Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          hy+r3zMIu0e5kQuxFPcEot0h1j3icg+EMHGvQsBu3MM=
Subject key identifier:   34:DB:08:61:3B:F0:A5:12:0A:0F:18:33:7E:DF:CA:28:6B:EA:5D:44
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       0197C6EFE5D7A30D1C8D744BB98B77B8CDB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          09F6
Signing time:             Tue 01 Jul 2025 17:01:40 +0000
Manifest this update:     Tue 01 Jul 2025 17:01:40 +0000
Manifest next update:     Wed 02 Jul 2025 17:01:40 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: qy3ULef4zSfYAQiYd9y1/wOBRVV3AwmDqlxThnlu9Tw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 16:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:ef:e5:d7:a3:0d:1c:8d:74:4b:b9:8b:77:b8:cd:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Jul  1 17:01:40 2025 GMT
            Not After : Jul  2 17:01:40 2025 GMT
        Subject: CN=34db08613bf0a5120a0f18337edfca286bea5d44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:3c:52:e5:3c:2e:db:38:bd:e8:2c:b0:d8:28:
                    15:58:b7:88:f3:00:24:49:12:9e:dc:73:76:22:d5:
                    fa:af:32:a7:51:8e:a1:7d:ba:c8:e6:87:98:e7:78:
                    48:2a:b1:d1:fb:c6:26:ba:54:78:55:cc:4a:75:ca:
                    b2:e1:c4:df:11:ca:db:49:c2:51:e8:6b:e4:96:c7:
                    1f:c7:0e:3c:9f:31:d7:a0:57:25:7a:24:48:79:25:
                    b4:58:d5:94:97:64:2b:ac:e8:4e:fc:92:45:b3:53:
                    13:71:38:a0:ea:41:f0:9a:6f:35:4c:b4:d3:b3:29:
                    b7:b2:5f:87:73:f7:af:6a:75:96:6a:78:b2:77:84:
                    9c:7f:2f:ec:e5:71:18:3a:8b:ae:d9:c8:4e:a8:6f:
                    1c:30:02:81:66:cd:98:bb:29:ba:c1:5e:7e:d5:5b:
                    80:46:8d:a4:e1:93:32:b8:04:c3:34:0e:0d:d0:3a:
                    52:f9:c6:16:06:97:78:c3:fe:c3:ff:63:61:5e:22:
                    d7:ae:88:62:14:6f:34:73:33:42:81:bc:ea:4e:32:
                    45:a2:fb:6b:51:3c:c6:03:2a:63:00:d9:1f:67:cc:
                    e9:e8:45:68:50:76:58:e0:b2:0d:75:fa:a8:b2:88:
                    7e:a8:0a:ef:9a:50:94:d8:6e:0c:0e:53:81:d8:0c:
                    0a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:DB:08:61:3B:F0:A5:12:0A:0F:18:33:7E:DF:CA:28:6B:EA:5D:44
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:a9:36:6d:d5:ae:51:e3:c4:b4:5a:7c:b3:f0:72:36:3d:fc:
         08:42:eb:20:be:8e:1d:cd:2c:d7:7d:65:e3:c8:93:f0:9b:f6:
         b1:ae:ca:18:95:e1:12:47:2a:dd:f3:7b:1f:4d:8e:52:77:ce:
         d3:17:77:75:fc:81:57:86:e9:03:16:bc:16:27:a5:0a:3f:73:
         72:3c:7c:b9:7f:ca:87:ea:d0:8d:c6:83:4c:44:17:53:a2:06:
         fc:a2:67:8c:17:d4:35:d8:82:cc:20:93:32:b5:af:ab:06:b9:
         90:49:18:1a:72:89:e5:9c:e7:30:3f:3d:d6:57:d7:1c:2d:3f:
         59:9f:5f:85:66:f3:0d:c2:38:38:f3:73:e4:1c:b1:57:78:a8:
         48:37:b9:8e:81:57:21:6f:78:51:bf:82:28:2b:ef:2d:20:ac:
         95:90:31:fd:4e:55:51:56:5e:77:18:84:b4:9c:81:39:5b:88:
         db:ed:cd:d8:53:e2:ca:07:d5:11:7e:2e:45:c7:e2:af:56:9d:
         80:6a:ac:28:f6:a8:a2:e7:de:85:1a:30:6a:b9:da:47:f9:62:
         92:c3:33:00:c0:9e:a8:77:2d:0f:df:2c:38:e0:07:c6:d4:b4:
         5b:ca:56:a2:b3:31:c3:d9:26:7f:7a:97:a7:6c:95:4b:48:35:
         ef:ab:08:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfG7+XXow0cjXRLuYt3uM20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwNzAxMTcwMTQwWhcNMjUwNzAyMTcwMTQwWjAzMTEwLwYDVQQD
EygzNGRiMDg2MTNiZjBhNTEyMGEwZjE4MzM3ZWRmY2EyODZiZWE1ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzxS5Twu2zi96Cyw2CgVWLeI8wAk
SRKe3HN2ItX6rzKnUY6hfbrI5oeY53hIKrHR+8YmulR4VcxKdcqy4cTfEcrbScJR
6Gvklscfxw48nzHXoFcleiRIeSW0WNWUl2QrrOhO/JJFs1MTcTig6kHwmm81TLTT
sym3sl+Hc/evanWWaniyd4Scfy/s5XEYOouu2chOqG8cMAKBZs2Yuym6wV5+1VuA
Ro2k4ZMyuATDNA4N0DpS+cYWBpd4w/7D/2NhXiLXrohiFG80czNCgbzqTjJFovtr
UTzGAypjANkfZ8zp6EVoUHZY4LINdfqosoh+qArvmlCU2G4MDlOB2AwKmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTbCGE78KUSCg8YM37fyihr6l1EMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg6k2bdWu
UePEtFp8s/ByNj38CELrIL6OHc0s131l48iT8Jv2sa7KGJXhEkcq3fN7H02OUnfO
0xd3dfyBV4bpAxa8FielCj9zcjx8uX/Kh+rQjcaDTEQXU6IG/KJnjBfUNdiCzCCT
MrWvqwa5kEkYGnKJ5ZznMD891lfXHC0/WZ9fhWbzDcI4OPNz5ByxV3ioSDe5joFX
IW94Ub+CKCvvLSCslZAx/U5VUVZedxiEtJyBOVuI2+3N2FPiygfVEX4uRcfir1ad
gGqsKPaooufehRowarnaR/liksMzAMCeqHctD98sOOAHxtS0W8pWorMxw9kmf3qX
p2yVS0g176sIRQ==
-----END CERTIFICATE-----