Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
File:                     zEH27mce6lNY5xzn_BHJNsw3bGE.mft (raw, json)
Hash identifier:          OsvzNrz+OUDWTrgRAmRNrFVRXN6765HUv3xoPbN6eSM=
Subject key identifier:   DB:7C:53:F7:4F:80:4C:35:1D:6F:E9:87:19:80:05:70:E4:A2:75:C4
Authority key identifier: CC:41:F6:EE:67:1E:EA:53:58:E7:1C:E7:FC:11:C9:36:CC:37:6C:61
Certificate issuer:       /CN=cc41f6ee671eea5358e71ce7fc11c936cc376c61
Certificate serial:       0197B9D885BD61DBFD956E9B235B654AF671
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
Manifest number:          0FE3
Signing time:             Sun 29 Jun 2025 04:01:04 +0000
Manifest this update:     Sun 29 Jun 2025 04:01:04 +0000
Manifest next update:     Mon 30 Jun 2025 04:01:04 +0000
Files and hashes:         1: zEH27mce6lNY5xzn_BHJNsw3bGE.crl (hash: xbEnBTh/3eRmS6uRr9sfSiJyJRVlpWSjMBVuGt0oKhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:d8:85:bd:61:db:fd:95:6e:9b:23:5b:65:4a:f6:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc41f6ee671eea5358e71ce7fc11c936cc376c61
        Validity
            Not Before: Jun 29 04:01:04 2025 GMT
            Not After : Jun 30 04:01:04 2025 GMT
        Subject: CN=db7c53f74f804c351d6fe98719800570e4a275c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:20:00:66:dd:50:8d:9c:9f:ff:1e:93:5e:1f:
                    ea:d1:68:09:8f:6d:84:f0:24:25:ea:83:96:44:82:
                    c0:5c:50:6c:1d:f1:d7:37:ad:73:20:34:41:40:f3:
                    7f:ae:4d:eb:67:e0:a7:e1:d9:7d:8a:b5:e6:70:f5:
                    74:c3:94:cb:c4:87:92:8b:27:8a:47:9d:5f:e0:86:
                    ff:11:7c:76:45:c4:96:2a:bf:c9:e6:7b:38:28:4d:
                    f1:3a:87:9b:d8:1f:44:fa:f4:13:39:a3:b7:c9:fd:
                    01:1c:99:8b:00:8f:20:99:8a:b5:cf:37:3f:b7:46:
                    bd:8b:cb:4f:42:ff:09:87:a7:e4:fe:77:a9:d6:86:
                    33:40:45:23:2d:70:68:b2:55:bc:0d:a6:81:1d:11:
                    6e:77:20:53:1a:6e:71:e2:cf:b4:5c:00:8c:73:18:
                    6c:29:fc:4b:3d:12:46:87:9a:9b:a5:0d:3d:39:eb:
                    aa:e4:f8:2d:a5:4f:f2:90:04:d5:62:62:d8:cd:87:
                    da:bb:f5:b2:e6:eb:c3:33:51:51:2d:f4:ea:55:4a:
                    cd:30:27:39:87:9d:d9:88:e7:09:29:6f:58:0c:50:
                    0c:61:9b:95:bf:55:8b:e1:6e:36:c9:79:53:61:cf:
                    ce:3d:2a:d1:eb:46:07:be:bf:e4:cf:93:f0:18:39:
                    ac:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:7C:53:F7:4F:80:4C:35:1D:6F:E9:87:19:80:05:70:E4:A2:75:C4
