Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
File:                     Zr5SEJO7idx2JQsif39_umbiKNg.mft (raw, json)
Hash identifier:          iS4lPiUID2yPX91TwN0S3xRApDgs0V1Nv5a3On+rj7M=
Subject key identifier:   05:8E:16:0A:1F:C3:12:F8:7E:EC:11:6C:D8:A8:2F:AD:4E:B9:26:66
Authority key identifier: 66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8
Certificate issuer:       /CN=66be521093bb89dc76250b227f7f7fba66e228d8
Certificate serial:       0197B70EBCBAAFB18FBC393144BDB5D7443B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
Manifest number:          0109
Signing time:             Sat 28 Jun 2025 15:01:25 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:25 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:25 +0000
Files and hashes:         1: Zr5SEJO7idx2JQsif39_umbiKNg.crl (hash: kbGUZ5AEc3pFMmDbB1i2mOFuBiyoWEQ6QYWUEoiOm8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:bc:ba:af:b1:8f:bc:39:31:44:bd:b5:d7:44:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66be521093bb89dc76250b227f7f7fba66e228d8
        Validity
            Not Before: Jun 28 15:01:25 2025 GMT
            Not After : Jun 29 15:01:25 2025 GMT
        Subject: CN=058e160a1fc312f87eec116cd8a82fad4eb92666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4c:1e:31:d7:1f:e8:81:15:a8:1b:70:57:a5:
                    69:d8:bc:fa:49:96:5a:6e:24:ef:47:ca:db:41:84:
                    b7:e6:41:3b:d2:58:1f:e6:7a:93:fc:1a:7f:4b:89:
                    2a:c6:75:6a:3f:9d:4a:f7:8f:dd:0a:8c:fb:6c:ee:
                    a5:a9:c4:d9:5b:99:34:73:41:ca:51:5c:5e:42:e4:
                    fd:b4:f8:58:7d:b0:c0:ed:4e:9e:f5:c6:eb:8e:f5:
                    d1:ed:04:5a:dd:0b:0e:76:5b:e9:ca:c4:da:12:55:
                    db:53:ae:2c:58:10:ed:52:f2:f1:fa:4e:42:58:39:
                    2c:f5:60:db:9a:56:0a:a7:5d:88:73:1d:b8:ae:99:
                    08:53:56:3d:65:e7:27:6f:2a:0c:de:98:6d:3e:38:
                    22:3c:e6:78:d0:fc:49:64:bb:54:ce:bc:cc:96:2f:
                    fb:e9:90:d3:46:72:3f:7d:e8:e3:1a:d0:a1:ff:58:
                    15:e9:a5:b9:05:ed:f5:6f:3f:85:b3:2d:c0:91:62:
                    f6:a3:9f:02:e5:dc:fc:d6:89:44:50:dd:3e:f6:5d:
                    15:fb:c6:a7:b2:b8:a9:4e:cf:1d:bd:c4:ae:3e:e4:
                    4b:0c:ca:ec:9d:05:d6:70:6f:1d:e5:31:ad:9d:f9:
                    db:8b:72:7a:3b:ee:67:87:f4:eb:b2:cc:a5:2b:c4:
                    c9:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:8E:16:0A:1F:C3:12:F8:7E:EC:11:6C:D8:A8:2F:AD:4E:B9:26:66
            X509v3 Authority Key Identifier:
                keyid:66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:f5:eb:2a:33:95:42:9a:42:ea:1d:36:9f:f0:45:bd:1f:d8:
         72:a6:54:67:22:32:88:c5:fc:ea:88:b7:ae:99:2b:55:7b:f6:
         88:45:89:a6:a9:8d:71:3b:a0:ad:0f:d5:ac:44:18:db:f2:6c:
         4e:33:7b:50:88:6b:54:59:2a:22:ea:fa:96:52:89:3b:13:26:
         92:0c:79:bd:3d:62:f2:bc:61:a5:30:a2:58:b7:65:be:a5:af:
         2f:5b:aa:27:ce:11:47:fd:b6:7e:13:b0:bd:94:6d:ac:d8:8b:
         17:60:57:7e:ba:7e:4c:02:54:d4:16:d0:33:43:06:3a:af:2c:
         d4:a0:5a:f0:90:a5:92:0d:ab:c6:fb:33:14:82:a5:d5:5c:18:
         f9:fd:7a:5c:23:7b:81:f9:fd:f4:d0:b5:f5:94:49:4d:d2:60:
         9e:56:bc:73:65:f7:38:06:ae:01:dd:8a:a5:e7:37:7a:ed:33:
         f4:d9:91:d7:4a:95:37:50:26:d6:15:06:fc:38:e6:be:10:20:
         21:af:77:4e:12:06:6c:a8:13:67:43:c9:0f:73:4f:6e:f2:0c:
         06:77:8f:ce:c7:28:71:45:0d:4f:15:62:f4:60:1c:99:36:8c:
         3a:c9:7c:10:77:3e:89:39:62:6f:65:ff:7c:10:f5:0c:7c:23:
         8c:c2:23:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dry6r7GPvDkxRL2110Q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmU1MjEwOTNiYjg5ZGM3NjI1MGIyMjdmN2Y3ZmJhNjZl
MjI4ZDgwHhcNMjUwNjI4MTUwMTI1WhcNMjUwNjI5MTUwMTI1WjAzMTEwLwYDVQQD
EygwNThlMTYwYTFmYzMxMmY4N2VlYzExNmNkOGE4MmZhZDRlYjkyNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkweMdcf6IEVqBtwV6Vp2Lz6SZZa
biTvR8rbQYS35kE70lgf5nqT/Bp/S4kqxnVqP51K94/dCoz7bO6lqcTZW5k0c0HK
UVxeQuT9tPhYfbDA7U6e9cbrjvXR7QRa3QsOdlvpysTaElXbU64sWBDtUvLx+k5C
WDks9WDbmlYKp12Icx24rpkIU1Y9ZecnbyoM3phtPjgiPOZ40PxJZLtUzrzMli/7
6ZDTRnI/fejjGtCh/1gV6aW5Be31bz+Fsy3AkWL2o58C5dz81olEUN0+9l0V+8an
sripTs8dvcSuPuRLDMrsnQXWcG8d5TGtnfnbi3J6O+5nh/TrssylK8TJUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWOFgofwxL4fuwRbNioL61OuSZmMB8GA1UdIwQY
MBaAFGa+UhCTu4ncdiULIn9/f7pm4ijYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDkt
OTAwMzBkMDQwZmY3LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDktOTAwMzBkMDQwZmY3
LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlfXrKjOV
QppC6h02n/BFvR/YcqZUZyIyiMX86oi3rpkrVXv2iEWJpqmNcTugrQ/VrEQY2/Js
TjN7UIhrVFkqIur6llKJOxMmkgx5vT1i8rxhpTCiWLdlvqWvL1uqJ84RR/22fhOw
vZRtrNiLF2BXfrp+TAJU1BbQM0MGOq8s1KBa8JClkg2rxvszFIKl1VwY+f16XCN7
gfn99NC19ZRJTdJgnla8c2X3OAauAd2Kpec3eu0z9NmR10qVN1Am1hUG/DjmvhAg
Ia93ThIGbKgTZ0PJD3NPbvIMBnePzscocUUNTxVi9GAcmTaMOsl8EHc+iTlib2X/
fBD1DHwjjMIj8g==
-----END CERTIFICATE-----