Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          LZJesWOVuMOt5ITX4OSNI5GtmZ6mMOV7qWGq8+afDUc=
Subject key identifier:   4F:AC:2F:FC:7B:8D:4F:52:F5:61:BD:3F:38:77:8F:D1:27:F8:26:11
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       019893A3EACEFCFF056A67FBDF208DB465A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0A60
Signing time:             Sun 10 Aug 2025 11:00:49 +0000
Manifest this update:     Sun 10 Aug 2025 11:00:49 +0000
Manifest next update:     Mon 11 Aug 2025 11:00:49 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: 9ZmOq+O8aPeXw/lyJhhXYtOXPTO0Q4tbeZHWDzFQXVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:a3:ea:ce:fc:ff:05:6a:67:fb:df:20:8d:b4:65:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Aug 10 11:00:49 2025 GMT
            Not After : Aug 11 11:00:49 2025 GMT
        Subject: CN=4fac2ffc7b8d4f52f561bd3f38778fd127f82611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a6:c0:93:f2:26:6d:7f:31:c8:2a:6c:05:d1:
                    29:cf:df:09:c5:a2:6d:d2:ee:8f:d4:f5:ef:c8:a8:
                    3f:40:30:60:5f:1e:ed:f3:ba:98:58:4b:78:7a:a9:
                    a9:c0:70:9b:f4:7d:d5:7b:5e:ba:b1:9f:b6:59:d2:
                    b5:aa:cd:46:7c:2d:2b:b3:0a:4a:0a:34:ad:45:d6:
                    97:10:4f:64:2e:ea:78:94:e7:9a:76:22:fe:7d:4a:
                    dd:ad:8c:74:20:d9:91:bb:2d:5c:5a:0c:d3:8e:60:
                    e6:6d:7d:2f:99:b0:85:1e:0e:82:9b:8f:8b:cf:fb:
                    6d:ce:ca:85:8d:ca:f9:71:03:16:3d:d7:85:b3:5a:
                    e2:74:4d:0a:5f:90:b5:28:78:69:4d:cb:d6:88:9e:
                    82:62:e8:b5:f1:d5:fd:35:6d:ff:1d:68:37:f8:0a:
                    c3:51:da:91:83:92:1b:f6:70:1f:2e:89:9c:24:70:
                    04:1c:53:4c:69:84:50:ee:5c:f4:36:69:9d:ac:d7:
                    2b:fb:12:82:6a:0b:07:c2:00:0e:c8:83:e3:65:ee:
                    d0:c6:45:51:ec:b3:4a:ea:d5:2d:35:89:0a:a3:28:
                    fc:b5:9d:54:95:fc:9d:3d:f3:d3:3a:19:ac:c9:83:
                    e2:5b:f1:60:c4:d5:3c:22:0f:13:02:89:43:60:53:
                    2e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:AC:2F:FC:7B:8D:4F:52:F5:61:BD:3F:38:77:8F:D1:27:F8:26:11
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:c7:c3:80:0d:ad:75:f5:0e:81:bc:06:2c:5b:4d:c5:ca:ef:
         2f:44:01:f8:75:f1:c0:15:7e:88:2a:36:6c:48:c8:3c:ea:63:
         07:47:82:81:4a:6a:1e:d3:d8:4a:82:2c:9c:3e:32:ef:88:2e:
         5a:f0:31:05:23:55:88:86:72:d4:2b:fe:f2:9c:fd:e7:a9:ac:
         5c:e4:7e:5a:a5:b3:f0:c7:c3:3a:52:21:bd:27:0c:64:df:e0:
         48:47:69:4f:f4:c9:33:cc:bd:d9:69:0a:8d:36:09:b5:ad:9f:
         30:22:6e:9e:86:8d:cd:64:62:a8:47:0b:78:d8:a8:d2:7a:58:
         76:0a:3b:ec:1a:bf:3a:fb:45:9e:26:5c:3d:8c:6f:2a:01:56:
         d0:2e:6c:82:11:87:1b:a0:aa:f2:e2:86:51:95:a9:ec:c7:0d:
         f4:d5:4f:b0:59:a1:1b:47:49:57:31:0d:c3:51:72:37:aa:5a:
         f8:06:42:3d:66:2d:6e:24:17:48:16:ea:0d:51:96:d9:0c:8a:
         af:30:93:fa:d5:36:8e:4a:1d:1a:55:22:0f:d9:ae:91:d0:b8:
         36:ff:4f:44:c0:1e:4a:fc:cb:5d:5d:2c:dd:87:69:20:2d:36:
         f4:d5:cf:92:4c:8d:38:0a:0e:4a:8c:ef:8f:27:7c:bd:98:c4:
         af:31:17:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTo+rO/P8Famf73yCNtGWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwODEwMTEwMDQ5WhcNMjUwODExMTEwMDQ5WjAzMTEwLwYDVQQD
Eyg0ZmFjMmZmYzdiOGQ0ZjUyZjU2MWJkM2YzODc3OGZkMTI3ZjgyNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvabAk/ImbX8xyCpsBdEpz98JxaJt
0u6P1PXvyKg/QDBgXx7t87qYWEt4eqmpwHCb9H3Ve166sZ+2WdK1qs1GfC0rswpK
CjStRdaXEE9kLup4lOeadiL+fUrdrYx0INmRuy1cWgzTjmDmbX0vmbCFHg6Cm4+L
z/ttzsqFjcr5cQMWPdeFs1ridE0KX5C1KHhpTcvWiJ6CYui18dX9NW3/HWg3+ArD
UdqRg5Ib9nAfLomcJHAEHFNMaYRQ7lz0NmmdrNcr+xKCagsHwgAOyIPjZe7QxkVR
7LNK6tUtNYkKoyj8tZ1UlfydPfPTOhmsyYPiW/FgxNU8Ig8TAolDYFMu9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+sL/x7jU9S9WG9Pzh3j9En+CYRMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAosfDgA2t
dfUOgbwGLFtNxcrvL0QB+HXxwBV+iCo2bEjIPOpjB0eCgUpqHtPYSoIsnD4y74gu
WvAxBSNViIZy1Cv+8pz956msXOR+WqWz8MfDOlIhvScMZN/gSEdpT/TJM8y92WkK
jTYJta2fMCJunoaNzWRiqEcLeNio0npYdgo77Bq/OvtFniZcPYxvKgFW0C5sghGH
G6Cq8uKGUZWp7McN9NVPsFmhG0dJVzENw1FyN6pa+AZCPWYtbiQXSBbqDVGW2QyK
rzCT+tU2jkodGlUiD9mukdC4Nv9PRMAeSvzLXV0s3YdpIC029NXPkkyNOAoOSozv
jyd8vZjErzEXxg==
-----END CERTIFICATE-----