Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          4k2Tgbo5xxDGztat9Np4bN8exdysOElOeJ61S/WTeP4=
Subject key identifier:   2F:89:D7:2A:C7:50:20:90:EA:DD:DD:12:B3:65:32:03:01:CA:4F:59
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       0196C9F2CBCA9EB0B6B4712FA24D0DF0D5BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0973
Signing time:             Tue 13 May 2025 14:00:54 +0000
Manifest this update:     Tue 13 May 2025 14:00:54 +0000
Manifest next update:     Wed 14 May 2025 14:00:54 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: fx5lmLVqaW74R5Q0QVdgsfjPvvnaAyDm07c0tEeqNYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 14:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:f2:cb:ca:9e:b0:b6:b4:71:2f:a2:4d:0d:f0:d5:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: May 13 14:00:54 2025 GMT
            Not After : May 14 14:00:54 2025 GMT
        Subject: CN=2f89d72ac7502090eadddd12b365320301ca4f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:03:7b:c5:0d:ae:b0:d8:3b:ee:2b:24:62:18:
                    2c:12:07:5b:86:a9:e8:13:64:15:f1:ce:f3:f2:b6:
                    bc:be:d0:f0:50:2f:7a:df:10:a0:31:e9:a7:33:be:
                    61:2c:71:63:8c:72:57:bb:76:44:78:63:06:60:c2:
                    53:bd:d4:03:8a:7b:75:49:e7:74:cc:ec:a1:bf:a3:
                    a2:d5:26:e5:a0:8d:48:99:61:81:59:ed:78:c2:f2:
                    38:f1:59:3e:b9:89:34:b8:07:d1:db:b0:df:6c:ab:
                    b3:de:c0:c8:f2:36:8d:ef:2b:b9:f9:d2:28:0d:ae:
                    9d:bf:2d:87:b2:0b:74:2d:09:bb:2d:b9:ad:22:d8:
                    60:ef:e7:b3:11:91:51:ba:2a:38:b4:bd:6e:1e:30:
                    5c:3b:2f:23:3c:9a:ed:51:0a:4f:47:51:06:65:70:
                    94:0f:d9:e9:e8:a1:4e:01:de:b7:bc:8b:8f:2c:ed:
                    81:42:bf:3a:a3:92:03:35:80:cf:50:1d:0d:cf:5d:
                    8d:1c:ed:40:db:85:ad:76:e7:73:4d:68:d1:dc:1a:
                    ae:4f:9c:99:d8:e8:5c:30:88:50:e2:86:59:e8:7a:
                    68:27:05:fc:bb:94:ba:9e:95:22:ed:4e:8e:e0:e6:
                    1c:09:49:91:75:8e:a9:ff:2f:1c:d0:0f:63:86:dd:
                    3a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:89:D7:2A:C7:50:20:90:EA:DD:DD:12:B3:65:32:03:01:CA:4F:59
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:90:62:2e:95:df:5b:d2:c2:bb:77:b4:54:98:f7:14:a5:27:
         dc:b1:99:94:4d:03:28:02:c9:da:aa:c2:e5:f4:42:8d:d7:3d:
         5a:b1:27:11:70:bb:e9:bd:6b:91:6a:0e:fe:10:04:b1:bd:8c:
         31:49:5e:e4:cb:7f:a7:6e:9a:d1:04:67:cf:1d:98:f0:6d:8e:
         15:bf:75:cf:9b:ef:b2:f3:65:a1:8a:ab:28:1e:f8:ca:e5:e5:
         a8:e7:a0:33:67:dc:18:ad:b1:76:e3:57:d8:cf:9d:44:94:22:
         d8:e4:ef:d9:07:66:02:d2:f8:8b:43:42:3d:fa:c7:1b:06:2e:
         76:34:db:11:2e:65:85:61:76:02:31:08:bb:f1:47:32:72:ae:
         b8:cc:5e:32:0f:d4:c2:75:10:f1:a0:1b:9e:65:e3:18:b0:43:
         3e:a4:59:fe:11:ff:f4:7b:d3:41:3e:c7:7d:05:08:85:c2:38:
         6b:d1:b9:cb:48:3d:f5:6d:75:32:57:58:89:ff:84:47:44:13:
         15:32:43:a5:53:e9:d6:f3:c7:b5:3a:e5:17:4e:79:8c:25:68:
         11:7e:b8:93:cc:2b:58:7d:a1:7e:b3:ed:54:92:7e:e7:32:7b:
         e4:80:67:98:aa:52:d2:89:60:a2:76:2d:82:44:3e:10:d6:df:
         06:cc:2d:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJ8svKnrC2tHEvok0N8NW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwNTEzMTQwMDU0WhcNMjUwNTE0MTQwMDU0WjAzMTEwLwYDVQQD
EygyZjg5ZDcyYWM3NTAyMDkwZWFkZGRkMTJiMzY1MzIwMzAxY2E0ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AN7xQ2usNg77iskYhgsEgdbhqno
E2QV8c7z8ra8vtDwUC963xCgMemnM75hLHFjjHJXu3ZEeGMGYMJTvdQDint1Sed0
zOyhv6Oi1SbloI1ImWGBWe14wvI48Vk+uYk0uAfR27DfbKuz3sDI8jaN7yu5+dIo
Da6dvy2Hsgt0LQm7LbmtIthg7+ezEZFRuio4tL1uHjBcOy8jPJrtUQpPR1EGZXCU
D9np6KFOAd63vIuPLO2BQr86o5IDNYDPUB0Nz12NHO1A24WtdudzTWjR3BquT5yZ
2OhcMIhQ4oZZ6HpoJwX8u5S6npUi7U6O4OYcCUmRdY6p/y8c0A9jht06bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+J1yrHUCCQ6t3dErNlMgMByk9ZMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEpBiLpXf
W9LCu3e0VJj3FKUn3LGZlE0DKALJ2qrC5fRCjdc9WrEnEXC76b1rkWoO/hAEsb2M
MUle5Mt/p26a0QRnzx2Y8G2OFb91z5vvsvNloYqrKB74yuXlqOegM2fcGK2xduNX
2M+dRJQi2OTv2QdmAtL4i0NCPfrHGwYudjTbES5lhWF2AjEIu/FHMnKuuMxeMg/U
wnUQ8aAbnmXjGLBDPqRZ/hH/9HvTQT7HfQUIhcI4a9G5y0g99W11MldYif+ER0QT
FTJDpVPp1vPHtTrlF055jCVoEX64k8wrWH2hfrPtVJJ+5zJ75IBnmKpS0olgonYt
gkQ+ENbfBswtSQ==
-----END CERTIFICATE-----