Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
File:                     z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft (raw, json)
Hash identifier:          I6/x++mh8L1079m21KOASmuCLPTAq+8H6MxnIxJg3Z0=
Subject key identifier:   95:D4:F4:4F:F7:9B:36:96:1B:64:E8:88:66:F6:64:7D:AB:4C:57:D5
Authority key identifier: CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06
Certificate issuer:       /CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
Certificate serial:       0196CBE1421C2203B0B1CC640FB13940F2A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
Manifest number:          03DA
Signing time:             Tue 13 May 2025 23:00:59 +0000
Manifest this update:     Tue 13 May 2025 23:00:59 +0000
Manifest next update:     Wed 14 May 2025 23:00:59 +0000
Files and hashes:         1: z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl (hash: nln+qd10fwKGwsBTa+0vrwNt1xHC6/nY4HrpB8iEIC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:e1:42:1c:22:03:b0:b1:cc:64:0f:b1:39:40:f2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
        Validity
            Not Before: May 13 23:00:59 2025 GMT
            Not After : May 14 23:00:59 2025 GMT
        Subject: CN=95d4f44ff79b36961b64e88866f6647dab4c57d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6d:6c:0f:2d:22:9b:ae:c6:38:c2:01:b5:20:
                    bc:4f:b8:ef:77:df:c1:f7:4d:29:26:4f:86:69:92:
                    bf:86:ef:be:63:b2:19:07:63:68:3f:a2:18:36:1e:
                    cb:6d:4a:72:53:54:7b:ba:01:be:99:ff:87:8f:33:
                    7e:27:82:3b:9d:22:e6:95:72:d0:c7:40:03:45:04:
                    ca:10:4f:89:30:bb:c0:af:5c:fa:d6:41:78:da:ff:
                    20:c2:de:d3:6d:8f:5b:5f:ba:be:61:ea:73:7a:74:
                    36:02:14:09:d1:00:da:cc:2a:98:b9:48:64:9c:11:
                    ee:ee:36:03:1d:60:25:82:de:0f:e1:2b:bb:da:6e:
                    c7:a2:2c:cd:03:ba:ab:74:6e:cd:5b:e6:9b:91:e0:
                    23:fb:ba:8a:0b:96:87:d7:bd:9c:30:75:0e:b4:01:
                    0c:1a:49:6a:f7:1d:18:33:53:1c:55:aa:92:90:49:
                    33:40:e8:67:87:03:31:36:51:dc:c1:83:43:08:32:
                    86:ee:99:d5:73:07:d8:0f:f4:0f:43:46:89:5c:4e:
                    ba:87:13:aa:db:6f:cb:8c:66:11:e1:e5:ff:10:42:
                    f6:29:10:54:f1:e9:61:0d:7b:61:69:71:67:2d:ff:
                    b0:74:e7:2c:07:ee:4b:fc:98:c5:67:da:50:b0:0d:
                    e1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D4:F4:4F:F7:9B:36:96:1B:64:E8:88:66:F6:64:7D:AB:4C:57:D5
            X509v3 Authority Key Identifier:
                keyid:CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:ab:12:73:29:83:55:97:b7:a9:2d:f5:39:25:82:a2:e5:7d:
         19:5f:01:47:96:b6:da:0b:ff:13:3a:11:bf:39:d5:f9:5f:39:
         3b:78:f0:be:cd:98:73:f6:5b:fd:f6:09:a7:06:d2:70:01:31:
         53:3d:55:b6:e5:8a:d4:b6:dd:ed:a5:4d:2f:e3:86:31:d4:df:
         77:a8:1b:4c:47:c8:7a:6d:52:80:e1:37:2f:f5:3b:10:e8:ab:
         c7:54:db:23:1a:27:86:59:c5:8e:57:6f:62:86:f0:b9:e4:b6:
         0e:8b:95:fc:53:14:6b:fd:5c:08:85:fa:19:6c:42:24:09:37:
         1e:ac:94:e0:6c:ef:2d:ec:45:e8:4f:00:80:66:02:0d:ae:bb:
         2e:12:da:15:60:e3:4c:85:64:86:7c:60:c5:7c:ac:8e:1c:c1:
         11:e4:91:aa:16:0b:d8:21:2b:bb:6d:1f:6b:45:13:1b:46:8a:
         c7:cb:ca:95:3b:9e:ed:81:0c:8d:c8:b2:13:2e:ab:96:b8:4f:
         de:50:61:52:ef:be:f5:9d:92:49:2d:ef:e7:fc:23:be:d8:a1:
         5c:a0:bb:a3:f1:9f:e1:b9:ee:e0:37:13:e5:36:df:c3:3c:34:
         fc:d1:e7:78:bb:f8:db:cf:43:57:89:3d:db:ee:e1:26:62:51:
         90:fe:22:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbL4UIcIgOwscxkD7E5QPKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Y1YzU5ODA1OWUxYWU1OTc2YzgxZWEyYjgyNjY5N2Vl
MTk5MDYwHhcNMjUwNTEzMjMwMDU5WhcNMjUwNTE0MjMwMDU5WjAzMTEwLwYDVQQD
Eyg5NWQ0ZjQ0ZmY3OWIzNjk2MWI2NGU4ODg2NmY2NjQ3ZGFiNGM1N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt21sDy0im67GOMIBtSC8T7jvd9/B
900pJk+GaZK/hu++Y7IZB2NoP6IYNh7LbUpyU1R7ugG+mf+HjzN+J4I7nSLmlXLQ
x0ADRQTKEE+JMLvAr1z61kF42v8gwt7TbY9bX7q+YepzenQ2AhQJ0QDazCqYuUhk
nBHu7jYDHWAlgt4P4Su72m7HoizNA7qrdG7NW+abkeAj+7qKC5aH172cMHUOtAEM
Gklq9x0YM1McVaqSkEkzQOhnhwMxNlHcwYNDCDKG7pnVcwfYD/QPQ0aJXE66hxOq
22/LjGYR4eX/EEL2KRBU8elhDXthaXFnLf+wdOcsB+5L/JjFZ9pQsA3h6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXU9E/3mzaWG2ToiGb2ZH2rTFfVMB8GA1UdIwQY
MBaAFM9/XFmAWeGuWXbIHqK4Jml+4ZkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMt
ZTFkYzY5ZTMzM2RmLzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMtZTFkYzY5ZTMzM2Rm
LzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmasScymD
VZe3qS31OSWCouV9GV8BR5a22gv/EzoRvznV+V85O3jwvs2Yc/Zb/fYJpwbScAEx
Uz1VtuWK1Lbd7aVNL+OGMdTfd6gbTEfIem1SgOE3L/U7EOirx1TbIxonhlnFjldv
YobwueS2DouV/FMUa/1cCIX6GWxCJAk3HqyU4GzvLexF6E8AgGYCDa67LhLaFWDj
TIVkhnxgxXysjhzBEeSRqhYL2CEru20fa0UTG0aKx8vKlTue7YEMjciyEy6rlrhP
3lBhUu++9Z2SSS3v5/wjvtihXKC7o/Gf4bnu4DcT5Tbfwzw0/NHneLv4289DV4k9
2+7hJmJRkP4iGg==
-----END CERTIFICATE-----