Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          VFwyktQcAE6Nctk9h/2gw5zUyE+2pet06s1CXToyOCA=
Subject key identifier:   70:CF:7E:B2:43:40:46:F6:DE:C1:F7:F4:51:A7:95:3F:AF:8F:CC:57
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       019579102AAF9075187480A175147846E9EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0D39
Signing time:             Sun 09 Mar 2025 04:00:57 +0000
Manifest this update:     Sun 09 Mar 2025 04:00:57 +0000
Manifest next update:     Mon 10 Mar 2025 04:00:57 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: GarfFwnu+wpTH7YcJ8XXPIEVIP3MyyJRdHA8z66nTnA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:10:2a:af:90:75:18:74:80:a1:75:14:78:46:e9:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Mar  9 04:00:57 2025 GMT
            Not After : Mar 10 04:00:57 2025 GMT
        Subject: CN=70cf7eb2434046f6dec1f7f451a7953faf8fcc57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:15:68:bc:5b:d4:73:1c:f6:91:92:46:18:d4:
                    d2:2d:b5:fa:3d:1a:21:76:fe:d4:83:fd:71:1f:6d:
                    12:3d:c4:32:a3:53:07:c7:a9:2f:69:4f:f7:35:69:
                    fc:9b:7f:ee:57:a0:d5:ab:1c:f4:57:c6:97:5d:d5:
                    79:44:7b:a0:c4:83:f1:9a:b4:80:cb:0f:43:c0:b9:
                    d7:d6:e4:10:ee:20:55:a7:4f:25:f4:74:8c:d1:d2:
                    b0:93:aa:35:c7:c7:a5:6c:ca:83:32:c1:68:83:d9:
                    0b:10:49:13:67:38:88:26:06:7c:dd:ae:04:85:03:
                    a8:2d:26:5a:f5:a4:85:fd:84:19:fa:b5:44:2f:9c:
                    e6:3b:8f:21:85:59:81:dc:64:2b:09:64:a2:3d:75:
                    c5:ba:b6:3b:ae:62:c2:bb:61:bc:af:f8:e2:c2:44:
                    ff:14:14:46:24:77:52:eb:cb:fe:bf:8b:4c:d1:58:
                    c3:78:71:cd:26:58:bc:fd:c1:cf:04:95:f3:2e:93:
                    54:68:36:60:e0:03:93:04:c8:60:a4:0b:f5:7a:f9:
                    e3:92:2b:86:32:70:44:4d:ec:74:80:8a:69:28:5d:
                    ad:34:1d:12:82:01:4d:6f:ce:ca:80:0b:dc:cf:f4:
                    5a:a7:bb:92:1c:d6:97:d6:12:7d:2a:9c:71:3f:08:
                    f5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CF:7E:B2:43:40:46:F6:DE:C1:F7:F4:51:A7:95:3F:AF:8F:CC:57
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ce:13:a4:47:a5:b9:e8:88:d1:f6:c9:ca:a2:9d:ea:62:81:
         8f:35:7e:93:13:65:db:f6:da:20:a8:ae:0d:01:2a:20:d5:10:
         38:37:a1:a5:95:8f:43:8e:c9:8f:2e:c9:a8:f2:dc:23:30:6e:
         2e:c1:89:9b:75:15:51:f6:a8:33:06:c2:1b:11:76:ae:60:60:
         77:38:de:bb:42:a0:8a:39:7d:4c:d2:26:17:58:30:e1:7e:29:
         d6:e0:75:d9:d3:1f:81:fe:7c:88:99:34:c0:22:9b:b3:29:6b:
         b5:5d:cb:b7:42:fe:95:ff:3d:33:91:01:b7:6f:5f:a4:42:35:
         be:75:ed:88:16:48:f9:37:40:ff:1b:ec:4c:11:39:bd:33:e8:
         e3:71:6b:82:ad:b2:ef:d3:57:6f:78:57:5f:46:97:f0:05:b5:
         34:dd:3b:2e:b0:05:4f:b7:32:4d:96:37:33:33:70:5c:0b:dd:
         d7:8f:9d:5c:09:9c:f5:c8:f6:59:f8:83:cf:6b:59:95:6b:8d:
         73:3c:c5:62:aa:dc:cb:6d:bb:64:df:7f:ea:01:bb:aa:2b:60:
         7d:8e:3c:be:01:f0:94:0e:18:b0:8e:c8:0c:27:08:a1:56:3c:
         00:bb:30:11:20:29:fa:cd:c1:0a:54:26:b7:5d:a9:fc:69:b2:
         fb:3d:1d:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5ECqvkHUYdIChdRR4RunvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwMzA5MDQwMDU3WhcNMjUwMzEwMDQwMDU3WjAzMTEwLwYDVQQD
Eyg3MGNmN2ViMjQzNDA0NmY2ZGVjMWY3ZjQ1MWE3OTUzZmFmOGZjYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxVovFvUcxz2kZJGGNTSLbX6PRoh
dv7Ug/1xH20SPcQyo1MHx6kvaU/3NWn8m3/uV6DVqxz0V8aXXdV5RHugxIPxmrSA
yw9DwLnX1uQQ7iBVp08l9HSM0dKwk6o1x8elbMqDMsFog9kLEEkTZziIJgZ83a4E
hQOoLSZa9aSF/YQZ+rVEL5zmO48hhVmB3GQrCWSiPXXFurY7rmLCu2G8r/jiwkT/
FBRGJHdS68v+v4tM0VjDeHHNJli8/cHPBJXzLpNUaDZg4AOTBMhgpAv1evnjkiuG
MnBETex0gIppKF2tNB0SggFNb87KgAvcz/Rap7uSHNaX1hJ9KpxxPwj1xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDPfrJDQEb23sH39FGnlT+vj8xXMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB84TpEel
ueiI0fbJyqKd6mKBjzV+kxNl2/baIKiuDQEqINUQODehpZWPQ47Jjy7JqPLcIzBu
LsGJm3UVUfaoMwbCGxF2rmBgdzjeu0Kgijl9TNImF1gw4X4p1uB12dMfgf58iJk0
wCKbsylrtV3Lt0L+lf89M5EBt29fpEI1vnXtiBZI+TdA/xvsTBE5vTPo43Frgq2y
79NXb3hXX0aX8AW1NN07LrAFT7cyTZY3MzNwXAvd14+dXAmc9cj2WfiDz2tZlWuN
czzFYqrcy227ZN9/6gG7qitgfY48vgHwlA4YsI7IDCcIoVY8ALswESAp+s3BClQm
t12p/Gmy+z0dtA==
-----END CERTIFICATE-----