Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          +0CjZIUc4GQQeiRlqORDRiJuZ5h0kC8AwEvBj0R6dd4=
Subject key identifier:   2E:97:A7:AD:4D:CC:73:2B:89:DA:8F:5D:75:81:19:C5:FC:62:69:B6
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       019644B25F4CCE11063F8787F0366870E467
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          14F2
Signing time:             Thu 17 Apr 2025 17:01:02 +0000
Manifest this update:     Thu 17 Apr 2025 17:01:02 +0000
Manifest next update:     Fri 18 Apr 2025 17:01:02 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: rz88FTWFlt0jSYgQVJkPwqSmDLEjDFkodsg1Co9+PXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:b2:5f:4c:ce:11:06:3f:87:87:f0:36:68:70:e4:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Apr 17 17:01:02 2025 GMT
            Not After : Apr 18 17:01:02 2025 GMT
        Subject: CN=2e97a7ad4dcc732b89da8f5d758119c5fc6269b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:2f:7a:a5:70:17:cd:76:46:34:9e:ab:64:c8:
                    ee:a0:ee:03:7b:a1:6b:a1:17:7a:5e:39:7a:bd:c2:
                    ad:6b:42:48:7c:5a:b8:61:c8:ec:c3:4f:30:d6:d6:
                    eb:ab:99:75:fe:78:93:cb:88:66:4c:f8:4a:71:9f:
                    9f:87:a7:76:8a:66:63:bd:10:dc:9e:12:48:5c:31:
                    08:3b:71:e6:69:d3:87:eb:46:00:3d:9c:90:d8:30:
                    2e:67:a0:74:f5:c1:07:2b:38:00:2a:aa:39:8c:c7:
                    21:f2:8a:a4:87:eb:4e:97:49:42:f1:98:a5:b3:58:
                    4a:d7:33:87:bf:43:4f:b4:f6:8c:0d:2e:e7:5b:0a:
                    d2:c4:2b:bb:29:57:05:6b:fc:fe:63:94:c5:87:af:
                    34:e8:94:fe:ee:82:58:e1:d0:38:10:79:41:ab:c6:
                    ce:50:47:9d:16:ca:ce:b5:ec:7e:25:29:d6:93:8c:
                    f1:76:76:e2:d3:48:0b:c1:9e:fb:e0:b7:71:73:66:
                    3c:9a:4a:51:05:52:7c:6f:75:15:b8:30:14:1a:d8:
                    7d:da:96:d0:1a:73:be:65:7e:f1:11:89:29:20:f4:
                    8f:73:39:f8:70:ba:5f:05:69:25:f5:7d:88:f3:6e:
                    58:67:37:0a:5c:31:f9:94:29:bf:cf:95:89:cb:68:
                    e4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:97:A7:AD:4D:CC:73:2B:89:DA:8F:5D:75:81:19:C5:FC:62:69:B6
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:9c:4b:43:72:b3:44:da:62:03:b7:d8:0e:4c:00:e8:be:7f:
         77:19:e8:10:68:4a:ca:aa:b1:b8:e9:1c:2c:4e:69:53:e7:02:
         1c:c7:53:b6:db:f1:99:a5:bd:35:f2:6f:8d:9c:ed:45:2b:a2:
         70:fa:07:6a:e0:f2:3a:47:8b:33:65:b1:92:58:c2:af:67:08:
         5a:aa:3f:32:a0:8b:a1:48:14:67:be:d3:ff:8a:a5:45:63:1f:
         14:65:2b:09:83:83:bc:7d:1f:a1:51:49:6f:4b:21:d8:75:96:
         57:3d:b4:39:2f:ff:eb:ff:c8:7a:4c:ac:56:16:20:f2:94:24:
         e5:5c:c1:9d:54:5b:35:28:42:98:bf:9b:94:79:0f:59:06:03:
         b1:2e:7c:c2:a4:a7:6c:20:30:fc:08:ed:02:9d:0b:4d:ab:16:
         a9:c6:cd:98:a6:e0:57:b2:a7:fd:24:af:46:f4:3a:df:68:f5:
         3d:4e:98:5b:c2:01:9c:00:de:b4:fa:23:c2:dd:40:9f:f6:87:
         9b:bd:96:52:fb:3d:dc:c8:8b:37:ff:04:56:a5:4d:c9:f6:26:
         9c:05:31:99:28:29:ac:78:17:37:0d:ee:3b:8c:f0:67:2f:27:
         34:3d:e0:5c:fc:8c:ad:a5:69:05:08:0f:b7:7c:ee:da:b7:f0:
         8c:13:f9:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEsl9MzhEGP4eH8DZocORnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUwNDE3MTcwMTAyWhcNMjUwNDE4MTcwMTAyWjAzMTEwLwYDVQQD
EygyZTk3YTdhZDRkY2M3MzJiODlkYThmNWQ3NTgxMTljNWZjNjI2OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C96pXAXzXZGNJ6rZMjuoO4De6Fr
oRd6Xjl6vcKta0JIfFq4Ycjsw08w1tbrq5l1/niTy4hmTPhKcZ+fh6d2imZjvRDc
nhJIXDEIO3HmadOH60YAPZyQ2DAuZ6B09cEHKzgAKqo5jMch8oqkh+tOl0lC8Zil
s1hK1zOHv0NPtPaMDS7nWwrSxCu7KVcFa/z+Y5TFh6806JT+7oJY4dA4EHlBq8bO
UEedFsrOtex+JSnWk4zxdnbi00gLwZ774Ldxc2Y8mkpRBVJ8b3UVuDAUGth92pbQ
GnO+ZX7xEYkpIPSPczn4cLpfBWkl9X2I825YZzcKXDH5lCm/z5WJy2jkoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6Xp61NzHMridqPXXWBGcX8Ymm2MB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkZxLQ3Kz
RNpiA7fYDkwA6L5/dxnoEGhKyqqxuOkcLE5pU+cCHMdTttvxmaW9NfJvjZztRSui
cPoHauDyOkeLM2WxkljCr2cIWqo/MqCLoUgUZ77T/4qlRWMfFGUrCYODvH0foVFJ
b0sh2HWWVz20OS//6//IekysVhYg8pQk5VzBnVRbNShCmL+blHkPWQYDsS58wqSn
bCAw/AjtAp0LTasWqcbNmKbgV7Kn/SSvRvQ632j1PU6YW8IBnADetPojwt1An/aH
m72WUvs93MiLN/8EVqVNyfYmnAUxmSgprHgXNw3uO4zwZy8nND3gXPyMraVpBQgP
t3zu2rfwjBP5ng==
-----END CERTIFICATE-----