Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
File:                     zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json)
Hash identifier:          e1wAZiwAtNaQco9jkRBUJg5k99DOrTwvHGfpyP4oMK8=
Subject key identifier:   AF:F6:DE:41:5C:68:DC:91:23:A9:06:C8:32:62:4C:AE:36:07:A5:8B
Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21
Certificate issuer:       /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
Certificate serial:       0194C3F5D80B942924B7C36807C3B2E8712B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
Manifest number:          142E
Signing time:             Sun 02 Feb 2025 00:00:56 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:56 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:56 +0000
Files and hashes:         1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: HyRaWZdjvmWEIxVoXzV54uexJsSQnU/29TODx3fhw2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:d8:0b:94:29:24:b7:c3:68:07:c3:b2:e8:71:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
        Validity
            Not Before: Feb  2 00:00:56 2025 GMT
            Not After : Feb  3 00:00:56 2025 GMT
        Subject: CN=aff6de415c68dc9123a906c832624cae3607a58b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e1:cf:65:83:71:f6:cf:f1:e2:83:c0:61:45:
                    f1:c6:d1:6a:6d:7b:ce:54:2d:f7:60:d0:d7:be:1c:
                    8a:77:65:f4:fa:3a:b3:ae:18:a0:1f:d8:f4:75:78:
                    96:8d:5f:76:34:8b:32:91:3e:76:4e:9c:37:84:50:
                    4b:ab:bf:5b:32:44:a4:5e:07:13:86:91:2f:27:23:
                    08:06:34:2a:d4:95:b4:4d:be:79:73:61:8d:ff:05:
                    87:7d:18:fd:dd:84:41:97:4d:7d:01:73:30:21:07:
                    f6:5a:75:9c:ff:39:31:07:f7:62:21:ef:85:85:98:
                    a5:3f:4a:dc:fc:f0:73:b9:9f:d7:43:08:c6:2a:38:
                    68:49:57:bd:b5:27:93:0f:0b:cf:9d:25:23:bd:3f:
                    31:f1:71:68:a7:b7:c7:77:a9:a8:3e:ad:5c:6b:e0:
                    7e:a3:1e:e1:9c:0d:5d:67:c7:cc:09:36:b1:fa:ee:
                    1c:b0:53:8a:93:21:cb:a4:18:fd:89:c5:8d:69:56:
                    4e:54:d6:05:73:77:38:c6:69:e8:f8:d5:be:78:1b:
                    98:51:d2:6c:52:f5:d8:56:ea:f5:54:57:50:aa:44:
                    ed:e7:ec:3c:9b:0f:74:5d:f3:77:cc:c2:3d:02:e1:
                    ae:eb:de:d1:6f:61:45:d6:ef:d0:d6:65:83:0a:11:
                    90:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F6:DE:41:5C:68:DC:91:23:A9:06:C8:32:62:4C:AE:36:07:A5:8B
            X509v3 Authority Key Identifier:
                keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d3:bb:47:59:fc:29:77:3e:56:b2:6f:61:7f:54:56:47:3a:
         dc:87:bf:5f:f5:01:44:31:8d:f1:ae:95:b3:4e:e5:35:c6:df:
         bc:81:31:c6:a4:bd:75:47:e0:d4:c7:33:8f:51:37:0f:95:a4:
         32:83:e9:92:87:de:da:d4:1b:91:82:42:f6:4e:95:59:c8:cf:
         10:8c:ff:c2:70:03:b7:34:78:fb:52:51:67:48:cd:69:d8:84:
         75:e1:90:3c:76:cd:41:bc:e6:32:0c:09:31:48:ad:38:ce:15:
         3e:47:bb:49:14:5a:0e:47:73:16:65:0b:6f:82:f9:55:a6:42:
         27:aa:ca:5b:fb:eb:99:99:ef:ec:53:eb:c5:33:f3:2d:36:74:
         19:63:48:01:d5:65:b6:44:83:02:ba:bb:a8:c8:73:eb:d0:08:
         5c:dd:33:a1:fa:b9:e6:2e:d5:3e:08:fe:26:d9:fb:4d:71:f1:
         5c:2f:25:86:49:2b:0a:d7:f8:d0:76:95:6f:dd:5c:45:56:d9:
         55:91:97:7a:37:b2:77:c8:66:d0:61:a6:50:94:5b:f9:ef:93:
         ce:bc:cd:b6:c9:be:2f:b2:f6:ef:27:1f:a5:0b:34:72:80:08:
         77:b1:dd:c9:20:1f:c3:40:c0:52:b8:af:d8:a4:11:a1:7a:e9:
         a1:4a:c0:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9dgLlCkkt8NoB8Oy6HErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm
MTBlMjEwHhcNMjUwMjAyMDAwMDU2WhcNMjUwMjAzMDAwMDU2WjAzMTEwLwYDVQQD
EyhhZmY2ZGU0MTVjNjhkYzkxMjNhOTA2YzgzMjYyNGNhZTM2MDdhNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOHPZYNx9s/x4oPAYUXxxtFqbXvO
VC33YNDXvhyKd2X0+jqzrhigH9j0dXiWjV92NIsykT52Tpw3hFBLq79bMkSkXgcT
hpEvJyMIBjQq1JW0Tb55c2GN/wWHfRj93YRBl019AXMwIQf2WnWc/zkxB/diIe+F
hZilP0rc/PBzuZ/XQwjGKjhoSVe9tSeTDwvPnSUjvT8x8XFop7fHd6moPq1ca+B+
ox7hnA1dZ8fMCTax+u4csFOKkyHLpBj9icWNaVZOVNYFc3c4xmno+NW+eBuYUdJs
UvXYVur1VFdQqkTt5+w8mw90XfN3zMI9AuGu697Rb2FF1u/Q1mWDChGQlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/23kFcaNyRI6kGyDJiTK42B6WLMB8GA1UdIwQY
MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt
OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl
LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNO7R1n8
KXc+VrJvYX9UVkc63Ie/X/UBRDGN8a6Vs07lNcbfvIExxqS9dUfg1Mczj1E3D5Wk
MoPpkofe2tQbkYJC9k6VWcjPEIz/wnADtzR4+1JRZ0jNadiEdeGQPHbNQbzmMgwJ
MUitOM4VPke7SRRaDkdzFmULb4L5VaZCJ6rKW/vrmZnv7FPrxTPzLTZ0GWNIAdVl
tkSDArq7qMhz69AIXN0zofq55i7VPgj+Jtn7TXHxXC8lhkkrCtf40HaVb91cRVbZ
VZGXejeyd8hm0GGmUJRb+e+TzrzNtsm+L7L27ycfpQs0coAId7HdySAfw0DAUriv
2KQRoXrpoUrAYA==
-----END CERTIFICATE-----