Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
File:                     PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft (raw, json)
Hash identifier:          gdWCqk3V3nV/caAUWKoGniKclkAhk/uYnv2OerVc4RE=
Subject key identifier:   A3:95:2B:82:70:C2:9C:DC:A9:96:5A:E0:1C:F0:FB:70:34:F7:3F:04
Authority key identifier: 3F:37:C9:4A:96:C4:8F:CF:84:12:8E:84:7A:E9:02:0D:6B:C6:63:04
Certificate issuer:       /CN=3f37c94a96c48fcf84128e847ae9020d6bc66304
Certificate serial:       0196586FF211DCA4FCC9FA771BC9B09F5F0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
Manifest number:          0F9F
Signing time:             Mon 21 Apr 2025 13:00:53 +0000
Manifest this update:     Mon 21 Apr 2025 13:00:53 +0000
Manifest next update:     Tue 22 Apr 2025 13:00:53 +0000
Files and hashes:         1: PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl (hash: t+/cOjee21JYKCTEF0gtYnDrFon2bO1kkWG0sT2RiEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 13:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:6f:f2:11:dc:a4:fc:c9:fa:77:1b:c9:b0:9f:5f:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f37c94a96c48fcf84128e847ae9020d6bc66304
        Validity
            Not Before: Apr 21 13:00:53 2025 GMT
            Not After : Apr 22 13:00:53 2025 GMT
        Subject: CN=a3952b8270c29cdca9965ae01cf0fb7034f73f04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b7:33:68:2b:a4:58:81:5c:cf:e7:53:70:72:
                    c2:64:2f:2e:da:ea:3b:28:38:ba:79:13:74:c1:df:
                    fd:68:a2:6d:9a:14:64:e4:c3:e2:6d:29:bd:70:d9:
                    e5:47:64:32:d1:02:48:88:fa:7d:5f:2b:0a:fa:35:
                    e9:96:cf:94:a3:6b:64:30:1e:1d:a9:ab:ed:51:90:
                    dd:77:23:37:05:44:8d:c7:15:89:c1:fa:af:d8:e7:
                    b8:23:4b:89:d4:0c:e5:5f:0d:25:fe:c8:51:38:7a:
                    bc:8f:7f:9f:c2:a9:d8:31:ed:93:38:7d:2f:91:1b:
                    a3:b1:7c:38:90:03:6e:45:42:ff:f4:15:bd:84:b1:
                    ef:ae:89:81:cc:23:5a:33:8d:ef:3f:b1:b6:3c:a8:
                    06:28:e1:d4:9a:45:a8:b7:da:a4:9a:64:09:96:2e:
                    6e:64:46:b2:8b:f2:3f:11:84:d6:bc:4a:21:59:8f:
                    96:49:fb:f7:dc:57:37:73:ad:4f:30:77:e1:e6:38:
                    73:c7:59:97:ad:f8:0e:e0:5d:d0:6b:21:60:08:08:
                    24:fa:b7:0f:1e:d7:95:ca:08:f9:cb:04:b2:68:b4:
                    df:de:c6:36:34:46:e2:0f:a3:d0:fd:00:b9:91:50:
                    05:30:fe:26:5f:91:10:06:04:09:ab:35:c5:4c:b7:
                    0c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:95:2B:82:70:C2:9C:DC:A9:96:5A:E0:1C:F0:FB:70:34:F7:3F:04
