZAjWKbBiHGM
T6jPIuf9wwU0IosGkuIN3WF1sn4iuSVA1533Rv76dK8koP3APeQEL9Z/wdsfb0ig
fwKQg0tcU0xuM4ljU1rqjBwSKbNNlXWpJoS0kNAUJk8lt8eyluxpAyiULaQY+dUf
ejO25hOiZMqzbIp2jQ4NFzrmS+yj0C/9+r7jRd29X/mK7OO1vzasTmu4gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzR1dGxQparJLGquI5fLN57/I8zMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMW7fRxs1
6pnPEfLjgDSEp5wjWIQWSD08jTb+ockUvICw8v2cKykj94tilurg3WZLNpfin5B8
RMpC8YrxAyiQJCidcWgjTPjS1j5j2ku9XQJKsledLdoA8u9N+MQE6I6MUCJQFs0l
5WkGtfquNoxwWw7STfCvv9rcHsKfghaL798ObtCdp39/beMRJfObF/x1zf12KuV1
aF5lMI9wyCmKzDhqmx57HTOTCOp8ZNWd64TDpR0t0PeIv8AgXQKFMzb3Sm2kV56q
hYJpamq4TalI10UrSMfWb7KUkL1Y9x4hNL/O8PFyAw5TfF1sjA1d5Cg3hYVcreZu
Jed1s0nN1hedog==
-----END CERTIFICATE-----