Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
File:                     ezR3xSqsENrC7dQXOrbZTV4k3vU.mft (raw, json)
Hash identifier:          OoV08iwZRB0FXFe6iq/BkrREaz08WNKvmHro5i7XMa0=
Subject key identifier:   52:67:BD:14:E7:B0:B0:D1:E0:AB:16:6F:CB:C2:4F:D0:D0:3B:14:70
Authority key identifier: 7B:34:77:C5:2A:AC:10:DA:C2:ED:D4:17:3A:B6:D9:4D:5E:24:DE:F5
Certificate issuer:       /CN=7b3477c52aac10dac2edd4173ab6d94d5e24def5
Certificate serial:       0194C46340B79ABA09B29BB5C455430673E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
Manifest number:          044F
Signing time:             Sun 02 Feb 2025 02:00:26 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:26 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:26 +0000
Files and hashes:         1: ezR3xSqsENrC7dQXOrbZTV4k3vU.crl (hash: dZ6DY5sk/AmUYSAKPtY3l+eyItkotUV0XQ9OLyuNipo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:40:b7:9a:ba:09:b2:9b:b5:c4:55:43:06:73:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b3477c52aac10dac2edd4173ab6d94d5e24def5
        Validity
            Not Before: Feb  2 02:00:26 2025 GMT
            Not After : Feb  3 02:00:26 2025 GMT
        Subject: CN=5267bd14e7b0b0d1e0ab166fcbc24fd0d03b1470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:32:05:d5:f7:8c:02:49:6f:14:dd:de:12:2a:
                    28:e2:f9:27:52:d5:9d:20:0e:a9:fd:d6:6c:06:e6:
                    d1:7c:c5:ea:f9:4c:c4:5d:4c:90:91:5b:2d:91:8d:
                    13:15:fa:57:5e:a9:82:d1:54:11:2a:c7:08:e2:c6:
                    22:ad:f1:82:00:bc:6b:ad:aa:dc:5b:70:ab:83:06:
                    b5:79:cc:b2:3c:94:3f:7c:cb:a0:44:25:c1:e9:8f:
                    f5:05:d0:b8:d3:56:ae:14:9e:8e:c7:f5:1f:b9:62:
                    69:ee:17:a7:d5:32:ca:e9:93:a6:50:da:91:61:b3:
                    96:a9:0d:e1:0f:92:82:86:cd:cb:a1:b5:41:d7:37:
                    49:09:db:6f:be:ed:c9:1a:58:a4:c7:59:bd:5d:ab:
                    1b:83:99:ff:f4:59:28:5b:84:3a:1a:30:60:ad:80:
                    5d:55:d3:54:fa:16:4d:c8:6b:e9:2a:31:76:b8:c6:
                    b3:a9:d1:0e:59:08:fb:72:6a:fc:2d:ea:2e:52:6f:
                    cc:21:64:75:7d:54:04:df:ad:35:e5:cc:52:11:2f:
                    71:49:bd:19:ec:19:a3:67:f2:de:0e:a4:cd:5b:84:
                    a4:d9:e8:90:73:10:38:91:fe:38:88:63:c2:d7:31:
                    2b:48:c4:71:e4:1a:20:07:17:4d:cf:8a:78:c2:e1:
                    8d:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:67:BD:14:E7:B0:B0:D1:E0:AB:16:6F:CB:C2:4F:D0:D0:3B:14:70
