Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          pDrnA45AcE2s2VMXVbjTTbAaFdliOEbclVZhNJdOWrM=
Subject key identifier:   67:2E:4F:07:41:D6:55:A6:69:B0:94:A0:B8:22:17:31:E6:FF:99:AD
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       0197C42634306CB2DB0124308D20876EFAED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          10A1
Signing time:             Tue 01 Jul 2025 04:02:07 +0000
Manifest this update:     Tue 01 Jul 2025 04:02:07 +0000
Manifest next update:     Wed 02 Jul 2025 04:02:07 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: hps1xYCRLX+Bp7/PI670hJ2y3W1LxTfd1uyG4G4M0jw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c4:26:34:30:6c:b2:db:01:24:30:8d:20:87:6e:fa:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Jul  1 04:02:07 2025 GMT
            Not After : Jul  2 04:02:07 2025 GMT
        Subject: CN=672e4f0741d655a669b094a0b8221731e6ff99ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:5d:4d:7a:d7:44:0d:81:12:4c:78:cf:73:6b:
                    ad:5f:fb:e8:9e:9b:8f:3c:19:29:e5:bf:f4:19:93:
                    0e:61:39:dc:14:f8:ec:06:85:88:82:a5:a1:ad:70:
                    dc:83:4e:82:55:a1:fb:2d:8f:be:9d:2d:b5:49:91:
                    58:2e:13:ba:ab:bb:d1:a1:44:bc:f0:e5:e3:29:3d:
                    b3:72:76:a0:43:45:62:7d:f7:f4:55:b8:51:44:d0:
                    ad:d4:ee:e5:8c:b8:d0:87:3b:b8:a0:d4:27:e9:8d:
                    db:0a:94:5a:74:5d:0a:0f:36:1b:04:77:e4:de:f2:
                    b5:2d:19:29:48:5e:74:ea:67:de:7b:e5:e1:e4:e0:
                    e8:a3:f0:62:95:5b:da:ec:84:55:a1:84:b3:f0:dc:
                    87:b1:27:e1:9d:94:87:21:a8:eb:30:52:29:98:93:
                    ed:18:ed:02:00:0b:ed:44:a4:ea:2d:bb:80:df:9d:
                    42:d9:88:9f:b4:ea:1b:8b:1b:d6:aa:7e:23:c7:69:
                    d2:45:b9:c6:f5:69:4b:e7:0a:97:26:71:4b:96:b9:
                    a5:21:b2:49:4a:e6:4e:12:97:bb:37:28:f2:66:d4:
                    66:7c:6e:c7:f2:a7:54:20:26:66:2b:38:28:8c:08:
                    0b:71:58:2e:84:23:d8:45:c5:7c:25:3f:dd:14:4c:
                    64:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:2E:4F:07:41:D6:55:A6:69:B0:94:A0:B8:22:17:31:E6:FF:99:AD
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:f5:35:f6:87:68:18:86:2a:68:06:0d:89:91:e8:70:f6:fc:
         5f:3b:39:88:41:d3:13:8d:e3:61:5b:c1:99:cd:2e:a9:43:08:
         ab:1d:86:b6:9a:d2:23:f6:14:19:13:51:f0:bc:d7:43:ff:71:
         f2:9d:f8:8d:73:c0:12:06:c9:cb:e6:71:8c:31:5d:ba:30:84:
         10:2b:69:d9:41:09:ff:5e:3a:67:03:f2:02:ea:fb:ec:be:22:
         70:37:2b:4b:ef:bb:04:08:09:d6:a0:f9:05:29:fa:03:a1:f9:
         9f:f5:12:08:df:bc:bc:d3:f1:22:47:db:bb:1b:66:61:ba:8a:
         c2:09:f8:20:7f:4d:14:35:e0:03:85:75:ab:9a:76:02:3e:5c:
         ce:45:de:4d:1c:d4:e0:22:98:b4:8f:87:61:a0:1d:75:7e:da:
         b3:7c:28:12:0d:42:e2:5c:15:61:dd:5d:f9:bf:5e:2e:1a:da:
         14:57:82:59:3c:0f:44:31:8a:96:24:e5:ce:24:91:91:a4:7d:
         fc:7b:53:cd:28:c4:86:d4:b7:92:d0:55:32:f0:98:cf:4c:6d:
         5f:fd:fb:0f:5b:25:f7:68:c2:d1:ff:c5:7c:46:d9:fc:1a:5d:
         f0:cc:72:c4:75:de:70:8f:76:d5:64:90:ae:3a:b3:8e:0c:7b:
         a2:70:9c:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEJjQwbLLbASQwjSCHbvrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjUwNzAxMDQwMjA3WhcNMjUwNzAyMDQwMjA3WjAzMTEwLwYDVQQD
Eyg2NzJlNGYwNzQxZDY1NWE2NjliMDk0YTBiODIyMTczMWU2ZmY5OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF1NetdEDYESTHjPc2utX/vonpuP
PBkp5b/0GZMOYTncFPjsBoWIgqWhrXDcg06CVaH7LY++nS21SZFYLhO6q7vRoUS8
8OXjKT2zcnagQ0Vifff0VbhRRNCt1O7ljLjQhzu4oNQn6Y3bCpRadF0KDzYbBHfk
3vK1LRkpSF506mfee+Xh5ODoo/BilVva7IRVoYSz8NyHsSfhnZSHIajrMFIpmJPt
GO0CAAvtRKTqLbuA351C2YiftOobixvWqn4jx2nSRbnG9WlL5wqXJnFLlrmlIbJJ
SuZOEpe7NyjyZtRmfG7H8qdUICZmKzgojAgLcVguhCPYRcV8JT/dFExkKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcuTwdB1lWmabCUoLgiFzHm/5mtMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAavU19odo
GIYqaAYNiZHocPb8Xzs5iEHTE43jYVvBmc0uqUMIqx2GtprSI/YUGRNR8LzXQ/9x
8p34jXPAEgbJy+ZxjDFdujCEECtp2UEJ/146ZwPyAur77L4icDcrS++7BAgJ1qD5
BSn6A6H5n/USCN+8vNPxIkfbuxtmYbqKwgn4IH9NFDXgA4V1q5p2Aj5czkXeTRzU
4CKYtI+HYaAddX7as3woEg1C4lwVYd1d+b9eLhraFFeCWTwPRDGKliTlziSRkaR9
/HtTzSjEhtS3ktBVMvCYz0xtX/37D1sl92jC0f/FfEbZ/Bpd8MxyxHXecI921WSQ
rjqzjgx7onCc1g==
-----END CERTIFICATE-----