Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
File:                     zdCuQc2rVZhilkF4v-rjaElrB9c.mft (raw, json)
Hash identifier:          6YFUBP2Le6FCAsVn4rOyz/bsndDD+1jysImUQFV+TAw=
Subject key identifier:   CF:A5:72:5E:B5:86:AB:39:3D:8B:EB:53:6C:C2:53:7E:3F:64:4D:C1
Authority key identifier: CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7
Certificate issuer:       /CN=cdd0ae41cdab559862964178bfeae368496b07d7
Certificate serial:       0197C94C0468C38BD08917DF849D5EC84D3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
Manifest number:          0C9E
Signing time:             Wed 02 Jul 2025 04:01:31 +0000
Manifest this update:     Wed 02 Jul 2025 04:01:31 +0000
Manifest next update:     Thu 03 Jul 2025 04:01:31 +0000
Files and hashes:         1: zdCuQc2rVZhilkF4v-rjaElrB9c.crl (hash: KunXuUGSY3xs4pTd8QUN08GJm+hyW/zbjH2pk23Zq3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:4c:04:68:c3:8b:d0:89:17:df:84:9d:5e:c8:4d:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdd0ae41cdab559862964178bfeae368496b07d7
        Validity
            Not Before: Jul  2 04:01:31 2025 GMT
            Not After : Jul  3 04:01:31 2025 GMT
        Subject: CN=cfa5725eb586ab393d8beb536cc2537e3f644dc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9a:c2:41:cf:ad:65:bf:bd:94:ee:e3:8b:ab:
                    e7:aa:f6:a0:42:e0:fd:57:59:6d:aa:2f:f7:10:63:
                    a1:2f:93:43:8c:75:df:7d:43:af:42:1d:26:66:a4:
                    3a:a0:32:f7:b8:6a:36:84:92:4f:74:b3:2a:1a:1a:
                    3b:d2:04:9f:07:25:b8:a6:0f:f2:32:9f:40:58:ff:
                    55:2d:67:c0:52:ba:71:b8:a4:e1:67:62:f5:08:3c:
                    d7:c3:d4:fa:36:8d:5d:32:76:28:88:a4:bb:21:87:
                    8b:b3:62:04:c8:6c:11:da:13:c3:8a:c3:03:84:c7:
                    d0:1b:2e:eb:de:12:a8:dc:58:96:cd:3c:22:ae:a2:
                    f2:d3:99:8c:2e:71:a8:3b:a2:0f:6b:44:0a:f1:b3:
                    2f:13:f7:d9:d6:89:ae:a6:e4:f4:2d:8a:82:9c:8e:
                    01:a4:a0:f7:ba:d3:3d:c3:25:e6:f3:e8:f7:9c:10:
                    55:7c:42:49:64:8e:b0:f6:f3:05:60:1f:a7:fd:3e:
                    0e:0d:c9:5a:93:3f:10:d1:28:e1:69:04:56:d0:19:
                    fd:aa:ff:d9:9b:99:d6:48:05:5e:b7:61:04:a0:0f:
                    fb:5e:fb:c3:f7:1a:76:89:93:da:3e:fc:4c:c9:c2:
                    d4:d7:d3:f8:31:ae:15:4e:d3:3e:92:97:27:e1:f8:
                    89:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:A5:72:5E:B5:86:AB:39:3D:8B:EB:53:6C:C2:53:7E:3F:64:4D:C1
            X509v3 Authority Key Identifier:
                keyid:CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:c6:01:bc:42:cc:76:88:0f:5c:06:00:38:9b:14:ad:6e:ca:
         86:65:03:45:5f:4b:ec:4b:a0:db:ad:22:d8:13:1b:d1:bd:54:
         14:14:1b:1b:4e:d6:80:d2:16:bd:be:73:31:1c:5e:59:39:80:
         43:02:48:fe:8a:0b:b8:24:4e:7c:71:16:24:b1:cf:b0:c3:25:
         05:a8:f7:9b:9f:39:46:20:d9:ad:80:4a:4c:e6:da:c7:6c:9d:
         08:f4:0e:42:72:ec:00:9c:19:cc:2a:70:65:df:34:f2:8f:4b:
         16:30:95:02:e3:c2:7f:de:96:9e:b0:28:3c:b6:c6:bb:2c:03:
         b8:b6:69:84:21:1c:96:d5:3a:e7:96:61:4b:35:4a:f4:e2:80:
         b1:bd:ff:c3:9f:fc:98:e1:fd:34:d5:14:d9:90:44:9d:b9:5d:
         59:c5:38:05:6d:f9:cc:c0:d0:64:88:72:f5:de:9e:35:04:ca:
         bd:a3:e7:3f:99:2f:f9:61:0a:cc:56:c0:dd:e6:d2:f3:99:71:
         6a:2b:5f:df:66:f0:39:29:6f:c9:48:fb:0e:2c:09:28:97:79:
         84:6f:96:03:29:66:3b:32:14:84:b7:08:9e:1d:9e:75:54:53:
         e8:44:05:11:ab:d7:91:92:70:21:54:c5:5a:af:9e:dc:c8:b4:
         f8:24:68:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJTARow4vQiRffhJ1eyE0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZDBhZTQxY2RhYjU1OTg2Mjk2NDE3OGJmZWFlMzY4NDk2
YjA3ZDcwHhcNMjUwNzAyMDQwMTMxWhcNMjUwNzAzMDQwMTMxWjAzMTEwLwYDVQQD
EyhjZmE1NzI1ZWI1ODZhYjM5M2Q4YmViNTM2Y2MyNTM3ZTNmNjQ0ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJrCQc+tZb+9lO7ji6vnqvagQuD9
V1ltqi/3EGOhL5NDjHXffUOvQh0mZqQ6oDL3uGo2hJJPdLMqGho70gSfByW4pg/y
Mp9AWP9VLWfAUrpxuKThZ2L1CDzXw9T6No1dMnYoiKS7IYeLs2IEyGwR2hPDisMD
hMfQGy7r3hKo3FiWzTwirqLy05mMLnGoO6IPa0QK8bMvE/fZ1omupuT0LYqCnI4B
pKD3utM9wyXm8+j3nBBVfEJJZI6w9vMFYB+n/T4ODclakz8Q0SjhaQRW0Bn9qv/Z
m5nWSAVet2EEoA/7XvvD9xp2iZPaPvxMycLU19P4Ma4VTtM+kpcn4fiJDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+lcl61hqs5PYvrU2zCU34/ZE3BMB8GA1UdIwQY
MBaAFM3QrkHNq1WYYpZBeL/q42hJawfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEt
NDI4MzI0YTkyNDRlLzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEtNDI4MzI0YTkyNDRl
LzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANMYBvELM
dogPXAYAOJsUrW7KhmUDRV9L7Eug260i2BMb0b1UFBQbG07WgNIWvb5zMRxeWTmA
QwJI/ooLuCROfHEWJLHPsMMlBaj3m585RiDZrYBKTObax2ydCPQOQnLsAJwZzCpw
Zd808o9LFjCVAuPCf96WnrAoPLbGuywDuLZphCEcltU655ZhSzVK9OKAsb3/w5/8
mOH9NNUU2ZBEnbldWcU4BW35zMDQZIhy9d6eNQTKvaPnP5kv+WEKzFbA3ebS85lx
aitf32bwOSlvyUj7DiwJKJd5hG+WAylmOzIUhLcInh2edVRT6EQFEavXkZJwIVTF
Wq+e3Mi0+CRoBQ==
-----END CERTIFICATE-----