Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
File:                     zfQLRgtIuPNm_sXKObMcOAxkWjI.mft (raw, json)
Hash identifier:          Q7ot85JjmL6nuK7flcdcEdgpkjdirzV5L7+up9fmDZQ=
Subject key identifier:   D0:F3:8E:8A:CD:A0:BB:BA:A2:0F:E7:EC:DB:D2:82:E5:21:B9:26:BA
Authority key identifier: CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32
Certificate issuer:       /CN=cdf40b460b48b8f366fec5ca39b31c380c645a32
Certificate serial:       0197CB032CF01B97521C3964D3D33951588D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
Manifest number:          86
Signing time:             Wed 02 Jul 2025 12:01:12 +0000
Manifest this update:     Wed 02 Jul 2025 12:01:12 +0000
Manifest next update:     Thu 03 Jul 2025 12:01:12 +0000
Files and hashes:         1: zfQLRgtIuPNm_sXKObMcOAxkWjI.crl (hash: L00b2t5iUTZD5FUJ2rRmipaJlhxOpkeedZOLf4qcRvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 11:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:03:2c:f0:1b:97:52:1c:39:64:d3:d3:39:51:58:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf40b460b48b8f366fec5ca39b31c380c645a32
        Validity
            Not Before: Jul  2 12:01:12 2025 GMT
            Not After : Jul  3 12:01:12 2025 GMT
        Subject: CN=d0f38e8acda0bbbaa20fe7ecdbd282e521b926ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b2:cc:9b:bf:25:e5:07:44:0f:67:b9:c8:24:
                    b5:93:28:f8:9c:e1:18:d1:87:fc:ad:de:7f:ca:74:
                    5e:2f:95:00:23:f3:01:e6:bf:04:b7:c9:7e:07:68:
                    62:0a:a7:6c:9c:a1:91:ac:ec:63:c8:9b:83:ac:1f:
                    bc:77:5a:b4:5e:95:3b:7d:94:67:30:0e:18:f3:69:
                    31:9f:e1:cd:f4:cb:b3:b6:b7:18:2d:e4:d8:50:0e:
                    05:a8:69:8d:8c:90:68:a1:fc:c1:1c:d4:88:0f:8d:
                    d8:9c:88:e6:73:f2:81:ee:90:a5:ac:55:4e:17:63:
                    be:dc:ae:bf:67:24:b5:3f:b4:e3:10:ac:72:87:db:
                    71:f0:f5:2b:87:28:ad:b6:45:ee:56:65:a4:19:6b:
                    39:3b:99:96:14:3f:1b:44:ee:8e:8d:07:21:93:39:
                    40:4e:f2:fc:bf:28:33:af:59:6a:cc:b9:51:f6:d3:
                    1f:7c:e5:1b:b2:dc:c7:c0:8d:74:3e:ff:87:89:24:
                    f8:87:fe:29:9d:23:86:03:25:8a:13:1f:90:5b:2d:
                    4d:8a:a6:a9:dc:d0:58:fc:8a:cb:94:6c:b9:a5:48:
                    7e:6d:0a:3d:35:9a:96:3e:7e:64:85:95:95:1d:30:
                    38:71:4a:45:05:f3:7c:b9:b3:3b:70:d6:88:4f:94:
                    67:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F3:8E:8A:CD:A0:BB:BA:A2:0F:E7:EC:DB:D2:82:E5:21:B9:26:BA
            X509v3 Authority Key Identifier:
                keyid:CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:93:fe:7d:2e:84:af:19:ad:24:75:77:d2:1e:3d:02:b1:f2:
         64:b4:ae:ed:7c:4c:cd:51:cf:02:e8:31:32:e1:7a:57:1d:0a:
         73:d3:40:51:3a:39:7b:7b:49:49:5f:80:e6:47:e6:51:40:78:
         53:08:15:d4:25:c9:0c:99:ca:72:c3:b1:a4:19:55:5a:d7:60:
         cc:7a:ce:9e:f9:df:5a:b7:c7:4b:af:ee:a9:2f:8d:ec:d7:98:
         3e:48:23:d3:20:1c:fb:bd:56:47:46:18:71:8d:f3:81:2b:59:
         d7:2d:e6:59:66:99:18:06:84:23:21:82:1d:9b:78:e6:fe:cb:
         6e:d0:18:3f:a1:fd:d2:00:45:03:f5:17:e6:ee:03:32:67:26:
         6c:a6:4a:19:a1:be:0c:e1:87:26:63:cf:e1:fc:4e:87:2a:9e:
         4d:ae:b0:23:a4:3f:5a:72:e5:40:f1:fe:68:e7:92:3b:0b:ea:
         14:de:a9:20:4e:5a:3d:4e:fb:59:1a:90:40:ef:dd:f3:5e:4a:
         df:65:a4:ce:88:5d:3c:5c:9a:3d:7c:b9:71:9f:cf:aa:7b:8b:
         00:90:6d:a6:a9:ca:53:c4:a3:02:32:96:2e:e7:f6:92:32:4a:
         9f:a8:78:a8:33:36:fa:94:12:99:36:f5:49:19:11:d1:1e:7d:
         4c:3c:35:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfLAyzwG5dSHDlk09M5UViNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjQwYjQ2MGI0OGI4ZjM2NmZlYzVjYTM5YjMxYzM4MGM2
NDVhMzIwHhcNMjUwNzAyMTIwMTEyWhcNMjUwNzAzMTIwMTEyWjAzMTEwLwYDVQQD
EyhkMGYzOGU4YWNkYTBiYmJhYTIwZmU3ZWNkYmQyODJlNTIxYjkyNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubLMm78l5QdED2e5yCS1kyj4nOEY
0Yf8rd5/ynReL5UAI/MB5r8Et8l+B2hiCqdsnKGRrOxjyJuDrB+8d1q0XpU7fZRn
MA4Y82kxn+HN9MuztrcYLeTYUA4FqGmNjJBoofzBHNSID43YnIjmc/KB7pClrFVO
F2O+3K6/ZyS1P7TjEKxyh9tx8PUrhyittkXuVmWkGWs5O5mWFD8bRO6OjQchkzlA
TvL8vygzr1lqzLlR9tMffOUbstzHwI10Pv+HiST4h/4pnSOGAyWKEx+QWy1Niqap
3NBY/IrLlGy5pUh+bQo9NZqWPn5khZWVHTA4cUpFBfN8ubM7cNaIT5RnhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDzjorNoLu6og/n7NvSguUhuSa6MB8GA1UdIwQY
MBaAFM30C0YLSLjzZv7FyjmzHDgMZFoyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYt
YTdlZjFkY2ZkNWYxLzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYtYTdlZjFkY2ZkNWYx
LzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJP+fS6E
rxmtJHV30h49ArHyZLSu7XxMzVHPAugxMuF6Vx0Kc9NAUTo5e3tJSV+A5kfmUUB4
UwgV1CXJDJnKcsOxpBlVWtdgzHrOnvnfWrfHS6/uqS+N7NeYPkgj0yAc+71WR0YY
cY3zgStZ1y3mWWaZGAaEIyGCHZt45v7LbtAYP6H90gBFA/UX5u4DMmcmbKZKGaG+
DOGHJmPP4fxOhyqeTa6wI6Q/WnLlQPH+aOeSOwvqFN6pIE5aPU77WRqQQO/d815K
32WkzohdPFyaPXy5cZ/PqnuLAJBtpqnKU8SjAjKWLuf2kjJKn6h4qDM2+pQSmTb1
SRkR0R59TDw1aQ==
-----END CERTIFICATE-----