Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
File:                     zsUHpaHlUBp61jVTNazf5j2ryQs.mft (raw, json)
Hash identifier:          K2H09kgoT7h44L5j84r9glC50pvhkuosz4xW3UkVyb8=
Subject key identifier:   0E:27:DA:1A:28:FF:1E:1D:65:23:2A:08:91:40:19:78:5A:C6:0D:9E
Authority key identifier: CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B
Certificate issuer:       /CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
Certificate serial:       0197B7EAB28C9180952AE936F1D18E1E5D9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 19:01:40 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:40 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:40 +0000
Files and hashes:         1: zsUHpaHlUBp61jVTNazf5j2ryQs.crl (hash: aou/aH9t0O34YYrhvgep5Mx/ps76ADbvq2/JMjdUL2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:b2:8c:91:80:95:2a:e9:36:f1:d1:8e:1e:5d:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
        Validity
            Not Before: Jun 28 19:01:40 2025 GMT
            Not After : Jun 29 19:01:40 2025 GMT
        Subject: CN=0e27da1a28ff1e1d65232a08914019785ac60d9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:96:32:6f:0e:8c:18:3a:23:80:f0:81:d6:5d:
                    1b:63:09:25:60:37:08:dc:2d:42:2b:13:8e:8e:42:
                    00:13:97:32:ad:72:b6:d5:9a:fa:b0:86:23:06:10:
                    b5:c0:52:98:60:85:9d:af:16:ab:31:12:8b:c2:65:
                    3d:03:44:60:e2:fe:7f:8a:71:a5:75:7e:dd:21:82:
                    97:42:cc:59:0b:0c:a8:b2:71:6f:84:2d:1c:33:77:
                    ae:fa:97:1e:d4:17:4c:9c:47:92:a0:a7:66:94:e2:
                    1d:e3:ef:f8:f6:90:73:a6:44:89:b5:1a:3d:e4:fd:
                    c6:b0:01:f0:42:d4:f4:d5:cb:4f:40:97:02:80:8d:
                    d6:6c:37:49:38:7c:55:68:da:4a:ff:89:e2:a2:b6:
                    1d:30:05:58:cc:61:f9:de:e2:fa:1c:90:bf:34:44:
                    b1:23:0c:a9:52:d1:8a:34:83:5a:0b:df:ab:48:8b:
                    03:e3:c2:46:4c:8c:28:ed:b3:da:6c:e1:7d:cb:9d:
                    4e:f7:f9:1c:09:76:c5:6f:16:b8:d4:9d:d3:6b:14:
                    3f:40:59:87:0d:7b:64:60:a5:54:31:60:0f:bd:0b:
                    3d:41:00:da:ee:b8:b3:7e:ae:4d:6e:68:3b:65:66:
                    48:b0:c1:90:a3:3e:cb:cc:87:e3:cb:82:e5:f0:9a:
                    20:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:27:DA:1A:28:FF:1E:1D:65:23:2A:08:91:40:19:78:5A:C6:0D:9E
            X509v3 Authority Key Identifier:
                keyid:CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:25:7a:7a:37:59:d8:e0:79:24:d3:0e:92:60:d1:61:5c:a5:
         99:c6:75:bd:b9:96:00:fc:ab:49:27:91:c5:08:db:20:32:8d:
         f5:cc:2b:57:4a:20:5c:5e:9b:35:ad:25:0f:02:96:ca:84:a9:
         67:ec:e8:18:eb:a2:73:f8:60:29:f5:b4:96:51:94:59:62:d8:
         49:46:02:07:33:06:3c:3f:a4:24:91:3c:d7:d3:59:fc:13:b9:
         8f:93:e6:79:85:a3:6f:25:8b:9d:67:1f:79:39:2e:bc:8a:29:
         0d:58:c0:9d:4c:ae:d9:29:b8:cd:4e:f1:49:1a:b8:f6:de:11:
         37:a2:35:ae:75:39:2e:2d:25:22:0f:f1:34:2f:33:84:ba:5f:
         fb:c1:16:01:cc:a6:33:e1:11:7b:1b:fb:27:7b:a5:aa:0a:63:
         a2:f6:99:0b:7d:55:8f:ba:b2:43:ef:56:fd:bf:52:ba:33:88:
         ce:32:c0:4b:bd:54:f4:05:ee:32:ca:36:ad:92:52:49:83:89:
         d8:32:38:9b:cb:6f:89:ed:36:4a:39:c9:17:3d:e3:68:34:92:
         bf:ea:71:f6:82:f2:e3:ea:5d:39:15:d1:50:75:07:54:c6:f5:
         36:a6:e8:33:00:d2:e3:7c:df:18:c1:77:6e:3e:6d:8f:34:7a:
         f5:5d:e3:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36rKMkYCVKuk28dGOHl2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzUwN2E1YTFlNTUwMWE3YWQ2MzU1MzM1YWNkZmU2M2Rh
YmM5MGIwHhcNMjUwNjI4MTkwMTQwWhcNMjUwNjI5MTkwMTQwWjAzMTEwLwYDVQQD
EygwZTI3ZGExYTI4ZmYxZTFkNjUyMzJhMDg5MTQwMTk3ODVhYzYwZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZYybw6MGDojgPCB1l0bYwklYDcI
3C1CKxOOjkIAE5cyrXK21Zr6sIYjBhC1wFKYYIWdrxarMRKLwmU9A0Rg4v5/inGl
dX7dIYKXQsxZCwyosnFvhC0cM3eu+pce1BdMnEeSoKdmlOId4+/49pBzpkSJtRo9
5P3GsAHwQtT01ctPQJcCgI3WbDdJOHxVaNpK/4niorYdMAVYzGH53uL6HJC/NESx
IwypUtGKNINaC9+rSIsD48JGTIwo7bPabOF9y51O9/kcCXbFbxa41J3TaxQ/QFmH
DXtkYKVUMWAPvQs9QQDa7rizfq5Nbmg7ZWZIsMGQoz7LzIfjy4Ll8JogGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4n2hoo/x4dZSMqCJFAGXhaxg2eMB8GA1UdIwQY
MBaAFM7FB6Wh5VAaetY1UzWs3+Y9q8kLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2Mt
ZDI0YWE1Nzk0ZDhiLzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2MtZDI0YWE1Nzk0ZDhi
LzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQyV6ejdZ
2OB5JNMOkmDRYVylmcZ1vbmWAPyrSSeRxQjbIDKN9cwrV0ogXF6bNa0lDwKWyoSp
Z+zoGOuic/hgKfW0llGUWWLYSUYCBzMGPD+kJJE819NZ/BO5j5PmeYWjbyWLnWcf
eTkuvIopDVjAnUyu2Sm4zU7xSRq49t4RN6I1rnU5Li0lIg/xNC8zhLpf+8EWAcym
M+ERexv7J3ulqgpjovaZC31Vj7qyQ+9W/b9SujOIzjLAS71U9AXuMso2rZJSSYOJ
2DI4m8tvie02SjnJFz3jaDSSv+px9oLy4+pdORXRUHUHVMb1NqboMwDS43zfGMF3
bj5tjzR69V3jVg==
-----END CERTIFICATE-----