Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          zSnTBnl4b5ZCcyXdHJt19jGKAjus7YpLoM9TGgeCpp0=
Subject key identifier:   85:72:70:53:C5:71:C0:1A:6A:A2:C2:92:C1:E1:E8:C9:B8:57:D4:B5
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       0196A466311A36D0FA93033FDF7DDCF765B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          1525
Signing time:             Tue 06 May 2025 07:01:22 +0000
Manifest this update:     Tue 06 May 2025 07:01:22 +0000
Manifest next update:     Wed 07 May 2025 07:01:22 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: Qw2m71vnCBfFT2tNHwv8eBY5ZmIDurD+rAhOhxrqaeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 07:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:66:31:1a:36:d0:fa:93:03:3f:df:7d:dc:f7:65:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: May  6 07:01:22 2025 GMT
            Not After : May  7 07:01:22 2025 GMT
        Subject: CN=85727053c571c01a6aa2c292c1e1e8c9b857d4b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f8:fc:82:7e:a5:22:92:d5:ab:06:e2:a6:8e:
                    4a:ec:0e:7c:8a:e9:b3:27:9b:c2:d1:e7:52:af:b9:
                    4b:18:c6:57:93:a7:a7:7d:53:79:c1:8d:60:2b:82:
                    6d:95:c2:dc:c0:1e:ae:3f:b1:f4:b3:80:06:14:24:
                    47:1b:92:33:17:57:26:db:11:70:fd:eb:c9:1e:72:
                    b9:33:66:49:3e:cc:bf:07:df:55:78:03:9a:dd:58:
                    54:98:7a:9f:65:24:3f:9c:9e:c0:19:74:cf:38:3b:
                    00:21:6f:e6:e6:ad:15:54:8b:88:17:a2:0a:04:df:
                    bc:61:53:0a:6a:d2:80:5b:88:3b:84:de:32:23:8a:
                    c9:ad:00:02:b0:bb:d4:c4:71:c3:3b:dc:ff:81:60:
                    b3:dc:bb:44:f8:7a:92:61:45:68:46:c3:69:cf:3b:
                    42:fa:43:1f:ba:31:c8:3c:ee:5c:68:9c:82:cc:06:
                    06:ff:47:9d:65:b2:aa:d0:f1:ee:0a:21:84:af:11:
                    a4:dd:db:84:eb:82:b8:b4:13:7f:98:1b:09:38:5b:
                    96:3a:a3:82:22:6c:03:bd:7d:39:1d:5a:59:72:55:
                    61:92:62:8c:af:28:97:2e:0a:32:17:69:7b:21:3b:
                    75:90:a3:f8:6f:a9:c4:88:09:37:1c:74:4b:7f:5e:
                    14:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:72:70:53:C5:71:C0:1A:6A:A2:C2:92:C1:E1:E8:C9:B8:57:D4:B5
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:46:f9:d3:f5:60:17:cf:61:52:8f:72:df:09:db:11:5b:c6:
         a9:6d:8f:9b:8d:d5:73:92:b4:11:75:d0:02:b8:67:83:48:a2:
         9b:17:2f:b8:1e:6c:12:56:f8:10:03:a2:d0:f2:f4:60:28:da:
         bb:7c:74:a4:9a:a4:9f:52:e8:44:c9:cd:e5:71:1f:42:5c:92:
         0f:14:fb:53:90:e2:94:9d:99:f9:57:96:05:f7:d8:22:65:03:
         d2:9c:42:de:f6:df:07:84:9e:09:e3:44:9a:e4:a2:f9:d0:70:
         8b:39:50:b7:ab:3d:c9:48:83:df:dc:e9:ad:58:84:4f:6c:a3:
         fb:5a:94:81:9e:9c:21:e7:17:1e:2b:51:16:b1:18:96:2e:95:
         0f:2a:75:43:42:dc:28:f7:c3:42:b3:15:8e:06:35:66:84:df:
         7b:0d:0c:bf:29:a5:49:e3:96:d6:13:60:b8:16:9e:15:a4:8d:
         51:bd:9d:33:09:64:34:23:96:fa:a7:7c:e8:87:0b:b1:f8:a8:
         bb:70:b8:8d:82:95:3b:dd:dd:2e:13:df:f0:21:7f:c1:55:c4:
         1d:98:01:d2:98:31:a4:5b:2a:b2:78:ad:11:5c:a8:36:56:b7:
         26:79:3f:b9:c9:d2:52:d5:95:9e:eb:15:85:02:d8:1d:cc:2b:
         dd:2a:c9:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZjEaNtD6kwM/333c92W5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjUwNTA2MDcwMTIyWhcNMjUwNTA3MDcwMTIyWjAzMTEwLwYDVQQD
Eyg4NTcyNzA1M2M1NzFjMDFhNmFhMmMyOTJjMWUxZThjOWI4NTdkNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvj8gn6lIpLVqwbipo5K7A58iumz
J5vC0edSr7lLGMZXk6enfVN5wY1gK4JtlcLcwB6uP7H0s4AGFCRHG5IzF1cm2xFw
/evJHnK5M2ZJPsy/B99VeAOa3VhUmHqfZSQ/nJ7AGXTPODsAIW/m5q0VVIuIF6IK
BN+8YVMKatKAW4g7hN4yI4rJrQACsLvUxHHDO9z/gWCz3LtE+HqSYUVoRsNpzztC
+kMfujHIPO5caJyCzAYG/0edZbKq0PHuCiGErxGk3duE64K4tBN/mBsJOFuWOqOC
ImwDvX05HVpZclVhkmKMryiXLgoyF2l7ITt1kKP4b6nEiAk3HHRLf14UcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVycFPFccAaaqLCksHh6Mm4V9S1MB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnEb50/Vg
F89hUo9y3wnbEVvGqW2Pm43Vc5K0EXXQArhng0iimxcvuB5sElb4EAOi0PL0YCja
u3x0pJqkn1LoRMnN5XEfQlySDxT7U5DilJ2Z+VeWBffYImUD0pxC3vbfB4SeCeNE
muSi+dBwizlQt6s9yUiD39zprViET2yj+1qUgZ6cIecXHitRFrEYli6VDyp1Q0Lc
KPfDQrMVjgY1ZoTfew0MvymlSeOW1hNguBaeFaSNUb2dMwlkNCOW+qd86IcLsfio
u3C4jYKVO93dLhPf8CF/wVXEHZgB0pgxpFsqsnitEVyoNla3Jnk/ucnSUtWVnusV
hQLYHcwr3SrJPg==
-----END CERTIFICATE-----