Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          8C2Eb3QuEqs2/cRKZFA27z7A5lLYcLrBc625Xktn2ZM=
Subject key identifier:   55:D4:94:B5:CD:13:E7:A2:6D:CF:38:77:5D:72:8B:4E:E5:19:1E:ED
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       01968F27233589837DFF6E4C47A9ECF9BD8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          1337
Signing time:             Fri 02 May 2025 04:00:28 +0000
Manifest this update:     Fri 02 May 2025 04:00:28 +0000
Manifest next update:     Sat 03 May 2025 04:00:28 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: SyadEhgpJJdyNuIsKId4cUQ8A63DwwPahwdwvOTeqLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:27:23:35:89:83:7d:ff:6e:4c:47:a9:ec:f9:bd:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: May  2 04:00:28 2025 GMT
            Not After : May  3 04:00:28 2025 GMT
        Subject: CN=55d494b5cd13e7a26dcf38775d728b4ee5191eed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:23:88:0a:0f:3f:b7:a9:99:8c:b1:71:1e:bb:
                    ef:b7:79:fd:b6:20:8d:37:24:af:b8:2f:bf:fc:c3:
                    9d:4d:96:4e:41:50:80:3f:7e:dc:2c:35:37:3f:08:
                    a8:3a:ad:d7:56:89:1f:5d:06:b0:90:3f:ab:27:cf:
                    66:e0:4c:09:31:3d:b5:52:d8:d1:30:76:b0:47:83:
                    ea:24:7c:ae:51:8c:74:0f:df:a5:38:15:48:65:89:
                    e9:7d:92:55:19:3e:2b:c6:02:1e:dc:4c:3b:94:a5:
                    d6:f8:fc:1c:9e:cb:50:7b:35:19:a2:d1:71:e3:d9:
                    b8:bf:8d:81:df:9f:7e:b4:03:5a:f0:a6:86:eb:eb:
                    78:7e:f4:21:8f:8c:7c:c5:2e:3e:5b:29:42:7b:42:
                    00:b2:11:5a:bb:81:b3:e6:96:38:3f:0a:e5:33:46:
                    cf:5f:70:19:63:41:e5:1a:f1:28:b3:9f:2c:59:7c:
                    e3:05:43:71:14:14:a1:0d:db:de:b3:e8:14:c4:4c:
                    f9:42:b7:cc:14:8b:60:0d:d2:f5:2d:50:c8:8d:23:
                    21:42:f1:ff:28:c6:da:50:81:e2:c1:10:9c:0e:8d:
                    0e:19:89:f6:c6:b7:c1:2a:9c:61:3c:83:e9:53:90:
                    c3:df:77:6b:db:ba:ff:a1:b9:38:a5:57:6f:7e:3d:
                    f2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:D4:94:B5:CD:13:E7:A2:6D:CF:38:77:5D:72:8B:4E:E5:19:1E:ED
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:86:cb:88:07:64:a3:08:6b:58:df:eb:67:39:49:a5:2b:65:
         06:1a:ad:15:00:3f:07:5b:95:e2:25:d9:77:e8:c6:39:c6:46:
         7d:48:78:9b:74:80:4f:44:4a:c7:a6:c5:0f:f1:3e:89:52:46:
         b4:89:65:7d:cd:0b:c8:c5:71:0f:5c:2a:ee:33:d3:99:ed:a1:
         3a:e5:a7:d7:74:08:38:01:6a:3c:e6:00:f1:17:c5:cd:9d:96:
         9d:71:b6:a5:9a:89:9b:21:2d:1b:2a:8d:20:0c:85:b6:ed:91:
         f9:43:af:dc:c9:d2:0b:53:3b:5b:b8:dc:ca:49:c0:a2:df:8e:
         d2:6c:96:23:2e:9a:d0:2b:fb:ca:e1:68:47:cc:e9:02:de:c8:
         ef:b2:48:78:2a:fb:f1:9a:08:eb:4f:23:51:68:f3:0c:f4:5a:
         d3:9b:eb:21:1f:54:6d:61:0d:f2:c4:93:39:c5:58:a5:57:12:
         8e:03:f5:87:dc:f3:56:28:f6:16:ee:1b:ec:34:40:9f:f8:3b:
         0c:3a:71:f9:d1:71:f3:e1:03:cd:47:84:ad:07:3b:bc:f2:3d:
         81:70:c8:9f:83:28:e0:bd:71:ed:9e:2c:4d:bb:6b:2c:08:a6:
         83:44:22:95:13:c8:f7:e6:bf:00:a7:62:17:d9:ac:e0:74:d6:
         67:d0:28:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPJyM1iYN9/25MR6ns+b2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwNTAyMDQwMDI4WhcNMjUwNTAzMDQwMDI4WjAzMTEwLwYDVQQD
Eyg1NWQ0OTRiNWNkMTNlN2EyNmRjZjM4Nzc1ZDcyOGI0ZWU1MTkxZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiOICg8/t6mZjLFxHrvvt3n9tiCN
NySvuC+//MOdTZZOQVCAP37cLDU3PwioOq3XVokfXQawkD+rJ89m4EwJMT21UtjR
MHawR4PqJHyuUYx0D9+lOBVIZYnpfZJVGT4rxgIe3Ew7lKXW+PwcnstQezUZotFx
49m4v42B359+tANa8KaG6+t4fvQhj4x8xS4+WylCe0IAshFau4Gz5pY4PwrlM0bP
X3AZY0HlGvEos58sWXzjBUNxFBShDdves+gUxEz5QrfMFItgDdL1LVDIjSMhQvH/
KMbaUIHiwRCcDo0OGYn2xrfBKpxhPIPpU5DD33dr27r/obk4pVdvfj3y+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXUlLXNE+eibc84d11yi07lGR7tMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL4bLiAdk
owhrWN/rZzlJpStlBhqtFQA/B1uV4iXZd+jGOcZGfUh4m3SAT0RKx6bFD/E+iVJG
tIllfc0LyMVxD1wq7jPTme2hOuWn13QIOAFqPOYA8RfFzZ2WnXG2pZqJmyEtGyqN
IAyFtu2R+UOv3MnSC1M7W7jcyknAot+O0myWIy6a0Cv7yuFoR8zpAt7I77JIeCr7
8ZoI608jUWjzDPRa05vrIR9UbWEN8sSTOcVYpVcSjgP1h9zzVij2Fu4b7DRAn/g7
DDpx+dFx8+EDzUeErQc7vPI9gXDIn4Mo4L1x7Z4sTbtrLAimg0QilRPI9+a/AKdi
F9ms4HTWZ9AojQ==
-----END CERTIFICATE-----