Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          xcXAUkQgDQp1IRQIDr/6ZKQrzb4FjifV0rMPKzmDubk=
Subject key identifier:   03:2A:D9:42:42:1E:37:5B:FB:8F:67:0D:27:18:E2:9E:BA:06:36:92
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       0198D54E36B4F78D15ACEC86869CD7539ACF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0A82
Signing time:             Sat 23 Aug 2025 05:02:09 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:09 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:09 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: 3OTM6cBLA396qmcNKFljLVFgUmE37HWZJu4p6SLBZYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:36:b4:f7:8d:15:ac:ec:86:86:9c:d7:53:9a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Aug 23 05:02:09 2025 GMT
            Not After : Aug 24 05:02:09 2025 GMT
        Subject: CN=032ad942421e375bfb8f670d2718e29eba063692
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:20:02:cd:f4:da:8e:51:41:b4:c8:3a:9f:23:
                    65:1c:5d:2f:cf:37:14:13:fe:c3:e9:f1:a6:16:bd:
                    bc:12:83:5b:c6:98:ac:e5:43:bf:01:76:62:fc:cd:
                    6d:00:34:cf:a1:50:19:d0:03:2f:7e:2d:95:b9:41:
                    76:a7:c0:5f:3d:ed:19:aa:3a:90:0a:51:1f:28:7e:
                    e7:f3:11:e8:8b:03:cf:42:bf:1b:8e:16:35:5d:2a:
                    74:71:b5:91:25:a4:29:8c:ae:bf:b0:0f:9a:c4:63:
                    7a:02:2d:17:ce:74:4a:97:7c:94:50:ac:a0:81:74:
                    63:cf:79:ba:85:49:75:4c:96:2e:65:6c:56:c9:e0:
                    7b:f6:b0:a1:35:a5:71:c8:73:4d:76:f6:2c:9a:a8:
                    d3:a2:4e:a9:69:05:f1:be:a9:c8:eb:97:fe:71:f0:
                    51:ff:14:7a:1d:a5:89:32:4e:99:d8:4e:ed:7b:f7:
                    16:3c:f7:25:1c:2b:77:5b:7b:61:81:2f:e0:34:3d:
                    8a:ec:67:24:92:d7:b3:ce:cc:6d:3d:74:f7:64:be:
                    cc:57:8d:0b:a1:45:d5:ce:0c:50:12:fe:d7:de:73:
                    1c:7e:41:3d:4a:a7:7b:44:87:e1:25:21:10:62:31:
                    84:7c:e3:83:c1:4f:79:04:51:a1:d2:27:2d:a6:69:
                    d0:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:2A:D9:42:42:1E:37:5B:FB:8F:67:0D:27:18:E2:9E:BA:06:36:92
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:02:97:df:b6:de:0f:4a:de:2b:82:67:2f:5e:fe:cc:25:6a:
         97:ac:1f:3a:f0:ce:ab:db:77:00:74:6c:32:cd:71:c6:7c:bf:
         35:b5:0e:89:40:d2:8d:df:e2:68:79:2c:d0:c0:58:72:2e:c5:
         e6:ac:8f:6d:cb:ef:e1:02:7f:0c:ea:a7:1e:24:c4:dd:34:1d:
         0e:8b:69:45:aa:83:35:11:ba:73:d7:70:5e:5e:a4:bb:f1:c3:
         0c:7d:d2:fb:65:a4:10:70:1c:bb:7c:70:7f:7f:f4:54:d9:84:
         6c:28:3a:95:08:4b:04:7f:c3:32:72:87:1f:3e:d3:51:a1:1e:
         ee:d1:e8:77:98:d3:b6:60:e6:8d:2a:58:81:26:af:c7:cb:39:
         68:92:48:a4:7a:64:08:33:93:6b:2f:21:f3:91:8f:ee:83:4c:
         e4:c3:a5:99:8a:9e:f7:8c:0a:26:3b:33:df:50:f9:d2:4e:ea:
         a7:a0:77:e7:1b:99:65:72:24:87:ab:c8:8c:64:d9:5f:80:25:
         07:09:68:8a:c8:84:1a:6e:81:84:04:7e:16:ba:33:21:36:72:
         bc:d1:b9:22:30:5f:7f:dd:ca:e6:09:e7:4c:63:60:08:17:68:
         2c:eb:62:48:e8:bb:87:cd:d2:f9:32:31:ef:3b:54:70:11:62:
         43:3c:60:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTja0940VrOyGhpzXU5rPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwODIzMDUwMjA5WhcNMjUwODI0MDUwMjA5WjAzMTEwLwYDVQQD
EygwMzJhZDk0MjQyMWUzNzViZmI4ZjY3MGQyNzE4ZTI5ZWJhMDYzNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiACzfTajlFBtMg6nyNlHF0vzzcU
E/7D6fGmFr28EoNbxpis5UO/AXZi/M1tADTPoVAZ0AMvfi2VuUF2p8BfPe0ZqjqQ
ClEfKH7n8xHoiwPPQr8bjhY1XSp0cbWRJaQpjK6/sA+axGN6Ai0XznRKl3yUUKyg
gXRjz3m6hUl1TJYuZWxWyeB79rChNaVxyHNNdvYsmqjTok6paQXxvqnI65f+cfBR
/xR6HaWJMk6Z2E7te/cWPPclHCt3W3thgS/gND2K7GckktezzsxtPXT3ZL7MV40L
oUXVzgxQEv7X3nMcfkE9Sqd7RIfhJSEQYjGEfOODwU95BFGh0ictpmnQtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMq2UJCHjdb+49nDScY4p66BjaSMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmgKX37be
D0reK4JnL17+zCVql6wfOvDOq9t3AHRsMs1xxny/NbUOiUDSjd/iaHks0MBYci7F
5qyPbcvv4QJ/DOqnHiTE3TQdDotpRaqDNRG6c9dwXl6ku/HDDH3S+2WkEHAcu3xw
f3/0VNmEbCg6lQhLBH/DMnKHHz7TUaEe7tHod5jTtmDmjSpYgSavx8s5aJJIpHpk
CDOTay8h85GP7oNM5MOlmYqe94wKJjsz31D50k7qp6B35xuZZXIkh6vIjGTZX4Al
BwloisiEGm6BhAR+FrozITZyvNG5IjBff93K5gnnTGNgCBdoLOtiSOi7h83S+TIx
7ztUcBFiQzxgrQ==
-----END CERTIFICATE-----