Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft
File:                     ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft (raw, json)
Hash identifier:          qlqSnbBl4KX3CiOrI0nlkiULKvN+4V1XH7w0dN9xCcs=
Subject key identifier:   E5:51:86:1B:23:A9:F2:7B:DB:3A:49:4A:B4:17:33:B3:51:84:86:CD
Authority key identifier: 66:D1:F8:FB:6A:DD:27:2B:46:C4:06:B1:88:5C:93:29:5B:1F:4B:8C
Certificate issuer:       /CN=66d1f8fb6add272b46c406b1885c93295b1f4b8c
Certificate serial:       0194C3F61ACF2FACF122DD66E50F3C817945
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZtH4-2rdJytGxAaxiFyTKVsfS4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft
Manifest number:          0A7B
Signing time:             Sun 02 Feb 2025 00:01:13 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:13 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:13 +0000
Files and hashes:         1: ZtH4-2rdJytGxAaxiFyTKVsfS4w.crl (hash: Q1EZbRhx7KPYYsd5wMIr6aF8YzWDcdIaq3okYrSQ5zs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZtH4-2rdJytGxAaxiFyTKVsfS4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:1a:cf:2f:ac:f1:22:dd:66:e5:0f:3c:81:79:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66d1f8fb6add272b46c406b1885c93295b1f4b8c
        Validity
            Not Before: Feb  2 00:01:13 2025 GMT
            Not After : Feb  3 00:01:13 2025 GMT
        Subject: CN=e551861b23a9f27bdb3a494ab41733b3518486cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3a:9e:ea:31:55:17:7f:66:76:51:bd:d0:06:
                    4f:ac:3b:8b:54:66:08:ca:1d:4d:fd:ba:be:ac:27:
                    20:a2:c8:cd:3c:88:b5:88:74:53:a5:aa:cc:7c:3b:
                    81:12:d1:cb:26:1f:a1:c2:2a:c4:2d:4a:96:45:0e:
                    89:38:a5:20:97:9a:a0:ed:54:8e:70:51:71:f2:3f:
                    08:c9:62:52:81:33:c2:68:02:db:f1:cc:a7:0e:f6:
                    d5:c9:45:13:02:63:07:4c:45:fb:c5:4d:c8:85:96:
                    fb:39:ce:9c:56:53:ab:f1:92:43:49:0e:de:bb:43:
                    28:49:99:13:15:85:fe:50:4d:7e:c2:bd:5f:05:13:
                    fc:11:8b:57:84:4b:18:97:da:94:c4:70:c0:c2:06:
                    6a:9e:21:0a:f1:6e:e6:dd:77:20:3d:20:f5:aa:7d:
                    03:d9:37:71:e9:f6:d7:87:c1:cc:34:af:48:e2:1b:
                    ce:24:be:f6:da:2a:5c:15:b6:6f:2f:6e:e6:cd:e1:
                    5d:74:d8:4b:4f:93:29:d1:7a:27:e1:57:1f:3b:9b:
                    7b:2a:29:d0:97:7c:d1:3a:56:01:72:9d:29:65:af:
                    e5:b6:f3:9b:46:65:a6:74:9f:41:79:c1:5a:b4:dc:
                    06:e5:12:dd:2d:0a:ac:a7:83:6f:2d:13:bd:02:76:
                    ee:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:51:86:1B:23:A9:F2:7B:DB:3A:49:4A:B4:17:33:B3:51:84:86:CD
            X509v3 Authority Key Identifier:
