Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          oKAEe2F9Zp8wbNlKhjWjnmaraUvK/0wyn0Vd7vEvSZU=
Subject key identifier:   22:65:44:EF:BC:65:5F:9C:95:40:E5:70:72:6A:A2:80:92:CF:C8:6B
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       0197CBDFE79F770290D3399067FA07026DC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          0154
Signing time:             Wed 02 Jul 2025 16:02:18 +0000
Manifest this update:     Wed 02 Jul 2025 16:02:18 +0000
Manifest next update:     Thu 03 Jul 2025 16:02:18 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: hcgmIrHx22/p+Cqb0t8wszEnKpPvOEjUNhLznD/jjLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:df:e7:9f:77:02:90:d3:39:90:67:fa:07:02:6d:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: Jul  2 16:02:18 2025 GMT
            Not After : Jul  3 16:02:18 2025 GMT
        Subject: CN=226544efbc655f9c9540e570726aa28092cfc86b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:33:64:12:0f:c0:70:12:9a:51:89:b4:67:3f:
                    40:b6:5b:65:86:58:cb:87:78:df:c0:5d:52:24:15:
                    00:7c:d8:67:12:15:6d:8d:cb:57:47:aa:17:81:4e:
                    05:40:a9:e5:5a:1c:ed:bb:82:8b:c1:2e:53:92:28:
                    fd:03:9e:2a:d7:d2:fe:23:e0:b4:30:1a:e3:7e:dd:
                    e6:17:b3:e2:f9:8c:17:ec:44:de:ca:4d:b8:61:f9:
                    0b:a4:bf:cc:65:6f:7b:40:14:43:da:8f:03:30:8d:
                    6c:9a:8d:0d:3e:e4:be:ac:2c:33:fb:b1:8b:fe:a3:
                    89:90:17:5b:18:93:38:a4:36:5d:01:52:3d:38:f6:
                    45:9f:c2:87:16:d6:4f:2b:89:21:78:73:0f:6b:f3:
                    08:e4:24:16:45:a7:5b:5e:e5:42:1d:aa:fa:1e:ef:
                    35:73:32:c9:3d:69:d4:28:50:df:f3:22:bf:dc:95:
                    f0:10:1f:a9:4b:73:ed:dc:0b:1c:e1:6b:7c:5b:21:
                    48:f6:eb:17:f2:57:4e:f7:0a:7e:ec:56:b9:a7:db:
                    24:0b:6e:48:ed:2e:79:6d:6d:33:ec:9a:87:7a:17:
                    32:f3:7c:ac:c3:b1:72:6c:84:4f:35:a0:5f:a2:96:
                    08:28:46:13:d2:81:7b:27:83:42:29:55:e3:18:ef:
                    e2:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:65:44:EF:BC:65:5F:9C:95:40:E5:70:72:6A:A2:80:92:CF:C8:6B
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:25:8d:f6:80:67:32:cd:fe:3b:ec:f5:87:d7:cb:94:ff:50:
         18:bc:52:07:58:a7:b7:cb:11:7a:6f:19:02:cb:b7:2a:0b:59:
         7f:80:26:83:39:dd:50:df:f3:fa:1d:3c:d8:ef:0d:44:71:0c:
         7d:74:4b:db:da:8c:67:d6:cb:64:95:95:0c:b3:2e:95:d7:84:
         a1:ed:2f:aa:51:d3:92:9f:25:29:33:8a:6a:ed:d8:9c:cb:cb:
         99:68:7e:4a:90:9b:8f:51:c9:3c:9d:02:95:27:ef:49:6b:95:
         6f:92:4a:f9:57:57:e7:44:c3:e8:64:67:7a:ae:ba:86:db:ef:
         51:24:d9:ef:c7:15:8e:38:ca:91:b2:1e:24:81:92:20:44:2b:
         63:ef:60:52:d4:0f:52:65:87:9e:37:7c:3d:9d:74:b2:27:3f:
         a8:17:71:a6:70:df:7b:fe:59:16:bc:5e:d9:e6:aa:37:84:52:
         ae:4a:59:f4:c9:da:ef:35:24:67:08:94:86:f0:b8:21:49:13:
         8e:fb:ec:ea:7d:b9:96:f8:7a:27:6a:ce:ec:d2:aa:aa:94:d8:
         48:aa:f4:b1:cb:83:af:55:a8:50:a7:d5:11:0e:64:1c:2f:06:
         8f:9e:d9:3b:8a:ed:6d:e2:df:43:67:f0:c1:0a:c1:37:3e:2b:
         c5:9d:ff:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL3+efdwKQ0zmQZ/oHAm3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjUwNzAyMTYwMjE4WhcNMjUwNzAzMTYwMjE4WjAzMTEwLwYDVQQD
EygyMjY1NDRlZmJjNjU1ZjljOTU0MGU1NzA3MjZhYTI4MDkyY2ZjODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTNkEg/AcBKaUYm0Zz9AtltlhljL
h3jfwF1SJBUAfNhnEhVtjctXR6oXgU4FQKnlWhztu4KLwS5Tkij9A54q19L+I+C0
MBrjft3mF7Pi+YwX7ETeyk24YfkLpL/MZW97QBRD2o8DMI1smo0NPuS+rCwz+7GL
/qOJkBdbGJM4pDZdAVI9OPZFn8KHFtZPK4kheHMPa/MI5CQWRadbXuVCHar6Hu81
czLJPWnUKFDf8yK/3JXwEB+pS3Pt3Asc4Wt8WyFI9usX8ldO9wp+7Fa5p9skC25I
7S55bW0z7JqHehcy83ysw7FybIRPNaBfopYIKEYT0oF7J4NCKVXjGO/i/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJlRO+8ZV+clUDlcHJqooCSz8hrMB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyWN9oBn
Ms3+O+z1h9fLlP9QGLxSB1int8sRem8ZAsu3KgtZf4AmgzndUN/z+h082O8NRHEM
fXRL29qMZ9bLZJWVDLMuldeEoe0vqlHTkp8lKTOKau3YnMvLmWh+SpCbj1HJPJ0C
lSfvSWuVb5JK+VdX50TD6GRneq66htvvUSTZ78cVjjjKkbIeJIGSIEQrY+9gUtQP
UmWHnjd8PZ10sic/qBdxpnDfe/5ZFrxe2eaqN4RSrkpZ9Mna7zUkZwiUhvC4IUkT
jvvs6n25lvh6J2rO7NKqqpTYSKr0scuDr1WoUKfVEQ5kHC8Gj57ZO4rtbeLfQ2fw
wQrBNz4rxZ3/Jg==
-----END CERTIFICATE-----