Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          S1wGebbzfPfeuggWYhs2Cxd5zGkW1lbJwXUHqEwjKdo=
Subject key identifier:   DF:57:85:99:4B:71:58:57:FD:9D:9D:69:7A:3E:32:ED:99:0F:6D:D9
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       0196A6540A18406582A6797FDEDED5D17F38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          0EC9
Signing time:             Tue 06 May 2025 16:00:47 +0000
Manifest this update:     Tue 06 May 2025 16:00:47 +0000
Manifest next update:     Wed 07 May 2025 16:00:47 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: moQ9S8Hs7aBTuY97debpAjgm6+cYTWtIdNGzikaAFxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 14:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a6:54:0a:18:40:65:82:a6:79:7f:de:de:d5:d1:7f:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: May  6 16:00:47 2025 GMT
            Not After : May  7 16:00:47 2025 GMT
        Subject: CN=df5785994b715857fd9d9d697a3e32ed990f6dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a4:b5:96:6e:dd:45:03:0a:71:6e:2f:a7:ff:
                    c2:fb:67:a4:0b:12:87:e8:a7:f3:22:b0:9a:ac:2c:
                    75:9a:50:6b:3d:53:13:f9:13:82:9d:3b:f4:fe:2d:
                    b6:08:74:e3:4e:2b:a5:71:63:a3:3a:71:02:94:e2:
                    95:36:5f:f3:f9:89:a9:5e:62:8f:a7:2b:ad:40:3b:
                    50:c5:78:d8:92:be:e5:1d:9a:f7:ca:96:4b:52:5b:
                    f6:f9:f3:2c:01:7c:f9:11:30:91:68:67:30:aa:52:
                    23:0b:25:a8:66:e2:6c:ac:81:60:f1:8a:3e:43:9a:
                    10:74:a9:ec:d8:bd:ce:a5:6a:23:0a:b2:2b:4b:1e:
                    24:59:aa:fb:57:06:43:0b:ef:87:b3:b1:e3:88:1b:
                    53:d8:66:e8:d0:b9:b9:a0:cf:f6:d6:18:be:a3:36:
                    f2:dc:af:5d:a5:08:91:b9:7a:99:95:2a:19:d5:5a:
                    e0:62:d8:ce:93:ed:fe:a6:e9:54:14:b9:3c:e2:6c:
                    66:b3:05:3e:bf:a9:fe:85:f6:33:2b:41:29:52:6a:
                    8a:37:54:79:d9:42:89:dc:32:31:94:47:33:1a:6a:
                    8c:bc:f4:1c:61:f2:11:34:e2:f4:6f:21:b5:cd:b7:
                    f1:b8:b1:5b:10:64:93:7f:95:de:d5:d8:3a:de:e9:
                    00:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:57:85:99:4B:71:58:57:FD:9D:9D:69:7A:3E:32:ED:99:0F:6D:D9
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:29:59:d6:b7:4d:17:64:9a:a1:15:53:d5:7d:c7:0a:18:7e:
         0d:8b:0f:24:ee:9b:d4:3b:1a:68:3d:33:58:5a:c0:f1:27:74:
         20:6d:61:df:ac:74:c6:70:80:54:b5:a8:c0:af:7b:cd:8f:8c:
         5b:10:06:8d:73:66:e1:47:19:d3:d3:4d:9d:15:36:ee:de:25:
         07:bc:c4:7c:53:ee:92:d7:13:2f:e6:16:35:31:e7:bf:29:3a:
         27:a7:33:7a:f9:41:a5:c6:f4:d4:fe:0b:c0:72:b7:aa:10:41:
         21:79:b6:60:cf:7f:81:c3:be:15:61:f0:3f:ca:d2:0e:3d:d5:
         23:69:df:69:6e:d3:ec:39:2b:2c:b9:6c:23:0f:d7:de:72:a0:
         29:18:26:1b:24:08:fa:71:98:1d:f9:d2:7d:c1:65:e6:a9:3e:
         11:41:34:14:5e:0d:9b:48:af:85:ef:08:ff:b2:a0:7c:b7:6f:
         f8:a9:0b:31:bb:08:f6:8f:20:4e:ad:dd:fd:f4:e9:d3:5b:df:
         df:2d:c1:f5:d7:f5:d4:cc:87:c7:91:3e:a5:49:f8:9d:7b:b8:
         4c:fc:1b:33:08:a3:e3:16:ce:eb:90:d9:73:be:e7:8d:cd:f0:
         0c:76:38:d9:8d:79:6f:fb:fd:1b:be:86:68:c9:99:83:47:7a:
         22:92:72:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZamVAoYQGWCpnl/3t7V0X84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjUwNTA2MTYwMDQ3WhcNMjUwNTA3MTYwMDQ3WjAzMTEwLwYDVQQD
EyhkZjU3ODU5OTRiNzE1ODU3ZmQ5ZDlkNjk3YTNlMzJlZDk5MGY2ZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaS1lm7dRQMKcW4vp//C+2ekCxKH
6KfzIrCarCx1mlBrPVMT+ROCnTv0/i22CHTjTiulcWOjOnEClOKVNl/z+YmpXmKP
pyutQDtQxXjYkr7lHZr3ypZLUlv2+fMsAXz5ETCRaGcwqlIjCyWoZuJsrIFg8Yo+
Q5oQdKns2L3OpWojCrIrSx4kWar7VwZDC++Hs7HjiBtT2Gbo0Lm5oM/21hi+ozby
3K9dpQiRuXqZlSoZ1VrgYtjOk+3+pulUFLk84mxmswU+v6n+hfYzK0EpUmqKN1R5
2UKJ3DIxlEczGmqMvPQcYfIRNOL0byG1zbfxuLFbEGSTf5Xe1dg63ukAZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9XhZlLcVhX/Z2daXo+Mu2ZD23ZMB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiylZ1rdN
F2SaoRVT1X3HChh+DYsPJO6b1DsaaD0zWFrA8Sd0IG1h36x0xnCAVLWowK97zY+M
WxAGjXNm4UcZ09NNnRU27t4lB7zEfFPuktcTL+YWNTHnvyk6J6czevlBpcb01P4L
wHK3qhBBIXm2YM9/gcO+FWHwP8rSDj3VI2nfaW7T7DkrLLlsIw/X3nKgKRgmGyQI
+nGYHfnSfcFl5qk+EUE0FF4Nm0ivhe8I/7KgfLdv+KkLMbsI9o8gTq3d/fTp01vf
3y3B9df11MyHx5E+pUn4nXu4TPwbMwij4xbO65DZc77njc3wDHY42Y15b/v9G76G
aMmZg0d6IpJyDA==
-----END CERTIFICATE-----