Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          Dmzub4QPsPVJ4+0sgtvvybnRBqEdZfguswAljvqT/k8=
Subject key identifier:   4D:F7:90:4E:CF:FF:83:FA:B8:B7:31:03:68:0D:C4:CE:F3:4F:B8:E5
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       0195116B90D3FA9E29A67F81C5B4A0F2573D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          12C3
Signing time:             Mon 17 Feb 2025 01:00:16 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:16 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:16 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: 1fnv8+pELeExQiNtoBvONc3oVgZ7t9Pt/mzRJ4abMS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:90:d3:fa:9e:29:a6:7f:81:c5:b4:a0:f2:57:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Feb 17 01:00:16 2025 GMT
            Not After : Feb 18 01:00:16 2025 GMT
        Subject: CN=4df7904ecfff83fab8b73103680dc4cef34fb8e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:67:9e:a8:c7:53:b9:ee:74:57:b7:1a:0c:7f:
                    7f:da:28:f8:00:14:f4:86:25:b5:d4:84:1e:d6:aa:
                    44:09:90:d2:a2:03:61:10:d0:eb:96:38:80:97:ce:
                    a4:22:7a:cb:89:a9:b0:76:cf:8c:a2:bb:4b:95:e7:
                    66:76:83:b1:15:f3:74:29:35:f1:fb:cb:72:11:03:
                    1b:e9:ac:7a:22:99:52:08:16:f8:38:6a:db:a3:06:
                    a9:db:a9:cb:3f:4e:32:2f:73:9e:ff:34:61:fe:05:
                    0c:c5:7e:26:10:5b:cc:c7:6d:72:ac:27:c3:39:40:
                    85:a6:97:7b:15:e5:39:72:c4:28:92:10:9b:ec:80:
                    31:fc:40:2f:56:e4:61:7b:d7:b7:2c:9a:d8:7f:32:
                    d2:33:7b:e8:30:0e:5c:f8:10:e9:b3:63:2d:c6:0e:
                    08:20:0d:e2:20:32:a9:8b:23:92:1a:cb:61:de:d2:
                    a5:53:97:de:49:7b:49:74:ae:39:e2:d9:10:4b:8f:
                    6b:0f:30:bc:d0:47:50:fc:ca:9b:72:97:3c:66:69:
                    d2:c0:19:79:45:5e:fe:69:7e:49:13:1c:f1:ef:e7:
                    51:03:eb:36:bb:2b:9c:cc:d4:44:ad:95:7e:44:90:
                    43:78:c1:aa:f9:af:e3:fc:b9:08:bc:6a:28:36:e6:
                    47:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:F7:90:4E:CF:FF:83:FA:B8:B7:31:03:68:0D:C4:CE:F3:4F:B8:E5
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:3a:21:48:a1:48:e8:65:8b:95:19:2f:60:3f:30:c9:e9:10:
         b5:cf:5b:fd:db:79:5e:72:cf:34:9c:13:b9:07:e6:00:1a:07:
         df:b3:eb:c3:6d:9a:d1:72:19:7b:59:c2:b9:64:09:5e:fa:cf:
         02:0d:9b:10:a6:9d:8e:ae:87:6f:8d:a4:74:47:4a:c7:d7:cf:
         87:4b:a8:01:42:28:10:b1:51:0c:ad:e2:4b:b7:e8:84:d8:34:
         f7:ae:86:d1:1f:8b:c9:61:06:7f:87:4f:65:8b:c0:47:a7:ee:
         e8:a9:fd:61:9d:bd:8d:d8:46:fc:2f:42:94:9a:6c:de:9a:9d:
         cd:1d:dd:d3:ce:31:39:a3:05:2f:e1:8d:84:51:15:e7:5b:a2:
         d2:76:5a:99:15:04:cd:32:96:d1:e0:6e:ae:25:1f:2d:24:b3:
         15:b6:49:fd:7b:aa:c8:51:81:1c:ec:c7:bf:96:8c:1a:02:02:
         a2:ae:f4:09:70:6f:ff:22:73:95:91:75:34:50:f6:98:67:c0:
         aa:0a:cc:b5:ac:40:18:99:f6:f8:e2:e8:c0:28:5e:ba:4f:a2:
         cf:da:0a:56:c8:53:a2:0b:68:97:38:8a:e6:91:f7:bb:62:1f:
         88:8d:9a:6f:1e:f2:3d:d8:f7:04:d6:5e:5c:77:75:0e:16:b4:
         31:1b:04:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa5DT+p4ppn+BxbSg8lc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwMjE3MDEwMDE2WhcNMjUwMjE4MDEwMDE2WjAzMTEwLwYDVQQD
Eyg0ZGY3OTA0ZWNmZmY4M2ZhYjhiNzMxMDM2ODBkYzRjZWYzNGZiOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGeeqMdTue50V7caDH9/2ij4ABT0
hiW11IQe1qpECZDSogNhENDrljiAl86kInrLiamwds+MortLledmdoOxFfN0KTXx
+8tyEQMb6ax6IplSCBb4OGrbowap26nLP04yL3Oe/zRh/gUMxX4mEFvMx21yrCfD
OUCFppd7FeU5csQokhCb7IAx/EAvVuRhe9e3LJrYfzLSM3voMA5c+BDps2Mtxg4I
IA3iIDKpiyOSGsth3tKlU5feSXtJdK454tkQS49rDzC80EdQ/Mqbcpc8ZmnSwBl5
RV7+aX5JExzx7+dRA+s2uyuczNRErZV+RJBDeMGq+a/j/LkIvGooNuZHuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE33kE7P/4P6uLcxA2gNxM7zT7jlMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXDohSKFI
6GWLlRkvYD8wyekQtc9b/dt5XnLPNJwTuQfmABoH37Prw22a0XIZe1nCuWQJXvrP
Ag2bEKadjq6Hb42kdEdKx9fPh0uoAUIoELFRDK3iS7fohNg0966G0R+LyWEGf4dP
ZYvAR6fu6Kn9YZ29jdhG/C9ClJps3pqdzR3d084xOaMFL+GNhFEV51ui0nZamRUE
zTKW0eBuriUfLSSzFbZJ/XuqyFGBHOzHv5aMGgICoq70CXBv/yJzlZF1NFD2mGfA
qgrMtaxAGJn2+OLowCheuk+iz9oKVshTogtolziK5pH3u2IfiI2abx7yPdj3BNZe
XHd1Dha0MRsERw==
-----END CERTIFICATE-----