Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          OuaSij4+Pjmqto0z/aOIrIKlfOVTHebwLqyIAe2GRFo=
Subject key identifier:   76:84:85:39:D6:D3:A7:A2:9B:B8:43:72:F5:61:13:EE:84:45:BC:C0
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       0197B7459A7DE42D706610B420CD79383681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          1422
Signing time:             Sat 28 Jun 2025 16:01:21 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:21 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:21 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: yJ4JCR28JUfBaunneTSQzc/1VycfyUEVjzNlxoBzjW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:9a:7d:e4:2d:70:66:10:b4:20:cd:79:38:36:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Jun 28 16:01:21 2025 GMT
            Not After : Jun 29 16:01:21 2025 GMT
        Subject: CN=76848539d6d3a7a29bb84372f56113ee8445bcc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:da:de:a0:a9:fc:12:33:25:da:1a:57:ca:83:
                    0d:2f:40:df:fa:6c:4a:67:40:6d:2a:15:7c:88:50:
                    ed:1d:c9:d5:8c:1e:80:4e:98:ac:e6:fc:4b:92:ab:
                    7e:85:4f:9d:20:bd:5c:5b:09:ef:b4:17:76:a1:d0:
                    cb:83:e4:96:1f:e3:31:be:db:c4:29:9b:28:24:72:
                    bf:99:d2:4d:02:f2:ba:a1:db:43:30:59:4d:4d:d7:
                    c3:85:d5:3f:49:c4:ed:27:e4:97:43:0b:da:c1:18:
                    87:38:98:ff:e4:5c:e1:48:4f:af:1b:f0:c6:53:1b:
                    f9:d8:47:9f:bb:a0:a0:f0:25:06:3e:62:f8:be:bf:
                    f6:b2:26:4c:67:c8:b6:01:3b:c9:a1:ff:72:26:7b:
                    f2:49:b5:d5:e3:ce:a7:47:61:b8:35:30:75:81:a7:
                    62:8a:00:c8:81:48:06:19:3b:35:af:44:78:78:eb:
                    91:49:ff:6e:e4:a0:be:37:a6:7c:0e:c0:1a:8e:84:
                    7e:e5:0c:fa:a7:ad:a8:3f:12:00:28:47:32:f6:df:
                    ca:8a:a1:3b:8f:de:3f:1e:aa:01:07:03:41:71:39:
                    35:da:bc:48:04:6b:36:de:5c:d4:7f:3d:4d:ee:72:
                    2a:4f:cd:8a:5a:39:1b:bc:60:c3:8d:35:e9:bd:d4:
                    54:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:84:85:39:D6:D3:A7:A2:9B:B8:43:72:F5:61:13:EE:84:45:BC:C0
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:c1:f9:a5:04:43:e5:05:f5:86:7e:0d:3d:5b:8d:9e:10:bc:
         d3:34:cb:d7:c3:ad:7e:31:98:ff:90:07:b4:d4:1d:b4:78:48:
         70:fc:9b:97:02:d6:8c:3a:0a:fd:7b:fb:57:c2:9a:90:7c:c7:
         40:a5:45:1b:c6:f1:ef:be:6f:f0:a3:a7:57:7e:2e:dc:dc:b9:
         d5:0b:32:b8:6c:87:bf:70:a2:cc:f8:15:0c:4b:a3:50:6e:76:
         d7:1d:4d:b1:9c:5f:71:42:07:51:0b:06:37:e1:82:2f:95:2b:
         44:94:bd:85:9c:b8:84:98:c6:2e:3c:cf:46:f0:8f:2d:76:0e:
         23:f8:48:81:b7:9c:b5:38:61:bc:5b:62:b4:3f:fb:7e:f8:2d:
         6e:aa:f2:38:49:cb:6d:ac:80:2e:76:4f:3c:a2:0a:d2:09:d3:
         25:87:13:b4:21:2b:9f:53:3b:39:c1:0d:a4:4e:f5:08:f3:3b:
         8f:b7:88:22:b9:4d:41:77:fe:a6:d9:5c:4b:e7:8a:a3:8e:d0:
         96:ac:42:fb:50:fa:87:fd:6a:35:e8:3b:ec:5f:6d:20:a6:cd:
         b7:72:ca:97:43:4c:f6:09:2f:5d:74:d8:0b:66:b5:01:ba:ee:
         ac:04:22:47:cc:74:40:7f:b0:3c:97:d1:c2:66:b8:ad:3f:a9:
         33:13:28:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RZp95C1wZhC0IM15ODaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwNjI4MTYwMTIxWhcNMjUwNjI5MTYwMTIxWjAzMTEwLwYDVQQD
Eyg3Njg0ODUzOWQ2ZDNhN2EyOWJiODQzNzJmNTYxMTNlZTg0NDViY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydreoKn8EjMl2hpXyoMNL0Df+mxK
Z0BtKhV8iFDtHcnVjB6ATpis5vxLkqt+hU+dIL1cWwnvtBd2odDLg+SWH+MxvtvE
KZsoJHK/mdJNAvK6odtDMFlNTdfDhdU/ScTtJ+SXQwvawRiHOJj/5FzhSE+vG/DG
Uxv52Eefu6Cg8CUGPmL4vr/2siZMZ8i2ATvJof9yJnvySbXV486nR2G4NTB1gadi
igDIgUgGGTs1r0R4eOuRSf9u5KC+N6Z8DsAajoR+5Qz6p62oPxIAKEcy9t/KiqE7
j94/HqoBBwNBcTk12rxIBGs23lzUfz1N7nIqT82KWjkbvGDDjTXpvdRUOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaEhTnW06eim7hDcvVhE+6ERbzAMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8H5pQRD
5QX1hn4NPVuNnhC80zTL18OtfjGY/5AHtNQdtHhIcPyblwLWjDoK/Xv7V8KakHzH
QKVFG8bx775v8KOnV34u3Ny51QsyuGyHv3CizPgVDEujUG521x1NsZxfcUIHUQsG
N+GCL5UrRJS9hZy4hJjGLjzPRvCPLXYOI/hIgbectThhvFtitD/7fvgtbqryOEnL
bayALnZPPKIK0gnTJYcTtCErn1M7OcENpE71CPM7j7eIIrlNQXf+ptlcS+eKo47Q
lqxC+1D6h/1qNeg77F9tIKbNt3LKl0NM9gkvXXTYC2a1AbrurAQiR8x0QH+wPJfR
wma4rT+pMxMopw==
-----END CERTIFICATE-----