Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          4gVSkVbwKP1deqv3gl8UCQEs8AZl44Kw6RBu/4Uir3A=
Subject key identifier:   95:CB:16:ED:84:60:C1:3A:22:52:18:D0:0F:EA:C0:E0:6C:97:17:91
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       0197B6A10559D5039679933089C2C3857C03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          13D0
Signing time:             Sat 28 Jun 2025 13:01:35 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:35 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:35 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: hWSeJJSR85aey/cUzalX1TA8wJ+0osGGxES7bW9VXSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:05:59:d5:03:96:79:93:30:89:c2:c3:85:7c:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Jun 28 13:01:35 2025 GMT
            Not After : Jun 29 13:01:35 2025 GMT
        Subject: CN=95cb16ed8460c13a225218d00feac0e06c971791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:76:28:a6:4a:03:9f:df:c4:84:14:94:58:4c:
                    cd:bc:c8:eb:91:a9:3d:7f:d3:c9:a5:c1:61:de:ed:
                    1f:fe:d6:e1:2e:1f:79:27:20:54:16:de:cd:d3:19:
                    a3:97:af:fe:7c:09:75:28:92:a1:9a:7c:c1:d1:03:
                    c0:ee:d8:09:69:31:da:7a:0d:41:84:55:4d:cc:91:
                    18:b9:12:e3:da:93:f7:52:ee:ea:18:64:72:7e:36:
                    00:c8:25:d5:e9:9a:13:68:26:ef:87:6d:cf:98:9a:
                    5c:de:8f:8a:d8:79:14:f8:31:da:04:14:85:5c:4f:
                    6e:8e:6d:07:3e:70:81:d1:8b:fa:ef:84:17:6b:a7:
                    8c:41:d5:8e:6c:b0:86:f3:87:5a:0e:02:f6:91:9b:
                    23:39:f9:23:55:30:81:66:70:7e:39:4b:04:c3:04:
                    f7:fb:d6:43:b2:41:15:ed:d6:57:23:35:70:ad:96:
                    d7:63:84:bb:0e:d6:b2:e8:6c:ee:5c:f4:5e:84:13:
                    a7:06:b7:2c:70:dd:4c:68:56:e0:cc:d8:9c:ac:c5:
                    5b:db:d8:90:f1:f3:07:4d:76:c5:d6:a8:de:db:12:
                    44:c2:fc:7d:79:ab:fa:ef:3a:e4:65:c4:7b:ae:59:
                    9f:7f:fe:50:78:7a:bd:51:88:3d:b8:6d:d5:f5:44:
                    b9:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:CB:16:ED:84:60:C1:3A:22:52:18:D0:0F:EA:C0:E0:6C:97:17:91
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:3f:9f:d0:77:7b:e6:f1:10:b9:41:02:e6:5b:67:a2:8f:10:
         64:9c:a2:41:14:b7:14:d2:bc:56:c1:82:0d:a8:9a:f9:72:a0:
         26:13:96:8d:f0:14:1f:85:95:7f:9b:92:be:f4:3d:c4:a7:12:
         36:4a:dc:13:54:ab:7f:42:4e:fe:35:90:fe:0f:e1:b2:73:68:
         82:29:80:ab:dd:39:fd:5e:f5:da:f2:f5:d3:7c:2e:c7:f8:ef:
         98:5a:a7:7f:2e:fe:d1:66:bb:34:e9:72:7e:4d:49:b0:57:7d:
         c7:b1:7f:43:8c:26:36:0d:6d:34:b4:de:ee:dd:4d:6f:f5:74:
         2c:ac:bc:73:70:36:0f:fa:c5:e6:b5:32:74:87:f2:cb:2a:c2:
         88:28:58:4b:94:45:27:c0:97:30:af:15:15:6c:6c:ec:ce:84:
         aa:d8:66:b1:b2:6a:37:63:75:22:5b:a4:f7:ba:c5:ab:dd:d5:
         f5:66:8b:51:24:cb:75:c9:30:5f:78:2a:a4:c7:0f:db:ea:73:
         4d:b0:80:e4:97:cf:86:75:a4:75:51:50:b3:da:01:dd:68:3a:
         59:ba:88:b1:c3:b8:72:cc:f4:24:13:90:c5:75:8f:83:e7:4d:
         59:cd:55:2a:9a:69:fd:96:36:99:72:a4:a9:2c:70:28:1b:45:
         de:cc:2d:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oQVZ1QOWeZMwicLDhXwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwNjI4MTMwMTM1WhcNMjUwNjI5MTMwMTM1WjAzMTEwLwYDVQQD
Eyg5NWNiMTZlZDg0NjBjMTNhMjI1MjE4ZDAwZmVhYzBlMDZjOTcxNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknYopkoDn9/EhBSUWEzNvMjrkak9
f9PJpcFh3u0f/tbhLh95JyBUFt7N0xmjl6/+fAl1KJKhmnzB0QPA7tgJaTHaeg1B
hFVNzJEYuRLj2pP3Uu7qGGRyfjYAyCXV6ZoTaCbvh23PmJpc3o+K2HkU+DHaBBSF
XE9ujm0HPnCB0Yv674QXa6eMQdWObLCG84daDgL2kZsjOfkjVTCBZnB+OUsEwwT3
+9ZDskEV7dZXIzVwrZbXY4S7Dtay6GzuXPRehBOnBrcscN1MaFbgzNicrMVb29iQ
8fMHTXbF1qje2xJEwvx9eav67zrkZcR7rlmff/5QeHq9UYg9uG3V9US51QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXLFu2EYME6IlIY0A/qwOBslxeRMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgT+f0Hd7
5vEQuUEC5ltnoo8QZJyiQRS3FNK8VsGCDaia+XKgJhOWjfAUH4WVf5uSvvQ9xKcS
NkrcE1Srf0JO/jWQ/g/hsnNogimAq905/V712vL103wux/jvmFqnfy7+0Wa7NOly
fk1JsFd9x7F/Q4wmNg1tNLTe7t1Nb/V0LKy8c3A2D/rF5rUydIfyyyrCiChYS5RF
J8CXMK8VFWxs7M6EqthmsbJqN2N1Iluk97rFq93V9WaLUSTLdckwX3gqpMcP2+pz
TbCA5JfPhnWkdVFQs9oB3Wg6WbqIscO4csz0JBOQxXWPg+dNWc1VKppp/ZY2mXKk
qSxwKBtF3swtEA==
-----END CERTIFICATE-----