            X509v3 Authority Key Identifier:
                keyid:7B:34:77:C5:2A:AC:10:DA:C2:ED:D4:17:3A:B6:D9:4D:5E:24:DE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:22:0d:de:dc:6e:bf:70:98:b0:4d:e3:be:d7:b9:6d:a5:6d:
         10:eb:76:5e:29:c9:28:cb:63:33:29:33:f7:7a:72:f2:a2:30:
         18:1c:91:0e:9f:b2:46:a8:8e:8a:07:bb:18:d3:fd:e9:3d:4f:
         1d:a9:a1:4f:05:59:22:f6:23:27:7a:3d:8d:dc:b2:80:c5:cb:
         38:38:d7:4b:ab:61:23:6e:1b:fa:e9:19:7b:2b:89:d8:15:f9:
         59:e6:87:ec:83:3b:ad:35:5e:60:d3:fa:ca:3e:40:64:1e:dc:
         e0:8b:98:e4:78:59:20:a6:ff:f2:bb:58:6c:f1:3b:59:33:df:
         4d:96:c1:4f:71:a2:84:e1:9c:8a:57:ac:d4:37:c9:8a:78:4d:
         c6:d5:36:68:ee:7d:57:75:60:8a:d8:70:d6:53:db:32:6b:d4:
         d6:56:4f:15:c7:8a:13:06:62:c6:40:c9:fe:01:d9:76:58:59:
         74:65:7d:96:5b:cd:9c:b0:95:0c:75:de:5c:55:e3:55:2c:f4:
         bc:3a:7f:42:7e:1a:fb:49:c0:4f:3b:88:19:cc:b2:6a:a2:39:
         2a:c6:76:43:ca:bb:e1:24:30:b8:c9:37:08:8e:01:59:ee:91:
         93:da:4f:40:77:c5:2a:8d:fd:6c:86:0d:d3:1f:b9:a0:4e:dc:
         ee:cb:7e:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY0C3mroJspu1xFVDBnPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMzQ3N2M1MmFhYzEwZGFjMmVkZDQxNzNhYjZkOTRkNWUy
NGRlZjUwHhcNMjUwMjAyMDIwMDI2WhcNMjUwMjAzMDIwMDI2WjAzMTEwLwYDVQQD
Eyg1MjY3YmQxNGU3YjBiMGQxZTBhYjE2NmZjYmMyNGZkMGQwM2IxNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjIF1feMAklvFN3eEioo4vknUtWd
IA6p/dZsBubRfMXq+UzEXUyQkVstkY0TFfpXXqmC0VQRKscI4sYirfGCALxrrarc
W3Crgwa1ecyyPJQ/fMugRCXB6Y/1BdC401auFJ6Ox/UfuWJp7hen1TLK6ZOmUNqR
YbOWqQ3hD5KChs3LobVB1zdJCdtvvu3JGlikx1m9Xasbg5n/9FkoW4Q6GjBgrYBd
VdNU+hZNyGvpKjF2uMazqdEOWQj7cmr8LeouUm/MIWR1fVQE36015cxSES9xSb0Z
7BmjZ/LeDqTNW4Sk2eiQcxA4kf44iGPC1zErSMRx5BogBxdNz4p4wuGNtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJnvRTnsLDR4KsWb8vCT9DQOxRwMB8GA1UdIwQY
MBaAFHs0d8UqrBDawu3UFzq22U1eJN71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iY2EzNDctOTgzYS00YzFhLTg4Yjgt
Y2M2OWEyMzg2ZWRjLzEvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iY2EzNDctOTgzYS00YzFhLTg4YjgtY2M2OWEyMzg2ZWRj
LzEvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaiIN3txu
v3CYsE3jvte5baVtEOt2XinJKMtjMykz93py8qIwGByRDp+yRqiOige7GNP96T1P
HamhTwVZIvYjJ3o9jdyygMXLODjXS6thI24b+ukZeyuJ2BX5WeaH7IM7rTVeYNP6
yj5AZB7c4IuY5HhZIKb/8rtYbPE7WTPfTZbBT3GihOGciles1DfJinhNxtU2aO59
V3Vgithw1lPbMmvU1lZPFceKEwZixkDJ/gHZdlhZdGV9llvNnLCVDHXeXFXjVSz0
vDp/Qn4a+0nATzuIGcyyaqI5KsZ2Q8q74SQwuMk3CI4BWe6Rk9pPQHfFKo39bIYN
0x+5oE7c7st++A==
-----END CERTIFICATE-----