                keyid:66:D1:F8:FB:6A:DD:27:2B:46:C4:06:B1:88:5C:93:29:5B:1F:4B:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtH4-2rdJytGxAaxiFyTKVsfS4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:3b:24:d9:8f:67:1c:99:b2:64:c9:8e:ce:2f:c1:2c:17:1f:
         b5:d1:b4:2b:b7:07:4d:78:a0:f5:1d:a8:4d:0d:b5:89:7e:d3:
         8f:f3:0a:1e:79:f2:8c:f6:7c:d0:28:a8:08:d3:74:f4:be:c8:
         03:d7:0d:bd:2b:12:af:d6:92:c0:c9:96:49:bc:60:5c:9b:38:
         6f:a1:fc:74:bd:d5:85:d6:64:de:21:41:38:a8:1a:77:88:d0:
         32:a5:46:34:9a:48:55:a0:11:f6:f0:b8:a4:95:d0:62:2b:4c:
         8a:82:e9:32:b7:fe:c9:60:6a:69:49:14:3f:74:19:db:80:4b:
         a8:bc:9f:b5:cd:37:96:1f:11:db:1c:cc:20:ca:9f:0d:f0:81:
         6b:2f:28:af:0b:a3:98:e6:b9:5f:84:2e:bf:c3:86:50:f5:fb:
         df:9a:31:55:8c:d9:d5:7a:a5:ea:62:c7:29:d2:da:24:72:74:
         b1:2b:ae:8b:8f:e3:08:c1:4a:f5:b7:9b:3f:a3:f1:fc:ef:c4:
         0f:f0:2e:c4:8b:3d:04:f1:4b:f8:d2:b8:45:71:a0:57:6b:09:
         67:59:02:ec:63:ba:e7:5a:05:71:5b:d8:8d:5d:45:fb:de:7e:
         28:9c:7c:71:51:3b:0b:20:a4:91:9c:05:a4:c3:d9:b7:75:66:
         de:d7:f0:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9hrPL6zxIt1m5Q88gXlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDFmOGZiNmFkZDI3MmI0NmM0MDZiMTg4NWM5MzI5NWIx
ZjRiOGMwHhcNMjUwMjAyMDAwMTEzWhcNMjUwMjAzMDAwMTEzWjAzMTEwLwYDVQQD
EyhlNTUxODYxYjIzYTlmMjdiZGIzYTQ5NGFiNDE3MzNiMzUxODQ4NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzqe6jFVF39mdlG90AZPrDuLVGYI
yh1N/bq+rCcgosjNPIi1iHRTparMfDuBEtHLJh+hwirELUqWRQ6JOKUgl5qg7VSO
cFFx8j8IyWJSgTPCaALb8cynDvbVyUUTAmMHTEX7xU3IhZb7Oc6cVlOr8ZJDSQ7e
u0MoSZkTFYX+UE1+wr1fBRP8EYtXhEsYl9qUxHDAwgZqniEK8W7m3XcgPSD1qn0D
2Tdx6fbXh8HMNK9I4hvOJL722ipcFbZvL27mzeFddNhLT5Mp0Xon4VcfO5t7KinQ
l3zROlYBcp0pZa/ltvObRmWmdJ9BecFatNwG5RLdLQqsp4NvLRO9AnbuIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVRhhsjqfJ72zpJSrQXM7NRhIbNMB8GA1UdIwQY
MBaAFGbR+Ptq3ScrRsQGsYhckylbH0uMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRINC0ycmRKeXRHeEFheGlGeVRLVnNmUzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNTJmNmYtMTRmOC00MTljLTk5ZDkt
YTU5ZDEzNTBkZWVjLzEvWnRINC0ycmRKeXRHeEFheGlGeVRLVnNmUzR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNTJmNmYtMTRmOC00MTljLTk5ZDktYTU5ZDEzNTBkZWVj
LzEvWnRINC0ycmRKeXRHeEFheGlGeVRLVnNmUzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjsk2Y9n
HJmyZMmOzi/BLBcftdG0K7cHTXig9R2oTQ21iX7Tj/MKHnnyjPZ80CioCNN09L7I
A9cNvSsSr9aSwMmWSbxgXJs4b6H8dL3VhdZk3iFBOKgad4jQMqVGNJpIVaAR9vC4
pJXQYitMioLpMrf+yWBqaUkUP3QZ24BLqLyftc03lh8R2xzMIMqfDfCBay8orwuj
mOa5X4Quv8OGUPX735oxVYzZ1Xql6mLHKdLaJHJ0sSuui4/jCMFK9bebP6Px/O/E
D/AuxIs9BPFL+NK4RXGgV2sJZ1kC7GO651oFcVvYjV1F+95+KJx8cVE7CyCkkZwF
pMPZt3Vm3tfwTw==
-----END CERTIFICATE-----