Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          WKZR4B4WnuXBJmTH40JI09MeFoYNaFWt08ovvV0cqjc=
Subject key identifier:   C7:1B:69:38:E1:28:C7:89:44:42:73:00:E6:F9:29:4D:42:F9:1F:2E
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       0197B70EA7ADCF0307CA4FC2B493B8E1D1FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          09D9
Signing time:             Sat 28 Jun 2025 15:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:20 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: fVuKPkP9QsWhRlh+r1i/NMtBOZPbqh8cS9vrK+SW+YA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:a7:ad:cf:03:07:ca:4f:c2:b4:93:b8:e1:d1:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Jun 28 15:01:20 2025 GMT
            Not After : Jun 29 15:01:20 2025 GMT
        Subject: CN=c71b6938e128c78944427300e6f9294d42f91f2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:16:82:32:54:30:34:dd:a9:0d:c2:54:26:35:
                    85:6b:71:5c:f5:dc:79:30:b2:96:7b:84:5c:f8:43:
                    49:bc:c6:14:ad:2e:26:ff:7d:d7:e8:91:f7:34:90:
                    d1:f9:e3:7e:15:72:a7:04:90:39:cb:fc:7e:c4:80:
                    06:88:1c:b2:69:e0:3f:ba:55:a1:60:47:f2:c6:24:
                    a2:8d:ec:20:44:03:13:c9:83:99:12:b2:17:72:11:
                    b1:82:1d:4a:b2:64:c6:c2:64:b4:e1:25:0f:dd:1e:
                    ea:46:fa:9e:9a:9c:9c:8f:35:48:a8:ab:f0:8e:1b:
                    0d:46:2f:5d:1a:f2:ee:d6:c8:47:7c:14:7a:85:50:
                    81:2f:8c:e9:e7:99:40:17:f8:f8:cf:cc:09:37:af:
                    8e:a2:dd:87:17:a5:23:bf:ec:ba:25:dd:aa:93:ad:
                    ae:77:f2:cf:ea:94:37:eb:5e:88:a7:a4:7d:0d:4a:
                    3a:ee:e4:61:1a:2e:af:1d:e3:b1:4b:f3:ae:6a:e0:
                    c5:4d:71:09:65:a3:21:03:a9:0c:02:84:73:53:a3:
                    d7:39:bf:e4:b0:98:a0:5f:60:49:03:57:38:60:cb:
                    69:7b:2b:e6:cf:3e:80:87:ff:3a:e2:ea:5b:06:00:
                    6b:16:50:b2:a1:1d:83:5c:ca:bd:3d:62:04:90:88:
                    49:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:1B:69:38:E1:28:C7:89:44:42:73:00:E6:F9:29:4D:42:F9:1F:2E
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:c1:65:94:55:17:22:63:d0:45:52:77:64:4e:dd:1e:b5:e1:
         aa:36:30:31:4e:a2:0f:8e:c9:a4:5d:db:31:20:0c:72:1f:2c:
         d1:89:1e:31:78:93:25:c6:ca:3e:82:6f:28:6b:a4:f3:fd:03:
         46:b1:57:05:ae:58:b1:a3:85:85:14:a1:7e:80:0b:97:ad:81:
         ab:c4:18:6d:90:07:13:e5:e4:dc:41:24:7a:13:98:81:26:cd:
         79:3f:4f:40:f0:2b:00:86:aa:9f:91:7c:88:c4:92:2d:98:62:
         05:6a:e2:d4:3c:54:bd:4b:31:ca:5e:60:96:95:bf:8c:9f:d2:
         69:41:a4:6c:cb:82:36:7f:a0:5b:05:68:8c:a8:0f:6e:32:ae:
         0a:bd:16:25:88:d9:a7:c6:bc:2f:82:ec:c5:a0:bd:47:25:96:
         bf:f1:07:d5:38:84:bc:8d:3c:d2:ad:18:eb:46:b9:cf:de:9f:
         f0:a7:b0:d6:d6:1c:b3:ee:cc:76:fc:b3:af:6c:6f:71:03:51:
         4f:fa:0c:c9:f1:17:b5:1a:37:0a:ce:f9:f6:a6:d4:06:f0:b6:
         37:27:08:7b:73:26:60:f1:4b:95:fb:d5:ed:e4:21:81:88:39:
         7c:a9:44:1d:4d:e1:19:2b:3c:1e:eb:10:03:3c:60:87:47:2d:
         66:96:ae:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DqetzwMHyk/CtJO44dH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUwNjI4MTUwMTIwWhcNMjUwNjI5MTUwMTIwWjAzMTEwLwYDVQQD
EyhjNzFiNjkzOGUxMjhjNzg5NDQ0MjczMDBlNmY5Mjk0ZDQyZjkxZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRaCMlQwNN2pDcJUJjWFa3Fc9dx5
MLKWe4Rc+ENJvMYUrS4m/33X6JH3NJDR+eN+FXKnBJA5y/x+xIAGiByyaeA/ulWh
YEfyxiSijewgRAMTyYOZErIXchGxgh1KsmTGwmS04SUP3R7qRvqempycjzVIqKvw
jhsNRi9dGvLu1shHfBR6hVCBL4zp55lAF/j4z8wJN6+Oot2HF6Ujv+y6Jd2qk62u
d/LP6pQ3616Ip6R9DUo67uRhGi6vHeOxS/OuauDFTXEJZaMhA6kMAoRzU6PXOb/k
sJigX2BJA1c4YMtpeyvmzz6Ah/864upbBgBrFlCyoR2DXMq9PWIEkIhJwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcbaTjhKMeJREJzAOb5KU1C+R8uMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8FllFUX
ImPQRVJ3ZE7dHrXhqjYwMU6iD47JpF3bMSAMch8s0YkeMXiTJcbKPoJvKGuk8/0D
RrFXBa5YsaOFhRShfoALl62Bq8QYbZAHE+Xk3EEkehOYgSbNeT9PQPArAIaqn5F8
iMSSLZhiBWri1DxUvUsxyl5glpW/jJ/SaUGkbMuCNn+gWwVojKgPbjKuCr0WJYjZ
p8a8L4LsxaC9RyWWv/EH1TiEvI080q0Y60a5z96f8Kew1tYcs+7Mdvyzr2xvcQNR
T/oMyfEXtRo3Cs759qbUBvC2NycIe3MmYPFLlfvV7eQhgYg5fKlEHU3hGSs8HusQ
Azxgh0ctZpauTw==
-----END CERTIFICATE-----