Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
File:                     ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft (raw, json)
Hash identifier:          e8TNcEfYDA8/k11RXjQzXSIjFMMnhgw4nGvaJOmMP+A=
Subject key identifier:   62:7A:E9:2A:9B:9E:29:9B:58:A8:7D:27:00:93:D9:1F:D0:C0:6C:7A
Authority key identifier: 65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B
Certificate issuer:       /CN=654364d0c6c93df28027488afcbfcf329726392b
Certificate serial:       019873E2538469618DB85134B28CA262988A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
Manifest number:          09AA
Signing time:             Mon 04 Aug 2025 07:01:08 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:08 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:08 +0000
Files and hashes:         1: ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl (hash: EseSyBgq8y63GdOCZP1LpzMBFbR2sRqhW1brrnq119s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:53:84:69:61:8d:b8:51:34:b2:8c:a2:62:98:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654364d0c6c93df28027488afcbfcf329726392b
        Validity
            Not Before: Aug  4 07:01:08 2025 GMT
            Not After : Aug  5 07:01:08 2025 GMT
        Subject: CN=627ae92a9b9e299b58a87d270093d91fd0c06c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:17:bd:ea:60:cd:d1:40:3e:22:08:c0:f3:51:
                    ae:20:bc:e0:60:7e:71:06:80:96:da:0d:44:2e:9c:
                    91:f4:1b:19:78:97:30:c4:e7:cd:cb:68:3a:4c:b4:
                    bd:43:28:07:60:d5:34:e7:12:8c:70:58:95:e0:c1:
                    31:53:03:0e:82:33:fc:c0:1c:ca:06:31:7f:87:93:
                    04:14:39:5c:0a:67:1d:58:1b:5d:e0:36:4b:1f:aa:
                    d7:81:9b:8e:08:48:ed:7f:45:f9:2d:58:2e:fc:86:
                    04:e2:47:81:8a:20:3e:dd:5c:3d:3b:f3:bd:a3:e4:
                    76:4e:23:b5:5e:dc:5c:a5:2d:05:94:66:0d:14:5c:
                    a1:e2:31:25:60:6c:50:7f:36:19:ce:4c:b5:ea:a1:
                    0c:44:3a:b5:75:16:be:f7:d5:88:4e:92:09:ed:a7:
                    30:37:39:ab:9d:69:16:20:b5:cb:b8:65:0a:0b:2e:
                    b4:56:c2:fa:5f:98:74:fa:11:7d:59:25:c0:56:a0:
                    e5:ac:d2:fd:96:3c:81:80:c4:49:41:b4:17:c1:6e:
                    47:21:31:50:b8:af:d9:ad:5e:3d:cc:f9:78:bc:65:
                    04:c9:ef:ce:b1:b6:bc:58:32:db:4f:ef:d8:75:1e:
                    17:d1:95:f0:3e:d4:e5:6a:5e:b6:9d:30:30:93:c3:
                    b6:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:7A:E9:2A:9B:9E:29:9B:58:A8:7D:27:00:93:D9:1F:D0:C0:6C:7A
            X509v3 Authority Key Identifier:
                keyid:65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:38:a5:53:69:1c:f4:6b:ca:63:2b:71:db:f8:e7:74:fc:2a:
         72:e1:0d:00:97:ff:fb:36:6f:c3:88:5a:27:73:94:ca:2f:8d:
         b3:71:77:0d:58:a7:72:18:ed:b8:5b:42:e7:1d:fa:18:21:1b:
         a0:90:fd:37:b3:3c:34:77:34:e8:02:f8:ae:a3:54:ed:b1:f3:
         6d:08:a9:26:68:2b:3d:75:c9:dd:a9:7b:6f:81:8a:0d:17:8e:
         83:53:b7:c3:03:b3:c6:58:49:40:83:0c:34:ee:f5:c2:7d:b5:
         df:8b:58:45:af:59:0c:60:25:84:1b:12:06:01:17:22:fb:7d:
         8d:8b:e4:d0:a8:6c:0b:ba:8e:25:aa:f1:9c:45:32:24:ef:49:
         ae:aa:c0:af:3a:07:e0:8a:07:0f:a5:f8:e5:c5:fb:4e:cc:b1:
         ec:47:7a:9e:29:c0:c3:e7:a4:9c:29:1b:b0:86:a4:14:80:3d:
         fc:a4:84:6e:f2:7a:44:0d:b6:28:3b:b9:6b:5b:6b:39:cb:d8:
         49:70:27:f6:ac:a7:2a:d0:32:42:d8:8e:44:10:80:fb:ba:c1:
         04:39:d4:c5:6c:c1:9e:35:9b:3b:ce:ff:f5:4c:ad:c6:9a:12:
         21:d2:cb:d9:e7:79:42:f3:23:9e:01:63:cb:6c:a8:c1:04:7c:
         b4:13:8e:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4lOEaWGNuFE0soyiYpiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDM2NGQwYzZjOTNkZjI4MDI3NDg4YWZjYmZjZjMyOTcy
NjM5MmIwHhcNMjUwODA0MDcwMTA4WhcNMjUwODA1MDcwMTA4WjAzMTEwLwYDVQQD
Eyg2MjdhZTkyYTliOWUyOTliNThhODdkMjcwMDkzZDkxZmQwYzA2YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Be96mDN0UA+IgjA81GuILzgYH5x
BoCW2g1ELpyR9BsZeJcwxOfNy2g6TLS9QygHYNU05xKMcFiV4MExUwMOgjP8wBzK
BjF/h5MEFDlcCmcdWBtd4DZLH6rXgZuOCEjtf0X5LVgu/IYE4keBiiA+3Vw9O/O9
o+R2TiO1XtxcpS0FlGYNFFyh4jElYGxQfzYZzky16qEMRDq1dRa+99WITpIJ7acw
NzmrnWkWILXLuGUKCy60VsL6X5h0+hF9WSXAVqDlrNL9ljyBgMRJQbQXwW5HITFQ
uK/ZrV49zPl4vGUEye/Osba8WDLbT+/YdR4X0ZXwPtTlal62nTAwk8O2lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJ66SqbnimbWKh9JwCT2R/QwGx6MB8GA1UdIwQY
MBaAFGVDZNDGyT3ygCdIivy/zzKXJjkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTct
YjZlOGVhOTEyNDgwLzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTctYjZlOGVhOTEyNDgw
LzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDilU2kc
9GvKYytx2/jndPwqcuENAJf/+zZvw4haJ3OUyi+Ns3F3DVinchjtuFtC5x36GCEb
oJD9N7M8NHc06AL4rqNU7bHzbQipJmgrPXXJ3al7b4GKDReOg1O3wwOzxlhJQIMM
NO71wn2134tYRa9ZDGAlhBsSBgEXIvt9jYvk0KhsC7qOJarxnEUyJO9JrqrArzoH
4IoHD6X45cX7Tsyx7Ed6ninAw+eknCkbsIakFIA9/KSEbvJ6RA22KDu5a1trOcvY
SXAn9qynKtAyQtiORBCA+7rBBDnUxWzBnjWbO87/9UytxpoSIdLL2ed5QvMjngFj
y2yowQR8tBOOxw==
-----END CERTIFICATE-----