Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
File:                     ZLPjZgb6UsOkchyMoPszCZU0GVo.mft (raw, json)
Hash identifier:          u6N/bWU9DSU5NxJPXcotESYKmIeDPqdSRxVL225gCI8=
Subject key identifier:   24:22:4D:8C:5A:3D:31:F0:D4:88:9D:9D:6C:D0:FD:EC:32:72:35:81
Authority key identifier: 64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A
Certificate issuer:       /CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
Certificate serial:       0196C15E01CF7F59A019CDDD306E60C396F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
Manifest number:          1533
Signing time:             Sun 11 May 2025 22:01:25 +0000
Manifest this update:     Sun 11 May 2025 22:01:25 +0000
Manifest next update:     Mon 12 May 2025 22:01:25 +0000
Files and hashes:         1: ZLPjZgb6UsOkchyMoPszCZU0GVo.crl (hash: Ya190NrkZBszjGzEc1r6tjpUmRPn7XpbTzmZrPFbbRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5e:01:cf:7f:59:a0:19:cd:dd:30:6e:60:c3:96:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
        Validity
            Not Before: May 11 22:01:25 2025 GMT
            Not After : May 12 22:01:25 2025 GMT
        Subject: CN=24224d8c5a3d31f0d4889d9d6cd0fdec32723581
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:41:79:3a:26:29:92:ac:7d:5a:26:3d:13:92:
                    f3:f5:77:58:40:ba:19:2d:91:d6:55:80:d3:c3:b0:
                    33:bd:d3:df:81:1f:a6:6c:fd:39:7a:10:9a:a7:4d:
                    51:71:0e:59:97:fb:59:fd:07:c1:a4:c8:9e:0a:89:
                    1b:7e:bf:62:b3:b9:0e:b0:83:8d:0a:a4:b7:89:aa:
                    4c:f9:f2:b3:cd:93:b0:19:ca:2d:7f:f4:2a:aa:92:
                    c4:27:9e:e5:0f:eb:ee:9a:77:dd:83:46:7e:41:5b:
                    55:db:5b:c9:b7:71:05:cb:ac:f8:fa:99:22:6a:6f:
                    7a:42:34:27:25:5e:86:9b:28:5e:99:32:38:0d:d0:
                    00:6d:93:d0:14:dc:57:ad:09:19:a7:80:b5:b6:97:
                    90:82:62:d2:a5:93:66:3b:a8:2c:ce:8a:d7:98:e0:
                    65:c0:56:36:46:ae:7f:32:f2:5b:13:5f:95:cf:26:
                    b5:4c:91:f2:af:f6:d3:90:4b:ee:1d:ff:b7:8d:be:
                    08:98:de:f1:10:17:5f:f0:5a:ff:3b:7d:29:4d:e1:
                    1c:40:e5:73:ae:69:8c:ce:7e:5c:b6:e1:ef:d6:91:
                    07:a1:cd:cb:b6:b0:91:db:b9:68:13:e1:2b:ab:aa:
                    b0:b8:df:7c:e2:76:9b:6e:8a:f6:fe:e1:35:b9:c1:
                    d1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:22:4D:8C:5A:3D:31:F0:D4:88:9D:9D:6C:D0:FD:EC:32:72:35:81
            X509v3 Authority Key Identifier:
                keyid:64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:77:4d:29:cc:48:35:9e:04:27:6c:5e:24:d5:64:75:93:05:
         70:49:42:b4:12:94:6f:ea:22:da:87:94:e6:0f:1d:a9:2a:d0:
         2b:86:fc:06:52:11:a9:f9:47:2f:2c:42:91:04:26:53:f7:28:
         64:e3:27:86:dc:2b:6e:65:e0:08:10:fb:18:7f:62:a5:f5:83:
         2c:60:3b:83:c5:ca:b2:ca:eb:bd:a6:f5:c0:66:be:35:f2:25:
         e6:b5:74:43:d9:b6:09:53:97:25:2f:d3:c7:9a:72:b5:35:2b:
         7d:8f:5a:70:56:fe:c1:a9:8e:61:62:6c:96:b9:4e:57:34:05:
         1a:5f:95:e1:c0:be:3b:c9:5d:e4:7a:b0:eb:2e:fa:cd:72:0c:
         dc:84:a3:10:a3:8b:8c:4b:ae:6f:9c:fe:c9:50:46:1b:a7:fc:
         6d:57:aa:73:7f:2b:fe:ef:e7:fa:86:4f:41:12:39:75:17:8c:
         81:d7:f9:25:d3:42:a6:3a:4f:42:db:ff:d9:b8:2b:28:86:49:
         11:db:b3:3f:94:83:7b:14:c4:78:b7:18:30:55:54:db:9d:f7:
         73:f8:b6:6c:84:3f:1c:03:ac:3b:f5:f6:65:d8:e7:60:8e:e9:
         be:b7:0a:5c:95:f0:26:ff:2b:6b:45:23:ab:7f:8b:45:18:88:
         ce:e3:bf:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXgHPf1mgGc3dMG5gw5bzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjNlMzY2MDZmYTUyYzNhNDcyMWM4Y2EwZmIzMzA5OTUz
NDE5NWEwHhcNMjUwNTExMjIwMTI1WhcNMjUwNTEyMjIwMTI1WjAzMTEwLwYDVQQD
EygyNDIyNGQ4YzVhM2QzMWYwZDQ4ODlkOWQ2Y2QwZmRlYzMyNzIzNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUF5OiYpkqx9WiY9E5Lz9XdYQLoZ
LZHWVYDTw7AzvdPfgR+mbP05ehCap01RcQ5Zl/tZ/QfBpMieCokbfr9is7kOsION
CqS3iapM+fKzzZOwGcotf/QqqpLEJ57lD+vumnfdg0Z+QVtV21vJt3EFy6z4+pki
am96QjQnJV6GmyhemTI4DdAAbZPQFNxXrQkZp4C1tpeQgmLSpZNmO6gszorXmOBl
wFY2Rq5/MvJbE1+Vzya1TJHyr/bTkEvuHf+3jb4ImN7xEBdf8Fr/O30pTeEcQOVz
rmmMzn5ctuHv1pEHoc3LtrCR27loE+Erq6qwuN984nabbor2/uE1ucHRUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQiTYxaPTHw1IidnWzQ/ewycjWBMB8GA1UdIwQY
MBaAFGSz42YG+lLDpHIcjKD7MwmVNBlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUt
MGUzODFiZDQxM2QzLzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUtMGUzODFiZDQxM2Qz
LzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAandNKcxI
NZ4EJ2xeJNVkdZMFcElCtBKUb+oi2oeU5g8dqSrQK4b8BlIRqflHLyxCkQQmU/co
ZOMnhtwrbmXgCBD7GH9ipfWDLGA7g8XKssrrvab1wGa+NfIl5rV0Q9m2CVOXJS/T
x5pytTUrfY9acFb+wamOYWJslrlOVzQFGl+V4cC+O8ld5Hqw6y76zXIM3ISjEKOL
jEuub5z+yVBGG6f8bVeqc38r/u/n+oZPQRI5dReMgdf5JdNCpjpPQtv/2bgrKIZJ
EduzP5SDexTEeLcYMFVU2533c/i2bIQ/HAOsO/X2ZdjnYI7pvrcKXJXwJv8ra0Uj
q3+LRRiIzuO/oQ==
-----END CERTIFICATE-----