Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File:                     ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier:          DyLEaFUG5X8z3ybG42vbbRpEawczZRzHSW+RNsBNZGU=
Subject key identifier:   9B:79:9D:E5:C5:F9:38:56:67:7B:79:5B:44:45:B7:87:D9:E7:C7:2F
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer:       /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial:       0196C6F11CF4C267D3A78D7DE36AD84425AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number:          BB
Signing time:             Tue 13 May 2025 00:00:12 +0000
Manifest this update:     Tue 13 May 2025 00:00:12 +0000
Manifest next update:     Wed 14 May 2025 00:00:12 +0000
Files and hashes:         1: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: a+IdaT8NxVLIbrA1ImtZjMqrFJWcMCa34Jd9YCSfseg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 00:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:f1:1c:f4:c2:67:d3:a7:8d:7d:e3:6a:d8:44:25:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
        Validity
            Not Before: May 13 00:00:12 2025 GMT
            Not After : May 14 00:00:12 2025 GMT
        Subject: CN=9b799de5c5f93856677b795b4445b787d9e7c72f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a6:54:1e:e3:91:c8:02:44:15:85:3c:12:da:
                    c4:16:50:f2:e8:b0:85:90:a4:02:03:ff:01:cc:c2:
                    dd:d2:52:be:74:51:82:d3:65:db:e7:11:ad:95:b6:
                    4c:c8:29:67:c5:ee:de:38:75:6d:27:b2:aa:33:3e:
                    7d:66:bd:5c:fd:9f:b0:e1:23:d3:15:bd:c1:4e:50:
                    bb:94:5b:58:47:5e:1a:49:af:55:dc:77:f8:a1:eb:
                    b1:8b:d4:96:4c:b2:52:62:e1:df:1f:30:5a:81:47:
                    e7:5e:8c:3d:79:7c:aa:0d:bb:eb:4f:8c:8d:42:cc:
                    36:c7:63:f6:65:1a:c3:9c:77:62:36:ac:69:07:8b:
                    2c:dd:34:c3:cf:2b:ff:d4:a3:2a:32:02:c9:bc:51:
                    dd:b5:86:b7:62:69:e8:9d:b2:f6:1f:2f:5d:22:5f:
                    9b:25:bd:f4:6b:9b:a2:f6:99:8b:a9:f4:e4:1d:28:
                    0b:36:00:1b:52:54:91:6b:c1:44:cc:89:84:ec:c7:
                    44:72:80:fb:c6:10:a6:b0:76:51:60:30:46:22:06:
                    16:d2:4a:05:8b:b3:06:b9:ca:c2:6d:41:64:29:e1:
                    17:48:2d:c3:80:83:01:e7:2d:75:e6:d7:c9:db:12:
                    a0:41:d5:40:4d:90:4a:4c:95:d3:ca:96:ef:c9:83:
                    22:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:79:9D:E5:C5:F9:38:56:67:7B:79:5B:44:45:B7:87:D9:E7:C7:2F
            X509v3 Authority Key Identifier:
                keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:3c:72:f8:d0:7e:8e:7a:76:94:a5:aa:c1:b2:1e:8a:97:c1:
         12:6d:07:37:ee:36:91:8c:c7:c8:ee:27:5a:ab:97:20:50:d7:
         f6:9f:7d:db:e3:29:9d:71:5f:e3:d3:ac:0b:d2:58:e5:46:3e:
         c4:ef:87:b3:82:33:64:5a:b6:13:33:3e:dc:22:8a:2f:b8:e2:
         63:8d:eb:46:01:12:33:80:4b:90:12:20:b1:c6:94:51:e8:b8:
         9d:34:11:f5:e5:d1:de:93:74:28:4c:bb:46:fc:84:52:86:8f:
         4b:1b:89:31:8f:5a:13:c3:27:63:56:89:a2:b8:a4:e9:05:c7:
         b4:b2:d9:09:90:01:46:2f:de:80:79:76:29:7c:62:9c:74:b5:
         4d:f3:d1:61:26:32:28:02:95:84:f1:b0:af:e9:97:7d:f8:86:
         5b:f2:e8:13:c6:ef:75:37:a4:ce:9e:d9:51:74:b9:74:c8:cc:
         40:6c:1e:74:20:80:e0:ea:da:2d:4c:e6:e6:06:86:16:04:ab:
         9c:e0:0f:21:ae:2f:4e:cb:2f:a2:d9:2f:f2:08:66:08:49:45:
         f7:2f:3f:42:55:18:64:bb:5b:a6:73:e0:33:f4:58:60:7d:21:
         29:41:d0:7e:79:4d:7b:fd:49:08:5e:3e:46:d2:cb:c9:5f:dc:
         43:2e:58:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbG8Rz0wmfTp41942rYRCWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjUwNTEzMDAwMDEyWhcNMjUwNTE0MDAwMDEyWjAzMTEwLwYDVQQD
Eyg5Yjc5OWRlNWM1ZjkzODU2Njc3Yjc5NWI0NDQ1Yjc4N2Q5ZTdjNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaZUHuORyAJEFYU8EtrEFlDy6LCF
kKQCA/8BzMLd0lK+dFGC02Xb5xGtlbZMyClnxe7eOHVtJ7KqMz59Zr1c/Z+w4SPT
Fb3BTlC7lFtYR14aSa9V3Hf4oeuxi9SWTLJSYuHfHzBagUfnXow9eXyqDbvrT4yN
Qsw2x2P2ZRrDnHdiNqxpB4ss3TTDzyv/1KMqMgLJvFHdtYa3YmnonbL2Hy9dIl+b
Jb30a5ui9pmLqfTkHSgLNgAbUlSRa8FEzImE7MdEcoD7xhCmsHZRYDBGIgYW0koF
i7MGucrCbUFkKeEXSC3DgIMB5y115tfJ2xKgQdVATZBKTJXTypbvyYMiqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt5neXF+ThWZ3t5W0RFt4fZ58cvMB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDxy+NB+
jnp2lKWqwbIeipfBEm0HN+42kYzHyO4nWquXIFDX9p992+MpnXFf49OsC9JY5UY+
xO+Hs4IzZFq2EzM+3CKKL7jiY43rRgESM4BLkBIgscaUUei4nTQR9eXR3pN0KEy7
RvyEUoaPSxuJMY9aE8MnY1aJorik6QXHtLLZCZABRi/egHl2KXxinHS1TfPRYSYy
KAKVhPGwr+mXffiGW/LoE8bvdTekzp7ZUXS5dMjMQGwedCCA4OraLUzm5gaGFgSr
nOAPIa4vTssvotkv8ghmCElF9y8/QlUYZLtbpnPgM/RYYH0hKUHQfnlNe/1JCF4+
RtLLyV/cQy5YmQ==
-----END CERTIFICATE-----