Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          6B1diF9BE1cxoPxUjAI4Zqw92KimQV+2uyD1WcRicrY=
Subject key identifier:   41:81:09:C6:0F:15:64:DD:69:A5:E4:63:57:4E:27:24:84:5E:C0:0D
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       0197B6A0959EA90477432A63DCBEDD352194
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0AB8
Signing time:             Sat 28 Jun 2025 13:01:06 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:06 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:06 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: SPH2l2sC9QcPk4PxStpUAuufE++/ApW4Wx5CR/XHJwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:95:9e:a9:04:77:43:2a:63:dc:be:dd:35:21:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Jun 28 13:01:06 2025 GMT
            Not After : Jun 29 13:01:06 2025 GMT
        Subject: CN=418109c60f1564dd69a5e463574e2724845ec00d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:11:75:70:9f:99:6d:f9:ce:2d:d7:85:d5:9d:
                    e9:66:48:be:0f:62:23:f4:29:16:2f:72:e3:20:f9:
                    23:71:d9:22:78:16:95:b2:7e:12:50:93:62:64:b8:
                    b0:90:41:12:d4:9d:cc:00:3d:a6:0d:a5:16:34:24:
                    57:6e:a7:05:9e:3a:ae:cf:fd:a3:31:0b:3b:98:ba:
                    0d:b2:3e:a5:bb:75:8a:60:59:40:24:1a:b0:97:6c:
                    f6:0c:14:3e:a0:a3:c4:24:5d:b7:18:87:1a:89:4f:
                    f2:c7:65:62:db:4b:f5:27:25:2e:da:34:fb:34:74:
                    37:0b:88:b1:ef:5b:df:e4:4f:1a:2f:dc:5e:5b:7b:
                    63:d0:2a:d4:4b:13:14:2b:3a:bc:e4:42:50:2b:89:
                    df:c5:26:ef:10:2b:ab:23:4c:ac:5b:db:3e:81:11:
                    c7:c6:23:8d:6f:e3:c5:00:a6:ba:72:0e:19:8a:a9:
                    71:a0:f5:2b:e8:0f:72:41:85:2b:17:b9:bc:a2:e4:
                    b5:a1:a4:92:f2:40:86:f4:13:7f:ba:71:91:df:db:
                    1b:c0:e8:fb:51:2c:6c:48:13:3a:d7:75:1a:50:16:
                    3c:aa:aa:da:bd:f4:8c:dd:2a:0c:ed:aa:be:3e:8c:
                    38:34:05:26:4e:38:a9:8e:21:84:c1:13:83:c9:d2:
                    a3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:81:09:C6:0F:15:64:DD:69:A5:E4:63:57:4E:27:24:84:5E:C0:0D
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:31:2b:8d:b4:f2:b7:ed:81:ac:16:46:59:a0:7b:4e:6a:2b:
         15:5f:de:d0:a2:bc:bf:d4:0d:51:6d:2e:fc:40:71:fd:2d:62:
         06:7c:c0:b5:bf:a4:23:ba:c3:c6:97:79:a4:d3:be:8d:7e:5b:
         1a:9d:2b:b0:11:1d:58:cb:73:28:94:44:3c:8c:a7:19:c5:58:
         a5:d5:4b:5d:43:9c:5e:81:c5:89:23:cf:fa:5e:f9:d9:79:2b:
         e8:0d:a0:39:2d:3c:fa:1a:85:df:29:77:bc:e2:3c:05:9c:62:
         75:7d:1a:64:c4:6f:2a:1d:9d:65:bb:ca:bf:48:bf:8c:1c:39:
         17:99:e8:79:7d:b5:81:e5:5c:f1:4c:08:8f:17:33:99:d3:2e:
         e3:75:49:d2:30:c6:20:e3:d0:01:d6:f3:be:ca:8e:52:9c:b6:
         27:43:9c:04:02:35:1e:e8:9b:a7:9f:02:5f:68:64:a9:91:b7:
         2f:af:42:7f:e2:52:eb:fa:6e:fe:1d:3a:6d:7f:f5:1a:6b:14:
         07:63:e0:f0:04:f2:4b:45:8d:ba:a0:9b:cf:b7:9f:2a:57:2a:
         47:00:f3:24:46:41:83:fb:72:3d:66:f5:bf:c9:f2:59:24:ce:
         07:a3:72:00:62:41:b8:2e:22:c4:71:1e:50:64:9f:d4:bb:f0:
         5e:0d:ac:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oJWeqQR3Qypj3L7dNSGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjUwNjI4MTMwMTA2WhcNMjUwNjI5MTMwMTA2WjAzMTEwLwYDVQQD
Eyg0MTgxMDljNjBmMTU2NGRkNjlhNWU0NjM1NzRlMjcyNDg0NWVjMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhF1cJ+ZbfnOLdeF1Z3pZki+D2Ij
9CkWL3LjIPkjcdkieBaVsn4SUJNiZLiwkEES1J3MAD2mDaUWNCRXbqcFnjquz/2j
MQs7mLoNsj6lu3WKYFlAJBqwl2z2DBQ+oKPEJF23GIcaiU/yx2Vi20v1JyUu2jT7
NHQ3C4ix71vf5E8aL9xeW3tj0CrUSxMUKzq85EJQK4nfxSbvECurI0ysW9s+gRHH
xiONb+PFAKa6cg4ZiqlxoPUr6A9yQYUrF7m8ouS1oaSS8kCG9BN/unGR39sbwOj7
USxsSBM613UaUBY8qqravfSM3SoM7aq+Pow4NAUmTjipjiGEwRODydKjWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGBCcYPFWTdaaXkY1dOJySEXsANMB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTErjbTy
t+2BrBZGWaB7TmorFV/e0KK8v9QNUW0u/EBx/S1iBnzAtb+kI7rDxpd5pNO+jX5b
Gp0rsBEdWMtzKJREPIynGcVYpdVLXUOcXoHFiSPP+l752Xkr6A2gOS08+hqF3yl3
vOI8BZxidX0aZMRvKh2dZbvKv0i/jBw5F5noeX21geVc8UwIjxczmdMu43VJ0jDG
IOPQAdbzvsqOUpy2J0OcBAI1Huibp58CX2hkqZG3L69Cf+JS6/pu/h06bX/1GmsU
B2Pg8ATyS0WNuqCbz7efKlcqRwDzJEZBg/tyPWb1v8nyWSTOB6NyAGJBuC4ixHEe
UGSf1LvwXg2swQ==
-----END CERTIFICATE-----