Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          FC9AY2lV1ZnhpXmmAD7FGyJIcHMtkgfQtrJ0ByLrj3M=
Subject key identifier:   F3:3E:86:C7:B5:FC:6D:5A:C9:E6:0E:6F:C1:30:3D:1D:7B:F3:F4:44
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       0197B77C98A21C2E21298320614B76E58891
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 17:01:25 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:25 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:25 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: Gh+6gitC00jPQ1VRJnUF/8sJI+T1rc522qD9uQeh/j4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:98:a2:1c:2e:21:29:83:20:61:4b:76:e5:88:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Jun 28 17:01:25 2025 GMT
            Not After : Jun 29 17:01:25 2025 GMT
        Subject: CN=f33e86c7b5fc6d5ac9e60e6fc1303d1d7bf3f444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:80:bd:53:87:0e:56:c6:f1:4c:7e:83:89:65:
                    50:1f:f2:a3:02:cb:eb:9c:72:31:86:20:4f:0b:da:
                    2a:28:f7:69:fa:ad:41:f2:dc:01:bf:28:7a:aa:4f:
                    c4:6c:b6:a7:f5:aa:bb:fa:3a:24:43:14:38:1d:d5:
                    6b:10:9c:0a:a0:62:4e:2a:a3:24:9e:31:dd:45:a5:
                    a0:de:60:5d:94:d7:ee:07:47:06:fb:19:5b:a4:4a:
                    79:04:44:bc:8b:58:1a:da:69:83:30:88:53:a1:88:
                    f9:4b:71:34:30:7b:ad:f3:e7:10:58:3c:34:40:51:
                    82:14:d5:71:46:49:cd:77:bd:d4:e7:9d:5f:20:e4:
                    68:e2:c9:a1:0a:e6:42:b3:4d:15:e7:ad:05:19:7c:
                    18:08:fc:9d:1d:8f:2a:51:f6:18:54:c3:60:0c:fd:
                    83:e3:28:cf:e5:bf:38:54:3b:bc:db:62:61:5a:f1:
                    26:60:f9:21:99:d9:e2:6d:0e:6b:8b:15:b7:1c:bc:
                    2b:7d:b7:7d:4f:2d:23:a5:56:55:cf:05:58:e7:a5:
                    86:ff:a5:6b:aa:9d:32:ba:12:8d:00:8d:06:ee:f2:
                    8a:bd:7f:d3:dc:95:37:a9:49:b1:f4:89:62:cd:68:
                    4d:95:93:a1:49:63:26:60:1b:d3:ee:ad:fe:52:42:
                    e7:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:3E:86:C7:B5:FC:6D:5A:C9:E6:0E:6F:C1:30:3D:1D:7B:F3:F4:44
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:25:0b:e4:71:82:9e:12:6b:82:9c:a6:1a:ed:ec:50:4f:da:
         b2:96:d5:8f:05:f3:25:7a:c2:96:15:d1:da:53:eb:2a:60:cb:
         f1:35:8b:d7:72:61:97:ff:0a:af:0d:ea:cf:14:70:82:cd:e0:
         4d:b4:25:da:e6:3f:e7:a5:bb:04:a2:61:78:98:50:0a:5a:1b:
         d6:b4:65:f5:ab:ac:ff:51:22:a4:79:e5:22:cc:ba:db:67:8b:
         1c:ee:08:14:c7:f0:14:14:c4:ab:96:c4:a6:5c:f3:75:ee:ca:
         a0:a2:dc:0f:d8:64:cb:3e:b0:b4:e2:cf:29:12:5a:f3:b5:75:
         a7:d2:5c:f2:1e:24:74:8f:a7:00:d1:2a:c6:8d:01:e1:18:6f:
         9d:d9:47:eb:38:04:7a:4c:b3:0a:40:16:b5:66:31:16:a1:45:
         65:d1:6d:63:98:f9:a9:47:83:72:d4:63:58:99:49:dd:06:a8:
         ab:6c:b4:dc:8e:8c:63:5d:2d:39:3e:c9:1c:bd:f3:1f:25:69:
         9d:b2:00:cf:f0:a1:27:fc:52:c4:2b:7c:05:c4:e4:09:3b:b6:
         4a:27:59:8e:15:50:03:e5:ca:bf:de:11:86:e5:28:d1:0f:13:
         8c:58:30:6c:14:60:65:f2:18:7f:b5:a0:a0:4e:77:21:1e:f4:
         c3:2e:ce:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJiiHC4hKYMgYUt25YiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUwNjI4MTcwMTI1WhcNMjUwNjI5MTcwMTI1WjAzMTEwLwYDVQQD
EyhmMzNlODZjN2I1ZmM2ZDVhYzllNjBlNmZjMTMwM2QxZDdiZjNmNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYC9U4cOVsbxTH6DiWVQH/KjAsvr
nHIxhiBPC9oqKPdp+q1B8twBvyh6qk/EbLan9aq7+jokQxQ4HdVrEJwKoGJOKqMk
njHdRaWg3mBdlNfuB0cG+xlbpEp5BES8i1ga2mmDMIhToYj5S3E0MHut8+cQWDw0
QFGCFNVxRknNd73U551fIORo4smhCuZCs00V560FGXwYCPydHY8qUfYYVMNgDP2D
4yjP5b84VDu822JhWvEmYPkhmdnibQ5rixW3HLwrfbd9Ty0jpVZVzwVY56WG/6Vr
qp0yuhKNAI0G7vKKvX/T3JU3qUmx9IlizWhNlZOhSWMmYBvT7q3+UkLnrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPM+hse1/G1ayeYOb8EwPR178/REMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARyUL5HGC
nhJrgpymGu3sUE/aspbVjwXzJXrClhXR2lPrKmDL8TWL13Jhl/8Krw3qzxRwgs3g
TbQl2uY/56W7BKJheJhQClob1rRl9aus/1EipHnlIsy622eLHO4IFMfwFBTEq5bE
plzzde7KoKLcD9hkyz6wtOLPKRJa87V1p9Jc8h4kdI+nANEqxo0B4RhvndlH6zgE
ekyzCkAWtWYxFqFFZdFtY5j5qUeDctRjWJlJ3Qaoq2y03I6MY10tOT7JHL3zHyVp
nbIAz/ChJ/xSxCt8BcTkCTu2SidZjhVQA+XKv94RhuUo0Q8TjFgwbBRgZfIYf7Wg
oE53IR70wy7OFw==
-----END CERTIFICATE-----