            X509v3 Authority Key Identifier:
                keyid:CC:41:F6:EE:67:1E:EA:53:58:E7:1C:E7:FC:11:C9:36:CC:37:6C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:39:be:ef:e3:f6:dd:58:fb:48:af:fd:6e:f5:77:4f:89:05:
         9c:a3:4c:2a:22:d4:a2:a6:23:ee:99:22:c2:c5:53:a1:ae:40:
         37:12:82:0d:46:1d:ac:a6:4f:98:28:db:4d:87:45:c8:92:0e:
         db:f3:33:d0:9e:f5:f8:7b:17:e9:77:ee:95:c6:45:d0:5e:79:
         62:9c:fe:04:cd:8c:e1:9c:bc:98:e9:d8:9e:0e:18:f5:9e:23:
         1c:30:85:46:e8:6f:fb:8e:1e:a1:37:79:4c:cf:64:12:85:e4:
         8c:16:77:bb:94:76:f4:47:c7:f5:6c:19:58:8a:e2:32:d4:0f:
         3f:bc:6d:7e:e6:2d:9c:4a:36:13:6b:82:30:f3:55:1d:07:4c:
         2a:19:6c:b2:16:88:d9:e7:a9:9f:9c:65:da:0a:07:12:28:17:
         41:e8:53:0c:53:59:01:d3:49:94:bb:a9:68:0c:0b:c5:96:6d:
         91:20:0d:e4:02:67:48:60:d5:30:c1:3e:f1:31:a5:21:a9:a1:
         23:71:93:65:23:b5:2b:c2:55:51:bf:3c:7c:7d:8d:b5:68:d9:
         da:86:3f:a8:27:47:ff:8c:17:f5:46:dd:62:b9:50:8a:89:31:
         b4:4d:c0:c7:f9:55:ce:c4:6e:d7:de:0b:89:36:c3:d1:3a:35:
         6d:7d:a0:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe52IW9Ydv9lW6bI1tlSvZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDFmNmVlNjcxZWVhNTM1OGU3MWNlN2ZjMTFjOTM2Y2Mz
NzZjNjEwHhcNMjUwNjI5MDQwMTA0WhcNMjUwNjMwMDQwMTA0WjAzMTEwLwYDVQQD
EyhkYjdjNTNmNzRmODA0YzM1MWQ2ZmU5ODcxOTgwMDU3MGU0YTI3NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+SAAZt1QjZyf/x6TXh/q0WgJj22E
8CQl6oOWRILAXFBsHfHXN61zIDRBQPN/rk3rZ+Cn4dl9irXmcPV0w5TLxIeSiyeK
R51f4Ib/EXx2RcSWKr/J5ns4KE3xOoeb2B9E+vQTOaO3yf0BHJmLAI8gmYq1zzc/
t0a9i8tPQv8Jh6fk/nep1oYzQEUjLXBoslW8DaaBHRFudyBTGm5x4s+0XACMcxhs
KfxLPRJGh5qbpQ09Oeuq5PgtpU/ykATVYmLYzYfau/Wy5uvDM1FRLfTqVUrNMCc5
h53ZiOcJKW9YDFAMYZuVv1WL4W42yXlTYc/OPSrR60YHvr/kz5PwGDmsKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNt8U/dPgEw1HW/phxmABXDkonXEMB8GA1UdIwQY
MBaAFMxB9u5nHupTWOcc5/wRyTbMN2xhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODU3YTMtZGExZS00NTQ5LWFlYzAt
NmYyZTc5ZDgyN2UwLzEvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC84ODU3YTMtZGExZS00NTQ5LWFlYzAtNmYyZTc5ZDgyN2Uw
LzEvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeTm+7+P2
3Vj7SK/9bvV3T4kFnKNMKiLUoqYj7pkiwsVToa5ANxKCDUYdrKZPmCjbTYdFyJIO
2/Mz0J71+HsX6XfulcZF0F55Ypz+BM2M4Zy8mOnYng4Y9Z4jHDCFRuhv+44eoTd5
TM9kEoXkjBZ3u5R29EfH9WwZWIriMtQPP7xtfuYtnEo2E2uCMPNVHQdMKhlsshaI
2eepn5xl2goHEigXQehTDFNZAdNJlLupaAwLxZZtkSAN5AJnSGDVMME+8TGlIamh
I3GTZSO1K8JVUb88fH2NtWjZ2oY/qCdH/4wX9UbdYrlQiokxtE3Ax/lVzsRu194L
iTbD0To1bX2gFw==
-----END CERTIFICATE-----