Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
File:                     ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft (raw, json)
Hash identifier:          kz2ssJ4d1FN7+YmSd2wRtNc3Shcyu87C69GN7jwS/rI=
Subject key identifier:   9B:19:82:11:60:7C:33:4B:CB:FC:35:72:B9:FB:BB:E9:BC:D4:7A:E8
Authority key identifier: 66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8
Certificate issuer:       /CN=6683a96cf511a67919d900f3fc934099341f87d8
Certificate serial:       0196BD807DCC1B9D67479F74E69039DB85EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
Manifest number:          0D13
Signing time:             Sun 11 May 2025 04:00:36 +0000
Manifest this update:     Sun 11 May 2025 04:00:36 +0000
Manifest next update:     Mon 12 May 2025 04:00:36 +0000
Files and hashes:         1: ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl (hash: O2kaxXPeDyXBgnZ2iIMfmwEuV8oCji7h3XJdAdedzZs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:7d:cc:1b:9d:67:47:9f:74:e6:90:39:db:85:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6683a96cf511a67919d900f3fc934099341f87d8
        Validity
            Not Before: May 11 04:00:36 2025 GMT
            Not After : May 12 04:00:36 2025 GMT
        Subject: CN=9b198211607c334bcbfc3572b9fbbbe9bcd47ae8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:2e:89:a5:97:97:5e:cc:d1:b4:a3:d5:ff:4a:
                    2d:0c:f0:16:e3:73:d7:09:60:e2:d8:76:5c:d5:e0:
                    96:3d:69:57:ae:5c:fa:b5:32:98:05:ef:6d:e6:cc:
                    69:50:53:de:02:b0:57:fa:ca:fa:c7:bf:42:45:8b:
                    a0:f9:70:05:b8:58:e1:bf:be:0e:e3:65:99:16:bc:
                    16:5e:b5:4c:1d:8a:38:70:28:c1:b4:53:1a:ea:1d:
                    08:88:73:28:c4:b1:4e:d9:00:61:b1:75:3f:b9:6c:
                    15:94:79:15:b8:13:90:97:24:b7:81:1a:48:0c:91:
                    c1:5f:fe:c8:d2:ff:50:c1:2b:4e:f6:34:af:66:37:
                    3a:29:46:d5:b9:7e:a3:de:39:7d:71:e7:04:74:1c:
                    3f:a0:fa:cc:9d:be:b5:77:12:07:1a:90:4d:79:15:
                    d0:e5:88:60:2c:17:72:4b:84:6f:95:c3:e8:39:e3:
                    97:c3:b8:64:25:af:f6:95:05:dc:f7:68:06:2d:f5:
                    58:e1:c1:1d:06:9b:5b:af:1a:f2:5a:ea:89:bd:59:
                    2d:01:e0:70:3f:ef:77:39:90:98:46:d7:ad:8f:ec:
                    22:ed:1d:ab:86:6f:fe:ad:a7:b8:8d:a9:d2:a4:2e:
                    de:f3:fc:4d:30:b4:85:00:2d:89:bb:9c:6d:bf:fe:
                    a5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:19:82:11:60:7C:33:4B:CB:FC:35:72:B9:FB:BB:E9:BC:D4:7A:E8
            X509v3 Authority Key Identifier:
                keyid:66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:f2:fa:90:29:2a:0b:69:96:e1:3a:e1:7e:5e:b9:77:f7:6c:
         6e:eb:c3:a9:69:bc:72:46:6b:f9:dc:98:14:77:14:f2:38:59:
         24:9a:ec:19:26:64:56:41:34:b7:6d:04:5d:8d:07:16:1c:ce:
         29:50:44:a1:4b:6e:89:b5:eb:e2:e6:e8:1b:85:6b:8f:52:cf:
         61:87:f3:a5:5e:76:6c:b0:2d:28:06:2b:ba:6e:46:99:90:5e:
         b2:f4:38:1f:5a:88:51:20:9d:d7:33:d3:99:a8:5c:53:cc:6c:
         71:17:3e:c1:58:54:60:11:8d:d4:34:be:cb:76:ea:7d:f3:16:
         d4:7b:96:f5:d5:76:c3:e7:da:ee:dd:c9:2d:dc:44:66:c6:1c:
         49:ae:71:5f:63:6f:57:7a:4a:9d:50:32:89:45:e2:3d:35:ce:
         bd:c8:08:70:7e:c5:d6:ef:fa:cb:4e:56:44:87:ee:e7:51:99:
         8b:4b:7a:f4:1b:ff:3c:99:f8:0e:84:36:4c:32:cc:3f:b2:78:
         b2:7e:bc:5e:a9:27:a5:5b:a6:2a:30:0e:ab:8a:a2:76:68:66:
         52:b5:ad:91:b6:60:f7:c4:ac:12:ac:73:3a:09:91:7c:20:f9:
         45:14:89:e9:d2:26:03:18:08:2b:f2:b0:0d:48:87:9b:73:45:
         26:37:99:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gH3MG51nR5905pA524XsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODNhOTZjZjUxMWE2NzkxOWQ5MDBmM2ZjOTM0MDk5MzQx
Zjg3ZDgwHhcNMjUwNTExMDQwMDM2WhcNMjUwNTEyMDQwMDM2WjAzMTEwLwYDVQQD
Eyg5YjE5ODIxMTYwN2MzMzRiY2JmYzM1NzJiOWZiYmJlOWJjZDQ3YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i6JpZeXXszRtKPV/0otDPAW43PX
CWDi2HZc1eCWPWlXrlz6tTKYBe9t5sxpUFPeArBX+sr6x79CRYug+XAFuFjhv74O
42WZFrwWXrVMHYo4cCjBtFMa6h0IiHMoxLFO2QBhsXU/uWwVlHkVuBOQlyS3gRpI
DJHBX/7I0v9QwStO9jSvZjc6KUbVuX6j3jl9cecEdBw/oPrMnb61dxIHGpBNeRXQ
5YhgLBdyS4RvlcPoOeOXw7hkJa/2lQXc92gGLfVY4cEdBptbrxryWuqJvVktAeBw
P+93OZCYRtetj+wi7R2rhm/+rae4janSpC7e8/xNMLSFAC2Ju5xtv/6lSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsZghFgfDNLy/w1crn7u+m81HroMB8GA1UdIwQY
MBaAFGaDqWz1EaZ5GdkA8/yTQJk0H4fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgt
YWUzMDY4NmM4NTg5LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgtYWUzMDY4NmM4NTg5
LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnPL6kCkq
C2mW4Trhfl65d/dsbuvDqWm8ckZr+dyYFHcU8jhZJJrsGSZkVkE0t20EXY0HFhzO
KVBEoUtuibXr4uboG4Vrj1LPYYfzpV52bLAtKAYrum5GmZBesvQ4H1qIUSCd1zPT
mahcU8xscRc+wVhUYBGN1DS+y3bqffMW1HuW9dV2w+fa7t3JLdxEZsYcSa5xX2Nv
V3pKnVAyiUXiPTXOvcgIcH7F1u/6y05WRIfu51GZi0t69Bv/PJn4DoQ2TDLMP7J4
sn68XqknpVumKjAOq4qidmhmUrWtkbZg98SsEqxzOgmRfCD5RRSJ6dImAxgIK/Kw
DUiHm3NFJjeZpA==
-----END CERTIFICATE-----