Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
File:                     ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json)
Hash identifier:          nYNJTG5f3b5or9e7b6beQzvC7E0skdBdbl25jKmCVwg=
Subject key identifier:   C9:25:2E:81:EE:3D:0E:AE:2C:96:D3:00:3C:25:8C:61:A1:CE:7E:91
Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
Certificate issuer:       /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Certificate serial:       0197B745B7C670ED7122769F9BD890DEFB40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
Manifest number:          68
Signing time:             Sat 28 Jun 2025 16:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:28 +0000
Files and hashes:         1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: WJEKRcTiGFjbdFKfUiF5oM1h/YcXPF2iScLgEfiPGMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:b7:c6:70:ed:71:22:76:9f:9b:d8:90:de:fb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
        Validity
            Not Before: Jun 28 16:01:28 2025 GMT
            Not After : Jun 29 16:01:28 2025 GMT
        Subject: CN=c9252e81ee3d0eae2c96d3003c258c61a1ce7e91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4f:c7:79:6f:9e:56:43:06:5f:44:e4:d7:bf:
                    55:7f:f7:94:01:f0:79:63:76:5e:c6:64:ca:b6:30:
                    3f:fe:38:12:4d:0c:3e:67:f3:4a:4d:33:78:58:53:
                    f9:4b:ba:4e:58:d6:b8:27:e8:ff:cd:17:6a:74:90:
                    43:85:aa:1f:0b:bb:45:8b:8b:e7:ac:20:bd:1f:56:
                    f2:18:97:d6:58:05:42:8d:96:99:2f:a8:10:e3:65:
                    8b:f1:4f:16:b5:3e:c4:95:37:8c:b5:74:12:01:ff:
                    5a:72:bc:79:58:04:ed:3b:6c:d9:46:89:ed:a1:96:
                    b5:49:c6:a2:2b:4f:83:4a:31:d0:2b:e3:9e:0e:46:
                    3c:03:39:f9:62:23:fb:26:29:a7:61:44:3d:9b:f3:
                    72:9f:ca:23:b7:1d:64:a2:9c:cd:95:50:d7:85:76:
                    bc:01:3a:db:75:bb:bc:8c:dd:53:dc:18:b6:dd:8a:
                    16:42:53:b5:56:90:f8:a2:14:f3:0c:dd:f8:87:29:
                    ac:59:e1:38:4e:cc:3b:8d:50:08:74:96:5d:79:4f:
                    8f:f0:b0:c6:7f:67:df:73:fd:30:99:1b:4f:82:09:
                    ba:d7:3e:49:8f:ff:76:79:f3:31:29:e2:9d:80:0d:
                    ca:b7:b8:47:6f:c4:d8:5b:24:57:f9:7c:9b:06:b7:
                    6d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:25:2E:81:EE:3D:0E:AE:2C:96:D3:00:3C:25:8C:61:A1:CE:7E:91
            X509v3 Authority Key Identifier:
                keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:1a:50:48:9a:12:7c:22:de:81:13:5c:87:38:33:6c:22:b8:
         1d:17:7a:8b:34:98:19:a6:54:17:8e:d9:d7:55:7c:11:f1:68:
         11:fa:25:76:e7:0f:07:7c:2d:5a:ac:b5:4b:b2:c7:4b:50:27:
         0a:37:4f:86:0c:20:5a:26:6b:29:7d:3c:45:8e:ac:e6:bf:38:
         19:d8:da:a9:9f:53:fc:d3:0b:e1:ab:b1:05:34:cc:f7:94:11:
         1e:55:25:ce:be:ab:4b:7c:9a:eb:1e:fc:1c:af:ee:13:6c:61:
         9f:d1:df:63:65:38:e9:26:95:59:d8:92:d5:af:0d:b7:51:ad:
         a9:a2:ba:3e:4f:b6:16:3e:43:c9:ec:88:4b:ec:a2:14:9f:1f:
         2a:2a:8d:db:1e:a9:f6:9b:f2:92:92:eb:b4:eb:ba:fe:33:32:
         ee:ba:82:e5:46:77:8e:6d:c7:91:20:95:33:24:a4:e9:dc:8b:
         75:26:d9:69:dc:1c:75:bd:21:09:45:0e:84:bb:0a:ce:d4:e9:
         8c:2f:5b:47:50:46:e7:ab:1a:f8:bb:d0:e6:12:6f:7a:f9:20:
         56:68:1e:a2:26:97:15:c9:e9:eb:49:70:54:40:df:0f:45:29:
         a6:1d:76:0d:25:e5:cc:41:1c:23:95:09:a1:71:db:84:4e:46:
         a9:66:9d:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RbfGcO1xInafm9iQ3vtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh
YzM0NTcwHhcNMjUwNjI4MTYwMTI4WhcNMjUwNjI5MTYwMTI4WjAzMTEwLwYDVQQD
EyhjOTI1MmU4MWVlM2QwZWFlMmM5NmQzMDAzYzI1OGM2MWExY2U3ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk/HeW+eVkMGX0Tk179Vf/eUAfB5
Y3ZexmTKtjA//jgSTQw+Z/NKTTN4WFP5S7pOWNa4J+j/zRdqdJBDhaofC7tFi4vn
rCC9H1byGJfWWAVCjZaZL6gQ42WL8U8WtT7ElTeMtXQSAf9acrx5WATtO2zZRont
oZa1ScaiK0+DSjHQK+OeDkY8Azn5YiP7JimnYUQ9m/Nyn8ojtx1kopzNlVDXhXa8
ATrbdbu8jN1T3Bi23YoWQlO1VpD4ohTzDN34hymsWeE4Tsw7jVAIdJZdeU+P8LDG
f2ffc/0wmRtPggm61z5Jj/92efMxKeKdgA3Kt7hHb8TYWyRX+XybBrdtwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMklLoHuPQ6uLJbTADwljGGhzn6RMB8GA1UdIwQY
MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt
MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh
LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRpQSJoS
fCLegRNchzgzbCK4HRd6izSYGaZUF47Z11V8EfFoEfolducPB3wtWqy1S7LHS1An
CjdPhgwgWiZrKX08RY6s5r84GdjaqZ9T/NML4auxBTTM95QRHlUlzr6rS3ya6x78
HK/uE2xhn9HfY2U46SaVWdiS1a8Nt1GtqaK6Pk+2Fj5DyeyIS+yiFJ8fKiqN2x6p
9pvykpLrtOu6/jMy7rqC5UZ3jm3HkSCVMySk6dyLdSbZadwcdb0hCUUOhLsKztTp
jC9bR1BG56sa+LvQ5hJvevkgVmgeoiaXFcnp60lwVEDfD0Upph12DSXlzEEcI5UJ
oXHbhE5GqWadjw==
-----END CERTIFICATE-----