Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          Nj5E/s8WC4Mmh0PjnM7F1Q7Hhk7YkybWzf41/GoIzmo=
Subject key identifier:   D5:0F:96:E3:FF:5E:1F:C4:BC:7D:09:93:6A:47:DC:5D:5A:F2:DE:03
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       01974A7B59918DD3AD56F8C212A217624B29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0E2A
Signing time:             Sat 07 Jun 2025 13:01:27 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:27 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:27 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: cH0P5dkpwicscg6Ffo65SDed8x+cQG8SmxNB0NR/w5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:59:91:8d:d3:ad:56:f8:c2:12:a2:17:62:4b:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Jun  7 13:01:27 2025 GMT
            Not After : Jun  8 13:01:27 2025 GMT
        Subject: CN=d50f96e3ff5e1fc4bc7d09936a47dc5d5af2de03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:08:75:30:08:55:cf:98:a9:e7:47:41:ec:bc:
                    1f:bb:80:74:d2:35:1f:11:b0:fc:e5:56:05:4d:b5:
                    37:b6:9e:a7:b5:aa:b4:de:d0:7b:15:77:96:4c:38:
                    88:49:db:ef:a8:6d:6d:37:e8:28:6b:91:dc:c3:07:
                    76:19:72:9e:f5:ae:30:ff:6c:66:65:3d:55:9c:60:
                    cd:d0:fa:c2:9a:92:7f:19:d0:4f:96:37:c3:d2:41:
                    c9:68:05:24:6b:5a:50:ba:f7:d2:de:8b:50:7b:04:
                    41:4c:d2:d1:82:ba:54:aa:11:ba:a0:bc:72:44:c4:
                    8c:b0:07:05:ba:a8:00:2a:32:a4:c9:80:97:60:30:
                    d0:a4:be:84:c1:9b:d4:cb:1f:cb:19:71:d7:09:88:
                    8a:61:b3:41:09:5c:de:f7:b1:72:55:e9:67:13:00:
                    07:46:ea:47:b8:e2:2d:97:c8:31:d1:d3:20:bb:94:
                    d2:d1:ea:c4:77:ea:46:5d:58:13:ca:3e:68:c6:29:
                    87:68:0b:5d:ec:04:68:15:f7:6a:ea:07:3a:47:b9:
                    94:c8:b8:3d:14:2b:7d:04:33:7f:0c:a6:d6:56:c6:
                    b1:d1:d5:47:31:2d:63:f1:09:7d:d9:f1:ee:11:24:
                    c6:b6:15:f8:1a:dc:c4:ae:9b:10:ea:d8:35:e1:ff:
                    31:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:0F:96:E3:FF:5E:1F:C4:BC:7D:09:93:6A:47:DC:5D:5A:F2:DE:03
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:0f:da:04:87:9e:64:3d:a5:0f:b6:ee:fd:e7:d4:7c:6c:c9:
         f7:ae:1a:c5:e0:eb:cd:3f:a5:bf:11:d2:c8:0b:4f:61:82:f3:
         3b:df:d1:c8:aa:77:00:7d:72:85:6d:e5:a9:a8:84:ce:10:71:
         4a:c4:eb:72:95:89:70:cb:0b:74:e7:21:b6:88:db:46:16:da:
         e4:a0:af:2e:9f:ab:f3:a5:2f:1e:08:22:a0:87:32:0a:0f:a8:
         c9:7d:e0:87:ae:95:15:80:e2:8f:06:1d:50:5d:be:ea:19:3a:
         a9:30:6d:33:eb:b0:07:fb:95:c5:87:25:0a:0f:91:65:cc:b7:
         d8:8d:7b:02:d4:58:cf:2b:4d:65:b6:e5:21:17:cb:55:a0:b7:
         51:91:bc:24:81:5b:73:68:36:fa:86:50:41:85:06:86:22:71:
         37:15:a1:ea:4f:7c:05:a9:a2:8c:b8:c9:16:55:c2:0f:42:be:
         21:81:b1:37:62:ae:a3:a4:45:7c:7d:da:2c:84:c6:d0:34:0e:
         34:c0:de:f9:d4:f2:e9:5c:fc:7b:07:7d:69:aa:5d:8c:cc:af:
         f4:3f:51:e0:73:44:74:7c:38:16:58:ae:b5:0f:3b:79:68:e2:
         8d:86:e4:96:06:25:d2:14:58:dd:51:ea:76:66:1f:27:3b:fc:
         86:e7:f9:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe1mRjdOtVvjCEqIXYkspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwNjA3MTMwMTI3WhcNMjUwNjA4MTMwMTI3WjAzMTEwLwYDVQQD
EyhkNTBmOTZlM2ZmNWUxZmM0YmM3ZDA5OTM2YTQ3ZGM1ZDVhZjJkZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgh1MAhVz5ip50dB7Lwfu4B00jUf
EbD85VYFTbU3tp6ntaq03tB7FXeWTDiISdvvqG1tN+goa5Hcwwd2GXKe9a4w/2xm
ZT1VnGDN0PrCmpJ/GdBPljfD0kHJaAUka1pQuvfS3otQewRBTNLRgrpUqhG6oLxy
RMSMsAcFuqgAKjKkyYCXYDDQpL6EwZvUyx/LGXHXCYiKYbNBCVze97FyVelnEwAH
RupHuOItl8gx0dMgu5TS0erEd+pGXVgTyj5oximHaAtd7ARoFfdq6gc6R7mUyLg9
FCt9BDN/DKbWVsax0dVHMS1j8Ql92fHuESTGthX4GtzErpsQ6tg14f8xIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUPluP/Xh/EvH0Jk2pH3F1a8t4DMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlw/aBIee
ZD2lD7bu/efUfGzJ964axeDrzT+lvxHSyAtPYYLzO9/RyKp3AH1yhW3lqaiEzhBx
SsTrcpWJcMsLdOchtojbRhba5KCvLp+r86UvHggioIcyCg+oyX3gh66VFYDijwYd
UF2+6hk6qTBtM+uwB/uVxYclCg+RZcy32I17AtRYzytNZbblIRfLVaC3UZG8JIFb
c2g2+oZQQYUGhiJxNxWh6k98BamijLjJFlXCD0K+IYGxN2Kuo6RFfH3aLITG0DQO
NMDe+dTy6Vz8ewd9aapdjMyv9D9R4HNEdHw4FliutQ87eWjijYbklgYl0hRY3VHq
dmYfJzv8huf5nQ==
-----END CERTIFICATE-----