Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft
File:                     zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft (raw, json)
Hash identifier:          cHALBDAXqi6MdSTeBcS6n1fwtZ09F3eKQM9Kzor33M0=
Subject key identifier:   DC:AE:81:0E:ED:A8:53:F7:0F:B6:A1:BB:6D:97:88:A2:4E:46:E6:43
Authority key identifier: CC:AC:37:2F:7A:9B:81:71:DC:BF:C1:16:0C:AA:22:C8:FD:C6:8B:7B
Certificate issuer:       /CN=ccac372f7a9b8171dcbfc1160caa22c8fdc68b7b
Certificate serial:       019511351760B34293E3AF41C78F343FB5E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft
Manifest number:          0BE8
Signing time:             Mon 17 Feb 2025 00:00:46 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:46 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:46 +0000
Files and hashes:         1: zKw3L3qbgXHcv8EWDKoiyP3Gi3s.crl (hash: KYbCfVYmTfRszq75UQXyxcjyFXmmS6Leonvm52g5aZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:17:60:b3:42:93:e3:af:41:c7:8f:34:3f:b5:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccac372f7a9b8171dcbfc1160caa22c8fdc68b7b
        Validity
            Not Before: Feb 17 00:00:46 2025 GMT
            Not After : Feb 18 00:00:46 2025 GMT
        Subject: CN=dcae810eeda853f70fb6a1bb6d9788a24e46e643
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d1:18:fb:0d:e0:34:0f:2e:ab:26:12:bc:7f:
                    aa:a9:8e:90:6d:36:c4:aa:71:79:0f:2a:e2:c3:05:
                    60:60:ca:d5:07:bd:5a:4d:3e:2b:2d:b8:4f:e0:37:
                    a2:3b:46:b1:ac:55:98:1c:d9:5b:e2:0c:d5:21:e4:
                    80:7a:8c:e1:72:d6:2f:af:ac:b0:25:95:b6:e1:1e:
                    8e:1b:09:a1:24:a4:4e:99:66:06:3e:24:e2:44:f1:
                    8d:2e:32:4c:9d:03:3a:0a:53:e1:71:c5:1a:cb:20:
                    5b:e3:7f:2a:36:7b:42:c1:d0:e8:fa:79:3d:5d:ad:
                    c3:50:e9:e6:22:f9:58:d9:ed:ad:36:1d:1c:84:96:
                    90:ef:ab:d3:89:14:83:45:cc:82:85:14:fc:f5:33:
                    33:e6:c8:f6:da:97:b2:c3:66:b2:09:1b:69:dd:39:
                    e2:f2:3b:f3:33:9d:c2:28:d5:10:f0:e8:6d:86:f0:
                    68:db:29:92:29:93:4a:9c:06:3c:2b:68:34:84:2d:
                    97:7f:61:bc:80:65:77:60:bf:3b:73:28:06:df:d7:
                    02:71:e3:91:35:89:9c:fb:7d:90:e9:71:9a:90:fc:
                    1b:34:e7:63:a8:fb:f3:ce:67:22:14:36:a8:0f:54:
                    82:8d:aa:b5:26:9f:15:66:0f:ca:d1:fb:8d:48:c3:
                    5d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:AE:81:0E:ED:A8:53:F7:0F:B6:A1:BB:6D:97:88:A2:4E:46:E6:43
            X509v3 Authority Key Identifier:
