Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          qXCT2QhZzuqc7y9rC5hy67HSllR3t8Tw5g5o/f+02hM=
Subject key identifier:   BD:92:62:E4:AD:D1:30:AE:80:3B:3A:F2:08:02:E7:61:8D:92:16:BD
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       019510C7D70D44AD9E8F9805C2CF5C77C7F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          0EF1
Signing time:             Sun 16 Feb 2025 22:01:26 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:26 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:26 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: 30kEV828AjgesOpHkTvc5PoBsK9rhRiY9SVHJNabVAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:d7:0d:44:ad:9e:8f:98:05:c2:cf:5c:77:c7:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: Feb 16 22:01:26 2025 GMT
            Not After : Feb 17 22:01:26 2025 GMT
        Subject: CN=bd9262e4add130ae803b3af20802e7618d9216bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e1:d6:90:64:43:6f:60:b9:0c:79:da:21:25:
                    17:af:9b:eb:27:44:79:6e:8e:41:00:3b:94:65:08:
                    bb:10:9e:2a:a7:67:1a:54:81:25:16:ae:a3:9c:10:
                    72:0b:eb:63:da:8d:a2:70:4b:dd:9d:58:37:b0:48:
                    5c:48:47:d8:90:64:8f:e2:6c:c9:30:5a:ae:61:ec:
                    c8:a3:86:be:0d:8b:c4:c9:1f:32:64:a4:89:75:c2:
                    e5:8d:e0:e7:bd:04:fd:67:50:92:86:70:e6:d0:17:
                    d0:32:d8:f5:fe:ba:6e:6d:c6:8e:49:ae:f4:9a:a3:
                    20:cb:93:12:16:51:92:c6:c3:7b:bf:f1:c3:f8:02:
                    20:97:7e:79:1b:f9:bf:63:ea:6a:57:98:1f:4e:9b:
                    12:14:26:a1:6b:b6:0f:a2:03:8d:9d:ea:8e:f0:0e:
                    5f:56:79:b0:22:13:aa:da:63:d8:26:7d:d5:48:2a:
                    3d:a9:80:dd:1f:9c:31:47:1d:92:0c:74:e3:c6:7a:
                    6d:6e:d2:bc:ec:05:dd:45:a6:59:dd:5f:33:08:74:
                    48:31:22:7c:0c:6d:c0:a3:aa:f9:7e:79:ed:5d:3c:
                    6a:04:93:e3:92:3e:48:24:ae:70:f0:05:a0:98:e0:
                    4f:39:24:9e:6b:fa:1d:49:db:e0:de:c5:fa:c2:8a:
                    8d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:92:62:E4:AD:D1:30:AE:80:3B:3A:F2:08:02:E7:61:8D:92:16:BD
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:c8:de:8a:35:00:f7:63:44:b7:09:e3:ea:ff:5d:5b:d8:c3:
         50:72:cf:3b:85:76:34:8f:4d:69:94:c8:70:a8:2f:c4:92:c3:
         45:05:fe:0f:e2:c0:16:3b:54:fc:32:e2:02:c1:89:21:69:6e:
         38:98:e8:a2:80:65:ff:56:b9:0b:7a:55:b4:8d:fe:f6:02:df:
         f9:1f:9e:9b:a1:8e:05:57:60:9e:ce:6b:76:98:81:99:2b:23:
         1f:92:1c:86:38:e3:56:8e:a3:aa:94:f0:43:57:6a:d2:bd:53:
         d4:ac:56:3e:db:91:15:47:f9:a2:2b:52:07:d3:89:0a:2a:88:
         c9:24:96:bc:39:7f:ba:51:1c:a1:37:f4:f6:2e:87:2f:32:4d:
         ab:52:5f:8c:e0:65:43:29:2d:fe:90:36:7c:33:9e:95:a7:e8:
         d4:a1:19:17:4b:94:e5:59:ce:b5:28:dc:57:d6:ad:53:98:c5:
         c9:0f:7c:64:9a:9e:af:0f:e2:e7:a9:9b:aa:fb:11:87:26:c2:
         4d:ec:43:78:4c:50:40:08:2f:04:60:c0:4c:9b:4a:97:5d:c2:
         1c:a3:5a:89:70:a5:9f:8c:8d:f8:96:c8:ba:83:f2:c8:29:62:
         95:2a:f0:9f:9f:35:97:20:99:71:e8:9b:83:69:58:0d:7f:4d:
         f9:04:ea:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx9cNRK2ej5gFws9cd8f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjUwMjE2MjIwMTI2WhcNMjUwMjE3MjIwMTI2WjAzMTEwLwYDVQQD
EyhiZDkyNjJlNGFkZDEzMGFlODAzYjNhZjIwODAyZTc2MThkOTIxNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+HWkGRDb2C5DHnaISUXr5vrJ0R5
bo5BADuUZQi7EJ4qp2caVIElFq6jnBByC+tj2o2icEvdnVg3sEhcSEfYkGSP4mzJ
MFquYezIo4a+DYvEyR8yZKSJdcLljeDnvQT9Z1CShnDm0BfQMtj1/rpubcaOSa70
mqMgy5MSFlGSxsN7v/HD+AIgl355G/m/Y+pqV5gfTpsSFCaha7YPogONneqO8A5f
VnmwIhOq2mPYJn3VSCo9qYDdH5wxRx2SDHTjxnptbtK87AXdRaZZ3V8zCHRIMSJ8
DG3Ao6r5fnntXTxqBJPjkj5IJK5w8AWgmOBPOSSea/odSdvg3sX6woqN7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2SYuSt0TCugDs68ggC52GNkha9MB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqsjeijUA
92NEtwnj6v9dW9jDUHLPO4V2NI9NaZTIcKgvxJLDRQX+D+LAFjtU/DLiAsGJIWlu
OJjoooBl/1a5C3pVtI3+9gLf+R+em6GOBVdgns5rdpiBmSsjH5IchjjjVo6jqpTw
Q1dq0r1T1KxWPtuRFUf5oitSB9OJCiqIySSWvDl/ulEcoTf09i6HLzJNq1JfjOBl
Qykt/pA2fDOelafo1KEZF0uU5VnOtSjcV9atU5jFyQ98ZJqerw/i56mbqvsRhybC
TexDeExQQAgvBGDATJtKl13CHKNaiXCln4yN+JbIuoPyyClilSrwn581lyCZceib
g2lYDX9N+QTqYw==
-----END CERTIFICATE-----