Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          PCqxRpovZ42BshVNSXjWFinHrGAnlivaZD5so8zQJiQ=
Subject key identifier:   3B:6D:3B:99:03:88:34:A9:58:8A:3A:CC:76:AD:A1:76:A6:E3:4C:E0
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       0197B6A0BBFBB0DFF4048DE05DE076094297
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:16 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: AK/tYMWIoIOFvcBMnrRGmXASl2Awfri5AjDEkE98aIs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:bb:fb:b0:df:f4:04:8d:e0:5d:e0:76:09:42:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Jun 28 13:01:16 2025 GMT
            Not After : Jun 29 13:01:16 2025 GMT
        Subject: CN=3b6d3b99038834a9588a3acc76ada176a6e34ce0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b9:72:4e:e4:1a:9c:35:f3:29:f7:be:c7:de:
                    b1:d4:1a:ef:df:c6:4c:a4:57:b9:98:4f:96:9f:b7:
                    fe:7b:44:b2:a3:7e:37:e9:1a:83:ac:c2:47:0b:c9:
                    61:be:24:46:03:ec:aa:57:b5:ef:98:81:50:ef:fd:
                    94:95:ed:2f:33:c7:45:5a:d8:c4:16:bb:11:d0:39:
                    75:54:c8:0a:69:10:4d:13:2a:89:0d:9f:78:34:cc:
                    2a:9a:48:48:db:62:6e:7c:65:81:48:3a:a3:fb:f8:
                    c7:87:81:16:db:c6:b3:26:02:a0:5e:79:10:97:38:
                    eb:ae:5b:ad:b7:a3:c6:9c:f6:13:be:84:84:73:ae:
                    34:50:69:7f:16:02:3e:07:cb:93:c0:48:e3:9b:59:
                    f7:e3:58:0a:88:d5:8f:d8:8c:d0:a4:59:ba:8b:5a:
                    d5:ed:8c:c7:e4:1b:f5:95:f2:99:91:5c:54:90:34:
                    ce:0d:64:9b:57:ad:b0:1a:2d:6e:be:00:ca:ee:39:
                    d8:06:ba:ba:df:71:e6:e1:37:09:d2:92:84:52:e8:
                    b9:a8:98:7c:72:07:33:48:d9:23:65:99:a6:cc:4e:
                    68:62:81:9b:7d:55:fe:c7:d8:7f:ee:2e:47:d9:0f:
                    02:ce:b8:d2:d1:47:3a:cd:02:a2:fd:18:c1:02:d1:
                    77:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:6D:3B:99:03:88:34:A9:58:8A:3A:CC:76:AD:A1:76:A6:E3:4C:E0
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:bf:b9:49:0a:03:82:20:76:65:df:9c:fb:3b:aa:8f:d3:aa:
         1f:7b:63:0e:1d:c4:36:0d:55:b4:cc:06:fa:06:a7:95:b0:eb:
         f3:97:4e:1e:02:18:9b:62:57:78:77:c4:58:5b:e2:e0:ab:3e:
         fe:76:b6:06:c3:29:59:5d:6f:b0:38:4b:3b:03:8a:7d:be:bf:
         23:55:e2:c7:4e:59:24:b0:d9:ae:95:e5:fb:a3:64:90:f9:ce:
         3b:aa:ba:20:d6:a8:e7:84:cb:a3:b6:b2:7e:55:ea:a3:18:e5:
         97:4c:60:66:ef:73:21:13:fc:36:75:5f:86:e7:84:b3:30:d6:
         76:cd:f9:7e:f2:57:e4:27:19:93:5a:a2:11:97:7f:f2:17:6a:
         ca:d8:f4:21:3a:20:81:eb:17:18:01:bf:b9:cd:55:0b:6a:bb:
         1e:00:98:20:16:f6:78:05:70:08:c9:6a:ee:60:95:e3:00:84:
         68:89:0a:da:0e:fb:e8:53:f3:9d:0c:79:2d:dc:fe:7f:5c:b0:
         07:7f:70:7c:23:8b:a3:c7:ff:ff:af:4d:2a:1d:57:01:d1:57:
         bd:e3:62:03:db:94:ce:da:31:41:09:1b:22:6f:6b:7b:fd:ca:
         b6:a6:9a:09:ae:4f:19:b2:50:e9:7d:99:4a:ef:ab:ac:2f:2b:
         d5:e6:81:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oLv7sN/0BI3gXeB2CUKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjUwNjI4MTMwMTE2WhcNMjUwNjI5MTMwMTE2WjAzMTEwLwYDVQQD
EygzYjZkM2I5OTAzODgzNGE5NTg4YTNhY2M3NmFkYTE3NmE2ZTM0Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLlyTuQanDXzKfe+x96x1Brv38ZM
pFe5mE+Wn7f+e0Syo3436RqDrMJHC8lhviRGA+yqV7XvmIFQ7/2Ule0vM8dFWtjE
FrsR0Dl1VMgKaRBNEyqJDZ94NMwqmkhI22JufGWBSDqj+/jHh4EW28azJgKgXnkQ
lzjrrlutt6PGnPYTvoSEc640UGl/FgI+B8uTwEjjm1n341gKiNWP2IzQpFm6i1rV
7YzH5Bv1lfKZkVxUkDTODWSbV62wGi1uvgDK7jnYBrq633Hm4TcJ0pKEUui5qJh8
cgczSNkjZZmmzE5oYoGbfVX+x9h/7i5H2Q8CzrjS0Uc6zQKi/RjBAtF3AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDttO5kDiDSpWIo6zHatoXam40zgMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANL+5SQoD
giB2Zd+c+zuqj9OqH3tjDh3ENg1VtMwG+ganlbDr85dOHgIYm2JXeHfEWFvi4Ks+
/na2BsMpWV1vsDhLOwOKfb6/I1Xix05ZJLDZrpXl+6NkkPnOO6q6INao54TLo7ay
flXqoxjll0xgZu9zIRP8NnVfhueEszDWds35fvJX5CcZk1qiEZd/8hdqytj0ITog
gesXGAG/uc1VC2q7HgCYIBb2eAVwCMlq7mCV4wCEaIkK2g776FPznQx5Ldz+f1yw
B39wfCOLo8f//69NKh1XAdFXveNiA9uUztoxQQkbIm9re/3KtqaaCa5PGbJQ6X2Z
Su+rrC8r1eaBNw==
-----END CERTIFICATE-----