Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
File:                     Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json)
Hash identifier:          UZFUbmSkv6gochsB8/k+8bNQpf7DjpjKDBzo0vxUt/M=
Subject key identifier:   E8:88:E8:04:00:1C:68:9B:E8:D7:07:39:49:4F:72:04:ED:50:79:9B
Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F
Certificate issuer:       /CN=6773703eb4eab367ab9de91a2ac41ee32014030f
Certificate serial:       0194C38771CEB8C1EB1E2E28BF49CA2FC799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
Manifest number:          06F6
Signing time:             Sat 01 Feb 2025 22:00:21 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:21 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:21 +0000
Files and hashes:         1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: UqWek3EbyMPtmugf42lH5gin/NPXvpjtKJB0v++UTJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:71:ce:b8:c1:eb:1e:2e:28:bf:49:ca:2f:c7:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f
        Validity
            Not Before: Feb  1 22:00:21 2025 GMT
            Not After : Feb  2 22:00:21 2025 GMT
        Subject: CN=e888e804001c689be8d70739494f7204ed50799b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e7:78:69:8f:d3:8a:0a:fa:2b:c7:54:ed:fa:
                    1e:96:85:04:b4:37:67:75:44:5b:65:24:56:16:c0:
                    f2:0c:a8:6e:f7:f9:da:bc:2b:36:b6:c2:13:26:55:
                    e3:dd:67:2d:c7:85:c2:01:9f:76:a5:f8:4b:9c:22:
                    4f:0d:10:5a:f4:ed:ee:70:1d:45:22:29:ad:ec:cb:
                    65:dc:99:42:f7:55:ae:9d:da:dd:08:e1:3f:55:d8:
                    6a:6f:5a:72:89:96:97:92:9a:fb:dd:12:6a:e8:ad:
                    56:8a:52:c9:a1:81:ae:d0:37:58:74:44:ed:28:a0:
                    ef:c2:52:ba:f0:36:c7:b6:3c:8f:d5:30:72:a7:11:
                    60:6a:86:ee:fb:3e:c5:6f:5d:51:8f:29:90:65:99:
                    a6:4c:14:86:8d:5a:fc:64:e2:4c:3d:2b:31:71:95:
                    ed:06:75:96:4a:80:66:d8:cb:b0:2f:2a:1d:98:62:
                    09:93:36:ec:2e:7c:fc:0f:4d:9b:33:af:73:59:ad:
                    23:b9:77:9a:10:0c:ed:45:10:30:27:47:4f:85:fc:
                    30:8d:f4:0a:f0:d8:55:6b:81:66:8e:b8:8f:85:a2:
                    cc:ce:7b:dc:3f:64:fe:3e:80:e4:b1:56:e1:fc:d6:
                    e3:57:11:94:6b:94:b1:21:8e:12:db:00:65:d9:8f:
                    1a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:88:E8:04:00:1C:68:9B:E8:D7:07:39:49:4F:72:04:ED:50:79:9B
            X509v3 Authority Key Identifier:
                keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:d7:33:2d:33:99:05:af:c7:a0:a3:9e:48:2e:28:69:74:6f:
         9d:03:2a:e9:74:cf:19:78:c0:a5:3c:31:a4:99:2e:8f:5a:7b:
         7c:e8:8b:b4:1b:01:df:0e:8b:6f:3e:74:75:70:4a:9d:21:89:
         7f:b5:df:05:bf:79:b5:6b:e0:19:43:70:3c:dd:ee:de:0c:12:
         1d:38:aa:42:23:45:37:ba:0d:67:7c:7b:f7:2d:77:ac:36:f7:
         bf:b8:7b:f3:f1:13:36:ef:1c:8d:5e:ae:8b:e4:0b:7c:89:85:
         0c:12:d4:2a:b5:bd:8c:e5:e9:86:31:14:65:f5:d9:78:6b:0b:
         d2:aa:20:5c:db:4f:9d:89:b2:a3:1c:45:1c:9b:45:78:eb:86:
         24:86:17:72:30:e1:92:21:b7:c7:72:9e:ac:fe:81:71:9d:3a:
         53:31:61:d7:fd:f7:65:b9:b4:68:4a:28:47:84:91:93:68:0c:
         b3:50:bc:35:3d:bf:59:c8:64:60:48:db:05:cc:8c:0a:34:25:
         6a:e4:fc:ee:72:1b:ab:32:e8:74:5f:6e:f3:bf:01:71:79:46:
         3b:a8:fb:ae:38:b6:31:f4:99:2c:6a:7a:4d:d4:24:6b:15:c6:
         de:49:2f:2d:3c:b6:e8:d8:9c:76:8f:be:55:c1:2c:0e:f7:c0:
         c2:34:44:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh3HOuMHrHi4ov0nKL8eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx
NDAzMGYwHhcNMjUwMjAxMjIwMDIxWhcNMjUwMjAyMjIwMDIxWjAzMTEwLwYDVQQD
EyhlODg4ZTgwNDAwMWM2ODliZThkNzA3Mzk0OTRmNzIwNGVkNTA3OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxud4aY/Tigr6K8dU7foeloUEtDdn
dURbZSRWFsDyDKhu9/navCs2tsITJlXj3Wctx4XCAZ92pfhLnCJPDRBa9O3ucB1F
Iimt7Mtl3JlC91WundrdCOE/Vdhqb1pyiZaXkpr73RJq6K1WilLJoYGu0DdYdETt
KKDvwlK68DbHtjyP1TBypxFgaobu+z7Fb11RjymQZZmmTBSGjVr8ZOJMPSsxcZXt
BnWWSoBm2MuwLyodmGIJkzbsLnz8D02bM69zWa0juXeaEAztRRAwJ0dPhfwwjfQK
8NhVa4FmjriPhaLMznvcP2T+PoDksVbh/NbjVxGUa5SxIY4S2wBl2Y8anwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiI6AQAHGib6NcHOUlPcgTtUHmbMB8GA1UdIwQY
MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt
NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5
LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApdczLTOZ
Ba/HoKOeSC4oaXRvnQMq6XTPGXjApTwxpJkuj1p7fOiLtBsB3w6Lbz50dXBKnSGJ
f7XfBb95tWvgGUNwPN3u3gwSHTiqQiNFN7oNZ3x79y13rDb3v7h78/ETNu8cjV6u
i+QLfImFDBLUKrW9jOXphjEUZfXZeGsL0qogXNtPnYmyoxxFHJtFeOuGJIYXcjDh
kiG3x3KerP6BcZ06UzFh1/33Zbm0aEooR4SRk2gMs1C8NT2/WchkYEjbBcyMCjQl
auT87nIbqzLodF9u878BcXlGO6j7rji2MfSZLGp6TdQkaxXG3kkvLTy26Nicdo++
VcEsDvfAwjREpQ==
-----END CERTIFICATE-----