Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
File:                     rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft (raw, json)
Hash identifier:          iMLNdTJIEmKY+YgAVVUXwsdzBX6/gB7vVp0yC4zB6uo=
Subject key identifier:   26:00:4D:F9:31:58:6B:CE:19:E7:24:5D:1D:16:B4:96:44:41:CD:35
Authority key identifier: AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
Certificate issuer:       /CN=af3465437669ce586261a066cc4ad1ea464eb663
Certificate serial:       01967FB46F607127E9EDB296B431A53254A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
Manifest number:          0DC3
Signing time:             Tue 29 Apr 2025 04:00:53 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:53 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:53 +0000
Files and hashes:         1: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl (hash: gNknNGS0zhs+/ywTvJhPdQoYEDbVZ8Wl0vB2jOtTdDQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:6f:60:71:27:e9:ed:b2:96:b4:31:a5:32:54:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af3465437669ce586261a066cc4ad1ea464eb663
        Validity
            Not Before: Apr 29 04:00:53 2025 GMT
            Not After : Apr 30 04:00:53 2025 GMT
        Subject: CN=26004df931586bce19e7245d1d16b4964441cd35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:61:91:05:67:99:5a:a9:39:2c:60:69:14:f9:
                    36:65:13:92:80:03:7b:68:b3:76:3e:17:54:58:5a:
                    b9:c8:6d:f7:57:1d:79:94:3d:f9:b3:45:47:cb:48:
                    2a:6f:e2:dd:48:6b:ee:25:07:81:04:f4:91:05:d8:
                    d7:81:2f:2d:d7:6c:18:a3:3f:fa:8e:63:82:24:91:
                    4e:c4:16:21:27:9e:2e:4d:f5:e6:a2:80:74:8c:4d:
                    e9:08:12:c3:5d:b0:8f:b1:28:dd:84:ea:6c:7f:88:
                    ca:3b:a7:65:c7:b9:bf:1d:dc:5e:5f:28:43:39:90:
                    67:ec:1d:10:4d:ca:8f:f0:84:aa:2b:24:08:f1:3f:
                    b7:46:40:5a:46:fb:dd:57:4f:7c:ea:04:e2:2e:45:
                    c0:f5:93:1f:bf:3f:0a:d5:5a:2f:d4:01:68:67:8a:
                    f2:09:fe:6e:c3:c3:ba:6d:8a:b4:a2:21:f4:c0:c7:
                    c3:7f:4b:02:dc:90:3f:dd:99:30:f3:b0:e3:46:16:
                    cd:7e:9d:f4:30:a5:63:5a:f3:3a:3d:3a:fa:9c:ac:
                    cf:39:4d:e3:58:e6:99:ee:9f:53:11:37:0e:e4:37:
                    96:a4:1f:26:6f:ce:24:9a:ad:e6:9f:45:dd:5b:4d:
                    00:73:cd:2d:5f:2c:40:85:88:53:01:51:e6:09:e3:
                    57:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:00:4D:F9:31:58:6B:CE:19:E7:24:5D:1D:16:B4:96:44:41:CD:35
            X509v3 Authority Key Identifier:
                keyid:AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:63:20:79:1f:8e:e8:59:11:5c:d5:a4:33:ab:b2:47:94:4d:
         6b:9e:74:f5:85:20:40:2e:4f:04:41:60:32:84:32:f1:7f:12:
         a5:e0:4e:96:c5:1a:ad:2e:28:40:a4:ad:d6:ae:80:c1:13:47:
         0d:d9:92:f2:6a:53:3e:4d:37:b3:3a:b8:26:47:99:af:7c:ff:
         cb:53:b9:7d:c9:bd:6a:72:b8:f5:8e:c5:f4:05:24:3f:2c:42:
         4d:0f:e9:f2:96:46:9e:ec:b9:96:32:66:79:c8:61:65:03:88:
         b4:51:95:53:85:5c:a4:5e:2c:20:f3:6c:79:ce:50:f6:7c:21:
         e7:56:29:1f:5b:c1:ee:b6:b4:ec:d1:86:99:b6:df:2d:13:31:
         9d:80:83:b9:2d:8a:c1:d6:fe:ff:e9:99:25:35:fa:1f:2f:c7:
         39:4b:a5:02:17:3d:d2:44:27:14:3a:3c:96:87:e3:3a:ec:38:
         0d:57:e6:20:ee:e0:e4:25:39:59:b7:4c:9e:6a:06:8d:7e:90:
         7d:e8:ab:fc:33:e6:75:17:1a:01:9e:d3:9e:a7:17:7a:a5:af:
         0e:a5:d9:19:ea:65:36:5d:e0:1a:bd:62:58:d8:af:1f:bd:16:
         a5:6c:3a:5c:86:c4:31:5b:79:a1:c9:f9:0c:69:58:54:08:9b:
         9f:01:ef:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tG9gcSfp7bKWtDGlMlSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzQ2NTQzNzY2OWNlNTg2MjYxYTA2NmNjNGFkMWVhNDY0
ZWI2NjMwHhcNMjUwNDI5MDQwMDUzWhcNMjUwNDMwMDQwMDUzWjAzMTEwLwYDVQQD
EygyNjAwNGRmOTMxNTg2YmNlMTllNzI0NWQxZDE2YjQ5NjQ0NDFjZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWGRBWeZWqk5LGBpFPk2ZROSgAN7
aLN2PhdUWFq5yG33Vx15lD35s0VHy0gqb+LdSGvuJQeBBPSRBdjXgS8t12wYoz/6
jmOCJJFOxBYhJ54uTfXmooB0jE3pCBLDXbCPsSjdhOpsf4jKO6dlx7m/HdxeXyhD
OZBn7B0QTcqP8ISqKyQI8T+3RkBaRvvdV0986gTiLkXA9ZMfvz8K1Vov1AFoZ4ry
Cf5uw8O6bYq0oiH0wMfDf0sC3JA/3Zkw87DjRhbNfp30MKVjWvM6PTr6nKzPOU3j
WOaZ7p9TETcO5DeWpB8mb84kmq3mn0XdW00Ac80tXyxAhYhTAVHmCeNXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYATfkxWGvOGeckXR0WtJZEQc01MB8GA1UdIwQY
MBaAFK80ZUN2ac5YYmGgZsxK0epGTrZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQt
NjBjZjY2MGFkNTMzLzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQtNjBjZjY2MGFkNTMz
LzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWMgeR+O
6FkRXNWkM6uyR5RNa5509YUgQC5PBEFgMoQy8X8SpeBOlsUarS4oQKSt1q6AwRNH
DdmS8mpTPk03szq4JkeZr3z/y1O5fcm9anK49Y7F9AUkPyxCTQ/p8pZGnuy5ljJm
echhZQOItFGVU4VcpF4sIPNsec5Q9nwh51YpH1vB7ra07NGGmbbfLRMxnYCDuS2K
wdb+/+mZJTX6Hy/HOUulAhc90kQnFDo8lofjOuw4DVfmIO7g5CU5WbdMnmoGjX6Q
feir/DPmdRcaAZ7TnqcXeqWvDqXZGeplNl3gGr1iWNivH70WpWw6XIbEMVt5ocn5
DGlYVAibnwHvdw==
-----END CERTIFICATE-----