                keyid:CC:AC:37:2F:7A:9B:81:71:DC:BF:C1:16:0C:AA:22:C8:FD:C6:8B:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:40:ff:3e:3a:a1:24:fa:69:93:71:ac:c2:cb:1a:05:fb:e2:
         67:23:20:2c:82:20:8b:88:5f:25:f2:e8:c2:0d:1c:35:f1:7d:
         c2:75:d5:5f:82:03:5c:c3:9a:48:dd:08:f5:b0:41:5b:06:65:
         2c:7f:b4:3e:56:2c:de:b6:98:7a:1e:5e:ef:8e:2a:77:c3:c0:
         b3:bf:97:92:fa:42:d9:00:95:71:83:a6:ec:64:0d:ae:65:34:
         f0:05:37:d1:9b:c2:43:d8:f6:90:e8:cd:b8:53:3f:f0:eb:a0:
         a3:86:34:79:15:0b:ee:b4:1e:c4:60:59:10:03:81:e8:89:c9:
         2e:92:81:d5:29:2f:f8:70:a1:2f:d1:38:a6:6b:de:73:24:77:
         a3:81:7d:63:4c:74:ba:e9:8c:ae:b8:ac:d7:52:c9:05:3e:2d:
         26:90:f1:16:c5:0f:da:a6:ec:e5:54:db:47:74:44:3d:b0:03:
         7f:7b:94:5c:ed:6e:d6:a4:5a:ef:b2:d7:3d:63:f0:c0:f8:5c:
         f0:74:2c:66:55:e2:16:2d:04:56:44:d1:8a:fc:9b:a7:79:59:
         f7:75:f3:ad:e1:08:fd:a5:61:1d:5e:37:c6:e1:2f:07:6f:14:
         d1:f5:a2:3c:72:d8:64:ef:ee:1c:ec:a2:e7:97:73:92:1c:d9:
         08:98:9c:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNRdgs0KT469Bx480P7XpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWMzNzJmN2E5YjgxNzFkY2JmYzExNjBjYWEyMmM4ZmRj
NjhiN2IwHhcNMjUwMjE3MDAwMDQ2WhcNMjUwMjE4MDAwMDQ2WjAzMTEwLwYDVQQD
EyhkY2FlODEwZWVkYTg1M2Y3MGZiNmExYmI2ZDk3ODhhMjRlNDZlNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydEY+w3gNA8uqyYSvH+qqY6QbTbE
qnF5DyriwwVgYMrVB71aTT4rLbhP4DeiO0axrFWYHNlb4gzVIeSAeozhctYvr6yw
JZW24R6OGwmhJKROmWYGPiTiRPGNLjJMnQM6ClPhccUayyBb438qNntCwdDo+nk9
Xa3DUOnmIvlY2e2tNh0chJaQ76vTiRSDRcyChRT89TMz5sj22peyw2ayCRtp3Tni
8jvzM53CKNUQ8OhthvBo2ymSKZNKnAY8K2g0hC2Xf2G8gGV3YL87cygG39cCceOR
NYmc+32Q6XGakPwbNOdjqPvzzmciFDaoD1SCjaq1Jp8VZg/K0fuNSMNd9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyugQ7tqFP3D7ahu22XiKJORuZDMB8GA1UdIwQY
MBaAFMysNy96m4Fx3L/BFgyqIsj9xot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekt3M0wzcWJnWEhjdjhFV0RLb2l5UDNHaTNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85ZmQzODQtYThjMC00MjdmLTk2MmQt
YzQ1MDJkYTg2OWJiLzEvekt3M0wzcWJnWEhjdjhFV0RLb2l5UDNHaTNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85ZmQzODQtYThjMC00MjdmLTk2MmQtYzQ1MDJkYTg2OWJi
LzEvekt3M0wzcWJnWEhjdjhFV0RLb2l5UDNHaTNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPED/Pjqh
JPppk3GswssaBfviZyMgLIIgi4hfJfLowg0cNfF9wnXVX4IDXMOaSN0I9bBBWwZl
LH+0PlYs3raYeh5e744qd8PAs7+XkvpC2QCVcYOm7GQNrmU08AU30ZvCQ9j2kOjN
uFM/8Ougo4Y0eRUL7rQexGBZEAOB6InJLpKB1Skv+HChL9E4pmvecyR3o4F9Y0x0
uumMrris11LJBT4tJpDxFsUP2qbs5VTbR3REPbADf3uUXO1u1qRa77LXPWPwwPhc
8HQsZlXiFi0EVkTRivybp3lZ93XzreEI/aVhHV43xuEvB28U0fWiPHLYZO/uHOyi
55dzkhzZCJic4Q==
-----END CERTIFICATE-----