Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
File:                     ZLPjZgb6UsOkchyMoPszCZU0GVo.mft (raw, json)
Hash identifier:          J1wCEc9Zw5C9Jb6iSThw8Rz+IfDrUbnO5OFPk6Vjn8A=
Subject key identifier:   5B:1C:32:E5:3D:05:74:AE:33:E5:BA:0B:09:E7:D1:5A:6B:70:B0:A2
Authority key identifier: 64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A
Certificate issuer:       /CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
Certificate serial:       0197B6A1878EC95781E0AC16F2EEBB72F44E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:08 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:08 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:08 +0000
Files and hashes:         1: ZLPjZgb6UsOkchyMoPszCZU0GVo.crl (hash: MIgclyU8bqwJrHmnzNCoY6DuoLxRGKvZv6qRwQfM5NY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:87:8e:c9:57:81:e0:ac:16:f2:ee:bb:72:f4:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
        Validity
            Not Before: Jun 28 13:02:08 2025 GMT
            Not After : Jun 29 13:02:08 2025 GMT
        Subject: CN=5b1c32e53d0574ae33e5ba0b09e7d15a6b70b0a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7c:df:56:99:48:66:14:ed:3b:0a:b6:17:c6:
                    ae:49:56:36:98:42:62:4b:35:33:b0:56:71:c5:8b:
                    7f:eb:53:d1:59:67:53:04:ee:b2:1e:ad:8a:d3:01:
                    ea:aa:81:73:5f:3e:9c:cf:97:6a:eb:7b:d3:ce:e6:
                    13:3c:7c:c5:6a:1f:77:28:67:e3:94:d3:7c:dd:b8:
                    d3:20:9f:47:36:19:6d:3a:8c:6c:e3:5c:b3:11:b7:
                    35:e1:79:75:ea:d2:1a:29:6c:cf:b8:6b:52:72:cd:
                    81:af:14:4e:ef:1a:86:5e:92:b5:6b:fd:76:10:7c:
                    61:38:2d:30:51:cb:2d:92:c7:9f:53:44:a1:bf:f5:
                    0b:f2:a9:5f:de:ef:e5:07:60:91:44:6d:99:35:a8:
                    b9:77:3d:52:a7:aa:fa:59:a6:ad:8a:42:eb:1b:07:
                    55:b7:3a:2e:9e:97:bb:65:e8:e5:80:6e:4b:ae:cf:
                    85:09:de:ab:97:a6:35:03:60:5b:85:ac:0b:33:91:
                    3f:29:6d:59:d3:87:67:b7:d5:58:b2:f6:8a:ee:85:
                    5f:f1:d1:73:63:0c:9d:07:30:89:de:a9:bd:b9:7f:
                    4e:a2:08:5f:d5:15:4c:e4:8e:f3:85:14:16:2f:e9:
                    87:d1:07:0c:68:c6:5a:02:8b:1e:32:e9:4d:30:ce:
                    20:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:1C:32:E5:3D:05:74:AE:33:E5:BA:0B:09:E7:D1:5A:6B:70:B0:A2
            X509v3 Authority Key Identifier:
                keyid:64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:38:5b:5f:3a:91:16:7b:43:97:7d:38:e1:1e:bc:c6:5b:6e:
         b6:ee:64:ec:fb:c0:cb:0d:9d:ed:ac:35:75:b5:48:23:90:4c:
         ad:65:58:5c:0a:e4:de:27:33:9b:16:1b:23:73:ef:0f:65:1a:
         24:42:30:99:97:91:f6:45:5a:6e:08:20:33:cd:f7:15:03:61:
         65:3e:03:13:bd:41:e7:83:38:7b:07:c3:2a:2c:db:a0:90:21:
         45:85:7a:b8:f5:bd:e3:10:35:9b:4e:5d:b2:70:6e:de:66:a8:
         17:10:5e:51:02:44:7c:03:20:7d:ba:8d:a1:46:fb:a9:44:52:
         83:c3:cc:4b:74:1b:1c:00:68:48:f9:98:fe:3b:33:31:a6:7f:
         23:ba:7d:79:08:ff:ae:74:f2:01:41:2f:f2:8a:a5:04:7f:d3:
         06:10:94:2d:2a:be:fc:dd:e5:61:35:bc:bc:75:52:84:65:d6:
         cd:dd:da:b5:33:5c:e8:33:49:e7:6f:47:d4:cf:33:89:c8:0d:
         31:0c:70:52:e2:fc:a4:81:e3:5e:99:56:59:8a:50:ba:79:1b:
         2d:63:8a:88:7e:76:c1:48:d9:99:51:e5:8a:77:07:35:32:c9:
         2d:a9:1e:f8:fc:4c:55:42:0c:5e:1d:7a:d6:e5:40:0b:98:c8:
         2c:f0:53:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oYeOyVeB4KwW8u67cvROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjNlMzY2MDZmYTUyYzNhNDcyMWM4Y2EwZmIzMzA5OTUz
NDE5NWEwHhcNMjUwNjI4MTMwMjA4WhcNMjUwNjI5MTMwMjA4WjAzMTEwLwYDVQQD
Eyg1YjFjMzJlNTNkMDU3NGFlMzNlNWJhMGIwOWU3ZDE1YTZiNzBiMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnzfVplIZhTtOwq2F8auSVY2mEJi
SzUzsFZxxYt/61PRWWdTBO6yHq2K0wHqqoFzXz6cz5dq63vTzuYTPHzFah93KGfj
lNN83bjTIJ9HNhltOoxs41yzEbc14Xl16tIaKWzPuGtScs2BrxRO7xqGXpK1a/12
EHxhOC0wUcstksefU0Shv/UL8qlf3u/lB2CRRG2ZNai5dz1Sp6r6WaatikLrGwdV
tzounpe7ZejlgG5Lrs+FCd6rl6Y1A2BbhawLM5E/KW1Z04dnt9VYsvaK7oVf8dFz
YwydBzCJ3qm9uX9Ooghf1RVM5I7zhRQWL+mH0QcMaMZaAoseMulNMM4gsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFscMuU9BXSuM+W6Cwnn0VprcLCiMB8GA1UdIwQY
MBaAFGSz42YG+lLDpHIcjKD7MwmVNBlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUt
MGUzODFiZDQxM2QzLzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUtMGUzODFiZDQxM2Qz
LzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXThbXzqR
FntDl3044R68xltutu5k7PvAyw2d7aw1dbVII5BMrWVYXArk3iczmxYbI3PvD2Ua
JEIwmZeR9kVabgggM833FQNhZT4DE71B54M4ewfDKizboJAhRYV6uPW94xA1m05d
snBu3maoFxBeUQJEfAMgfbqNoUb7qURSg8PMS3QbHABoSPmY/jszMaZ/I7p9eQj/
rnTyAUEv8oqlBH/TBhCULSq+/N3lYTW8vHVShGXWzd3atTNc6DNJ529H1M8zicgN
MQxwUuL8pIHjXplWWYpQunkbLWOKiH52wUjZmVHlincHNTLJLake+PxMVUIMXh16
1uVAC5jILPBTmA==
-----END CERTIFICATE-----