            X509v3 Authority Key Identifier:
                keyid:3F:37:C9:4A:96:C4:8F:CF:84:12:8E:84:7A:E9:02:0D:6B:C6:63:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:1f:8e:6f:76:fa:bb:92:ac:da:3d:ef:d1:79:ee:67:a2:de:
         84:df:d9:7f:6a:f0:13:7a:aa:22:84:86:59:b3:bf:2a:d7:5b:
         8c:de:5d:71:76:6b:96:81:fb:21:f3:39:49:79:0d:70:cd:4d:
         68:c6:38:23:40:54:60:ba:da:26:c3:b0:8e:86:3f:56:28:d9:
         38:0b:62:61:b7:b0:ad:ed:fd:92:e3:37:b2:f2:6c:2b:d7:75:
         a2:7a:34:73:3d:df:02:4e:14:8e:19:bb:1f:3a:a9:50:13:ed:
         71:5e:04:f6:e6:94:5f:88:d6:7a:b7:b8:ce:dc:9f:87:7f:af:
         20:8d:40:5c:df:18:f3:7f:c0:b2:e7:50:5a:56:51:32:14:f6:
         f3:b5:40:15:28:2e:2f:87:b5:08:11:a1:bb:8b:98:a7:ce:38:
         49:ea:77:9b:d0:25:97:fe:11:93:b3:c9:3e:73:3f:9f:09:21:
         2f:14:ad:dd:eb:e9:e8:3d:c6:95:af:d8:a7:08:7d:72:d7:7f:
         65:c2:2c:ee:e1:0d:aa:cc:73:53:25:62:3d:9c:6b:ad:c9:7b:
         4e:cf:73:cb:f1:49:0d:08:4c:b4:1f:99:5f:19:59:dd:3e:72:
         16:75:18:c4:b8:7b:32:a4:33:d4:0c:bb:1d:c4:fe:d6:64:21:
         fb:8d:8e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYb/IR3KT8yfp3G8mwn18OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzdjOTRhOTZjNDhmY2Y4NDEyOGU4NDdhZTkwMjBkNmJj
NjYzMDQwHhcNMjUwNDIxMTMwMDUzWhcNMjUwNDIyMTMwMDUzWjAzMTEwLwYDVQQD
EyhhMzk1MmI4MjcwYzI5Y2RjYTk5NjVhZTAxY2YwZmI3MDM0ZjczZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrczaCukWIFcz+dTcHLCZC8u2uo7
KDi6eRN0wd/9aKJtmhRk5MPibSm9cNnlR2Qy0QJIiPp9XysK+jXpls+Uo2tkMB4d
qavtUZDddyM3BUSNxxWJwfqv2Oe4I0uJ1AzlXw0l/shROHq8j3+fwqnYMe2TOH0v
kRujsXw4kANuRUL/9BW9hLHvromBzCNaM43vP7G2PKgGKOHUmkWot9qkmmQJli5u
ZEayi/I/EYTWvEohWY+WSfv33Fc3c61PMHfh5jhzx1mXrfgO4F3QayFgCAgk+rcP
HteVygj5ywSyaLTf3sY2NEbiD6PQ/QC5kVAFMP4mX5EQBgQJqzXFTLcMawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOVK4JwwpzcqZZa4Bzw+3A09z8EMB8GA1UdIwQY
MBaAFD83yUqWxI/PhBKOhHrpAg1rxmMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zNWE5YmMtYjE0Mi00NDVmLTgxZTct
ZWY5OTBjNThiNDhiLzEvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zNWE5YmMtYjE0Mi00NDVmLTgxZTctZWY5OTBjNThiNDhi
LzEvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAh+Ob3b6
u5Ks2j3v0XnuZ6LehN/Zf2rwE3qqIoSGWbO/KtdbjN5dcXZrloH7IfM5SXkNcM1N
aMY4I0BUYLraJsOwjoY/VijZOAtiYbewre39kuM3svJsK9d1ono0cz3fAk4Ujhm7
HzqpUBPtcV4E9uaUX4jWere4ztyfh3+vII1AXN8Y83/AsudQWlZRMhT287VAFSgu
L4e1CBGhu4uYp844Sep3m9All/4Rk7PJPnM/nwkhLxSt3evp6D3Gla/Ypwh9ctd/
ZcIs7uENqsxzUyViPZxrrcl7Ts9zy/FJDQhMtB+ZXxlZ3T5yFnUYxLh7MqQz1Ay7
HcT+1mQh+42Okg==
-----END CERTIFICATE-----