Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          hevq6lK+LxTlDBw0XwepJWYZK7XgEFXmJwUJjvtf7QU=
Subject key identifier:   8B:56:85:61:9E:A8:2C:0A:66:00:E4:BE:47:54:0E:87:70:C4:98:47
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       0196CB052775DBF9D32D1744718172784A24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          CF
Signing time:             Tue 13 May 2025 19:00:34 +0000
Manifest this update:     Tue 13 May 2025 19:00:34 +0000
Manifest next update:     Wed 14 May 2025 19:00:34 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: sMv0ygonxmbpqeBIVuQwkAPAmk1RuFuyctjxQKJtWWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 19:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:05:27:75:db:f9:d3:2d:17:44:71:81:72:78:4a:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: May 13 19:00:34 2025 GMT
            Not After : May 14 19:00:34 2025 GMT
        Subject: CN=8b5685619ea82c0a6600e4be47540e8770c49847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:9b:29:63:60:fb:c5:14:05:fe:a8:2e:d0:9a:
                    2e:38:60:6b:54:eb:b7:ec:f0:9e:ef:4e:e8:b0:88:
                    f9:54:21:ff:a9:32:f1:b3:a5:73:d7:24:c9:03:7d:
                    df:b0:c4:1f:6b:5c:cd:4f:46:63:39:a4:07:ad:32:
                    4e:4a:79:0e:61:5b:1d:e2:cd:57:32:2a:b1:94:b0:
                    3b:94:f7:4e:7d:c5:f1:c1:1f:d5:a9:32:8a:91:46:
                    b2:5b:3b:21:ff:42:f9:fc:ae:5b:2f:ce:a5:61:0c:
                    85:4f:03:3a:47:61:95:d1:71:08:de:16:6f:ff:cb:
                    c0:ce:8f:f8:d6:b5:bc:8f:aa:b6:c6:e4:49:5f:3c:
                    d3:00:24:2b:2c:70:fc:94:33:88:0a:34:bd:ae:27:
                    5d:34:42:82:2c:da:11:88:71:b9:d9:de:b7:fb:b8:
                    ba:b9:af:b8:5e:75:82:e8:16:77:09:dd:07:1a:d2:
                    27:76:b6:0b:e3:c2:7b:bd:15:88:a5:e5:e1:01:b0:
                    c7:50:70:16:7b:c5:a4:51:13:18:00:47:3f:dc:f8:
                    20:ad:a7:7d:6b:cb:8c:21:01:b0:59:60:fe:69:9e:
                    7f:fa:e8:17:27:4e:28:c8:2b:22:86:65:1e:3c:ae:
                    f4:a4:74:0b:86:00:bb:22:e3:86:bf:48:c6:50:08:
                    d9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:56:85:61:9E:A8:2C:0A:66:00:E4:BE:47:54:0E:87:70:C4:98:47
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:07:99:ac:db:92:e1:18:9c:8b:62:37:45:25:f3:1d:73:d9:
         8d:09:37:72:a6:8d:35:df:4d:23:dc:56:e2:31:9d:fe:7f:d9:
         18:62:da:55:95:67:94:a6:3e:26:f5:80:df:4f:7f:f5:5c:48:
         99:33:9a:1b:16:a0:ed:65:8f:fa:2e:64:d6:5f:6f:f0:8b:2b:
         40:cf:7e:73:99:4e:45:14:55:f6:32:79:20:cf:30:01:02:b4:
         d4:46:7a:c1:39:ed:3f:bd:1c:9b:54:05:26:f9:56:bb:ae:c5:
         c4:3f:1c:c0:61:fc:db:93:0f:38:a4:7c:58:98:4e:3b:01:9e:
         bb:b2:8c:c4:49:6b:d5:69:57:3c:92:d1:55:71:d1:3c:0c:eb:
         84:4b:f2:b2:f2:87:8a:d8:86:44:d4:11:36:8c:5f:9d:e8:2f:
         20:28:9d:59:be:21:58:7e:bd:f5:15:a6:20:8f:10:4c:89:1c:
         94:11:9c:74:a7:66:0c:36:f3:e8:72:fc:a2:57:c6:f7:23:04:
         e4:20:d5:1f:06:7b:ee:9d:bb:1e:85:06:e0:ed:ee:d2:6a:5a:
         c6:e5:02:d1:5c:f0:2e:63:fb:d6:e5:20:cf:49:bd:6b:85:17:
         89:e6:8e:bd:a5:e2:37:c8:1c:8c:ae:45:7b:9a:7a:8d:94:48:
         21:5b:fb:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLBSd12/nTLRdEcYFyeEokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjUwNTEzMTkwMDM0WhcNMjUwNTE0MTkwMDM0WjAzMTEwLwYDVQQD
Eyg4YjU2ODU2MTllYTgyYzBhNjYwMGU0YmU0NzU0MGU4NzcwYzQ5ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpspY2D7xRQF/qgu0JouOGBrVOu3
7PCe707osIj5VCH/qTLxs6Vz1yTJA33fsMQfa1zNT0ZjOaQHrTJOSnkOYVsd4s1X
MiqxlLA7lPdOfcXxwR/VqTKKkUayWzsh/0L5/K5bL86lYQyFTwM6R2GV0XEI3hZv
/8vAzo/41rW8j6q2xuRJXzzTACQrLHD8lDOICjS9riddNEKCLNoRiHG52d63+7i6
ua+4XnWC6BZ3Cd0HGtIndrYL48J7vRWIpeXhAbDHUHAWe8WkURMYAEc/3Pggrad9
a8uMIQGwWWD+aZ5/+ugXJ04oyCsihmUePK70pHQLhgC7IuOGv0jGUAjZ7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItWhWGeqCwKZgDkvkdUDodwxJhHMB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvQeZrNuS
4Rici2I3RSXzHXPZjQk3cqaNNd9NI9xW4jGd/n/ZGGLaVZVnlKY+JvWA309/9VxI
mTOaGxag7WWP+i5k1l9v8IsrQM9+c5lORRRV9jJ5IM8wAQK01EZ6wTntP70cm1QF
JvlWu67FxD8cwGH825MPOKR8WJhOOwGeu7KMxElr1WlXPJLRVXHRPAzrhEvysvKH
itiGRNQRNoxfnegvICidWb4hWH699RWmII8QTIkclBGcdKdmDDbz6HL8olfG9yME
5CDVHwZ77p27HoUG4O3u0mpaxuUC0VzwLmP71uUgz0m9a4UXieaOvaXiN8gcjK5F
e5p6jZRIIVv7FA==
-----END CERTIFICATE-----