Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          AoU9c8pJRyq0U9uG/FnmsqqURt08nFb3uN1aXmsMC48=
Subject key identifier:   F0:88:73:E8:49:6C:3B:70:22:9D:5A:08:72:70:1D:DE:C8:A3:FB:D2
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       0198D7A94446DA4D252F160E69FC6E38E595
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          13C0
Signing time:             Sat 23 Aug 2025 16:00:51 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:51 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:51 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: dcWqa8sem7vnupDBbJqe27r5C+8SqPtKnus7UgxyVVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:44:46:da:4d:25:2f:16:0e:69:fc:6e:38:e5:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Aug 23 16:00:51 2025 GMT
            Not After : Aug 24 16:00:51 2025 GMT
        Subject: CN=f08873e8496c3b70229d5a0872701ddec8a3fbd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:d0:b3:03:95:e9:50:15:18:b6:92:ba:dd:f7:
                    4e:4a:45:3f:30:18:bc:2d:78:64:e3:4e:39:6e:b4:
                    dd:dd:df:6c:d5:d5:ef:39:2f:fd:1f:ae:1e:9d:79:
                    7d:78:7c:53:58:b8:b5:b9:5a:78:1d:f3:77:83:8b:
                    fc:53:24:28:27:d2:6e:30:36:23:e6:76:91:f6:03:
                    86:80:f7:56:db:89:db:6a:36:b9:87:a0:5a:ec:69:
                    a5:a5:b3:fe:66:17:9c:53:48:b6:ac:7d:2c:39:3d:
                    cb:13:3d:cc:a1:01:76:75:b4:36:ff:88:f9:14:61:
                    b6:91:85:ab:a8:64:c8:4b:7b:84:13:06:d7:57:05:
                    97:1e:f9:2b:ac:d7:e6:15:32:34:25:fa:c2:09:21:
                    53:2b:95:55:42:a7:06:40:17:88:54:3e:c3:09:e8:
                    a3:69:6b:a1:98:2b:51:5b:78:ba:cb:75:53:43:95:
                    b4:d2:8f:c9:f7:e5:e6:34:7e:1d:ea:fe:4e:f8:ec:
                    fe:b9:f6:f8:bc:bd:e7:01:6b:81:fe:42:cb:6c:21:
                    38:22:46:ac:bd:be:a0:ae:b4:57:a6:7d:b5:40:4f:
                    33:fb:29:79:aa:fc:58:9b:a5:63:57:3b:77:9b:3c:
                    7f:2b:7f:33:96:66:e2:b3:e5:02:14:83:bb:ff:18:
                    81:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:88:73:E8:49:6C:3B:70:22:9D:5A:08:72:70:1D:DE:C8:A3:FB:D2
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:84:a0:c4:70:e5:d8:c1:61:3d:a2:e0:77:76:88:5d:9b:fd:
         a3:6b:5f:ef:bf:f7:35:d5:68:3b:dd:92:21:b5:5d:65:10:9b:
         44:b5:5e:82:8c:e7:af:ec:2b:2d:75:f3:3a:d7:5e:e3:9e:27:
         51:61:91:03:0f:0c:a9:83:81:24:96:bc:97:69:4e:e8:ba:14:
         45:51:8d:03:6a:f1:4c:98:df:31:9c:24:61:67:7d:16:c1:0c:
         10:c9:d9:c3:13:be:61:7c:6d:69:55:86:cf:fc:74:98:f4:5c:
         32:c8:04:16:4e:74:c2:7d:e1:11:ac:2e:9a:06:a0:c5:2f:0f:
         56:49:68:c1:14:56:6c:67:0c:36:00:47:6a:e8:65:60:86:4e:
         65:79:ae:33:58:cc:fb:48:36:d1:64:5e:46:6a:7f:4e:2b:df:
         9f:6d:78:14:38:b7:ef:d1:21:2a:05:01:62:ed:40:f2:3f:1b:
         86:f6:2e:18:15:84:13:55:79:c5:47:c9:b5:71:e3:f4:50:5a:
         1d:3b:91:29:13:34:47:29:43:e9:f7:9a:83:d3:a5:30:6e:b9:
         24:b2:7a:67:99:f3:be:21:8d:25:64:37:59:51:93:71:5a:98:
         60:c6:c9:42:8d:de:3e:f0:f1:4c:74:84:a4:09:be:15:3b:96:
         22:ec:cb:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqURG2k0lLxYOafxuOOWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjUwODIzMTYwMDUxWhcNMjUwODI0MTYwMDUxWjAzMTEwLwYDVQQD
EyhmMDg4NzNlODQ5NmMzYjcwMjI5ZDVhMDg3MjcwMWRkZWM4YTNmYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69CzA5XpUBUYtpK63fdOSkU/MBi8
LXhk4045brTd3d9s1dXvOS/9H64enXl9eHxTWLi1uVp4HfN3g4v8UyQoJ9JuMDYj
5naR9gOGgPdW24nbaja5h6Ba7GmlpbP+ZhecU0i2rH0sOT3LEz3MoQF2dbQ2/4j5
FGG2kYWrqGTIS3uEEwbXVwWXHvkrrNfmFTI0JfrCCSFTK5VVQqcGQBeIVD7DCeij
aWuhmCtRW3i6y3VTQ5W00o/J9+XmNH4d6v5O+Oz+ufb4vL3nAWuB/kLLbCE4Ikas
vb6grrRXpn21QE8z+yl5qvxYm6VjVzt3mzx/K38zlmbis+UCFIO7/xiBFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCIc+hJbDtwIp1aCHJwHd7Io/vSMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4SgxHDl
2MFhPaLgd3aIXZv9o2tf77/3NdVoO92SIbVdZRCbRLVegoznr+wrLXXzOtde454n
UWGRAw8MqYOBJJa8l2lO6LoURVGNA2rxTJjfMZwkYWd9FsEMEMnZwxO+YXxtaVWG
z/x0mPRcMsgEFk50wn3hEawumgagxS8PVklowRRWbGcMNgBHauhlYIZOZXmuM1jM
+0g20WReRmp/Tivfn214FDi379EhKgUBYu1A8j8bhvYuGBWEE1V5xUfJtXHj9FBa
HTuRKRM0RylD6feag9OlMG65JLJ6Z5nzviGNJWQ3WVGTcVqYYMbJQo3ePvDxTHSE
pAm+FTuWIuzL2g==
-----END CERTIFICATE-----