Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          Tk6ljBA9QZcBkqdj2+wrwC8TKJv+ueo7YcKB7Qgb3zY=
Subject key identifier:   2B:05:91:8A:0B:2B:63:68:E2:F8:89:47:3D:EC:CC:FE:30:B1:1D:5A
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       0196B89160BB77873E3E4E32F6B96C517BEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          152E
Signing time:             Sat 10 May 2025 05:00:57 +0000
Manifest this update:     Sat 10 May 2025 05:00:57 +0000
Manifest next update:     Sun 11 May 2025 05:00:57 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: uQ52xOmkLg5T7osPODuHadXPOKWlP9vrbiyU/6pmbMM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:91:60:bb:77:87:3e:3e:4e:32:f6:b9:6c:51:7b:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: May 10 05:00:57 2025 GMT
            Not After : May 11 05:00:57 2025 GMT
        Subject: CN=2b05918a0b2b6368e2f889473decccfe30b11d5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:2c:96:0e:2f:7c:ca:37:4e:45:f5:14:77:ca:
                    1f:1c:da:5b:e8:74:cb:c9:07:bc:92:32:b7:89:49:
                    70:0a:14:1f:72:8f:25:bd:6e:b8:9e:4a:51:98:85:
                    7e:ca:e9:d6:e9:34:f9:17:a2:71:ea:38:6d:59:df:
                    ce:70:dc:f2:7f:35:99:7c:91:66:5c:2b:ab:a2:a8:
                    aa:96:30:8b:81:a4:ee:dc:12:fe:c5:87:07:6f:53:
                    9e:b7:a7:8b:9c:da:e3:48:95:b7:7c:d3:1d:28:97:
                    44:77:10:32:cb:e0:2d:0d:21:57:88:73:0c:25:0b:
                    73:ba:be:84:58:66:db:ec:36:98:c3:a6:c1:26:2b:
                    b9:6e:53:45:66:68:fb:f4:cd:cc:88:da:d5:9f:68:
                    05:2d:29:bb:d4:bd:7a:fb:86:d6:cd:87:ec:a5:fc:
                    63:e0:9f:96:bd:a5:06:39:f7:74:9e:c9:05:c8:e7:
                    f3:97:fd:3a:89:80:4f:af:af:eb:6c:a5:1b:dd:b9:
                    e9:ae:94:b4:87:11:56:48:de:57:e2:3a:e6:96:d8:
                    4a:fa:b5:04:97:a7:b1:2c:db:d8:bd:76:99:7b:37:
                    20:2e:81:dd:8e:1e:2b:c1:f3:94:6a:a8:94:52:5b:
                    98:fb:d3:12:da:e0:3f:7d:a2:80:75:e5:b5:25:d5:
                    30:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:05:91:8A:0B:2B:63:68:E2:F8:89:47:3D:EC:CC:FE:30:B1:1D:5A
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:b7:92:04:f3:93:75:13:3f:22:eb:c6:b3:65:c5:31:5b:1a:
         8a:b1:e6:e3:26:3e:95:f2:8a:69:67:c7:05:31:cd:42:fd:8d:
         ad:a6:21:fc:17:71:bc:d5:56:4c:32:8c:b7:d6:f4:60:bc:da:
         aa:e6:86:5c:b3:26:63:de:ed:80:59:a0:c4:ed:aa:2b:e5:c9:
         f1:9b:81:d3:ab:e9:e4:ef:34:4f:c7:d3:96:f1:78:63:df:37:
         09:fc:fd:d8:80:31:75:db:be:b7:5b:63:b2:23:9a:f8:a4:b9:
         28:00:03:5c:fb:75:86:cc:96:e5:73:cd:cd:5a:f4:bf:d9:6b:
         10:ed:b9:40:1f:66:10:81:00:4b:c0:58:c4:5f:58:34:7c:aa:
         a6:65:03:06:18:da:78:15:53:5f:c2:28:db:59:85:21:36:5a:
         a8:8e:27:8a:cd:fa:f1:1d:eb:2f:17:75:1e:fe:1f:6e:91:bd:
         f9:c7:70:ef:72:41:56:da:ba:ab:0d:ff:a7:af:f7:f4:6b:b2:
         14:84:f2:ff:44:be:f3:05:d8:59:7a:f9:76:06:52:a2:c2:bc:
         05:75:95:a9:d8:14:77:c0:ed:b6:a0:b5:a7:c6:0d:75:02:21:
         c3:11:5d:d0:6f:17:f1:cd:5b:86:ae:9a:76:b3:2f:c7:12:8f:
         c6:c1:96:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4kWC7d4c+Pk4y9rlsUXvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUwNTEwMDUwMDU3WhcNMjUwNTExMDUwMDU3WjAzMTEwLwYDVQQD
EygyYjA1OTE4YTBiMmI2MzY4ZTJmODg5NDczZGVjY2NmZTMwYjExZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiyWDi98yjdORfUUd8ofHNpb6HTL
yQe8kjK3iUlwChQfco8lvW64nkpRmIV+yunW6TT5F6Jx6jhtWd/OcNzyfzWZfJFm
XCuroqiqljCLgaTu3BL+xYcHb1Oet6eLnNrjSJW3fNMdKJdEdxAyy+AtDSFXiHMM
JQtzur6EWGbb7DaYw6bBJiu5blNFZmj79M3MiNrVn2gFLSm71L16+4bWzYfspfxj
4J+WvaUGOfd0nskFyOfzl/06iYBPr6/rbKUb3bnprpS0hxFWSN5X4jrmlthK+rUE
l6exLNvYvXaZezcgLoHdjh4rwfOUaqiUUluY+9MS2uA/faKAdeW1JdUw3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsFkYoLK2No4viJRz3szP4wsR1aMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmreSBPOT
dRM/IuvGs2XFMVsairHm4yY+lfKKaWfHBTHNQv2NraYh/BdxvNVWTDKMt9b0YLza
quaGXLMmY97tgFmgxO2qK+XJ8ZuB06vp5O80T8fTlvF4Y983Cfz92IAxddu+t1tj
siOa+KS5KAADXPt1hsyW5XPNzVr0v9lrEO25QB9mEIEAS8BYxF9YNHyqpmUDBhja
eBVTX8Io21mFITZaqI4nis368R3rLxd1Hv4fbpG9+cdw73JBVtq6qw3/p6/39Guy
FITy/0S+8wXYWXr5dgZSosK8BXWVqdgUd8DttqC1p8YNdQIhwxFd0G8X8c1bhq6a
drMvxxKPxsGWWQ==
-----END CERTIFICATE-----