Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          iGCL+ikKFl2Y5rXHa71fWK1ijQOEYRYOL3ewVzBBQ8I=
Subject key identifier:   FB:D9:90:C4:2D:4F:2B:F9:5B:5D:91:4C:D6:F0:28:5E:4F:05:25:D0
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       019655381286BA25EB9FCA4C33A0C021515A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          0F99
Signing time:             Sun 20 Apr 2025 22:01:00 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:00 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:00 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: uIPlHm/w26l74pGkp7Jx7QA1xTmiHCN+fG6eUr/ENQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:12:86:ba:25:eb:9f:ca:4c:33:a0:c0:21:51:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: Apr 20 22:01:00 2025 GMT
            Not After : Apr 21 22:01:00 2025 GMT
        Subject: CN=fbd990c42d4f2bf95b5d914cd6f0285e4f0525d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:76:a7:2b:7c:cb:a5:28:1d:01:2f:c2:09:14:
                    23:03:0c:4e:b3:c1:cc:f0:c3:90:2c:e7:84:d6:1c:
                    4d:a5:c5:54:9c:b3:97:26:e8:56:93:ba:b1:4b:c2:
                    ed:05:53:f1:24:53:8e:16:8c:9d:12:e7:c3:1a:35:
                    09:4b:c5:85:9a:ce:c3:23:65:03:23:e7:99:17:19:
                    d8:7e:a6:44:78:3f:82:34:79:5f:88:5e:a0:28:5f:
                    aa:c1:63:c3:fd:7c:c9:52:82:e0:cc:99:f7:9b:d4:
                    a4:46:2f:0d:91:35:83:92:7d:4d:b1:79:a3:f3:35:
                    02:b9:eb:d7:77:b1:27:10:a9:6b:c3:14:e6:cb:49:
                    b7:ad:88:9c:f4:9a:e5:58:1e:e9:1b:b7:2a:c0:71:
                    41:20:09:18:bd:e3:14:61:bc:2b:3a:00:28:83:09:
                    da:90:b9:2e:23:b2:00:a0:06:a3:ed:2d:1e:66:07:
                    d2:51:b2:7c:c5:28:ca:03:38:55:fa:0e:a9:fd:4f:
                    6a:a2:5e:2b:66:3d:78:84:f9:91:7f:dc:1c:27:49:
                    6f:b4:28:d2:8b:77:79:09:9d:82:c8:3f:73:71:89:
                    4e:13:2e:cf:89:70:a5:19:67:c1:13:cf:92:a8:e2:
                    1f:4c:41:96:25:71:37:8b:b3:f0:c2:d0:b6:36:c5:
                    8b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:D9:90:C4:2D:4F:2B:F9:5B:5D:91:4C:D6:F0:28:5E:4F:05:25:D0
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:69:07:6f:a6:cf:b7:84:b2:f0:48:b2:62:71:4d:eb:6a:d4:
         37:ab:fb:99:55:c0:70:d5:28:10:44:01:a6:b9:41:cc:a2:cc:
         4e:31:64:21:5f:d2:54:d1:aa:cb:16:19:63:29:5b:51:9d:19:
         b1:eb:04:b9:d1:06:bd:71:2d:5a:5d:69:28:c8:c6:e9:ae:d0:
         29:5f:9d:a4:70:51:35:7e:91:38:00:b2:fb:38:75:a4:9c:93:
         e2:fb:1b:2a:a2:49:c0:b8:2f:0a:8b:65:86:54:40:20:d2:67:
         89:a0:17:29:05:80:42:12:16:3b:09:47:37:1b:45:a2:df:5e:
         1b:62:f8:a2:d5:62:52:aa:99:a0:83:a2:4d:5b:a1:21:d8:48:
         f5:3b:fe:9b:66:c1:80:57:f6:dd:ef:af:0d:4f:42:d6:97:31:
         2d:09:82:95:88:00:58:85:61:44:fc:8e:86:02:a3:2c:41:93:
         48:f9:d5:38:80:e3:6c:e3:3a:89:28:ac:6a:9b:7c:b6:9b:b7:
         4e:2c:e7:89:2a:76:23:a5:8d:28:e3:90:dc:e0:1c:e6:2e:d3:
         f1:27:6d:c8:09:68:0d:c3:e4:e3:36:97:98:29:98:78:5c:ec:
         f2:0e:49:04:93:4e:70:00:67:1e:1a:7f:d0:68:9d:0b:e7:38:
         bb:b8:88:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOBKGuiXrn8pMM6DAIVFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjUwNDIwMjIwMTAwWhcNMjUwNDIxMjIwMTAwWjAzMTEwLwYDVQQD
EyhmYmQ5OTBjNDJkNGYyYmY5NWI1ZDkxNGNkNmYwMjg1ZTRmMDUyNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXanK3zLpSgdAS/CCRQjAwxOs8HM
8MOQLOeE1hxNpcVUnLOXJuhWk7qxS8LtBVPxJFOOFoydEufDGjUJS8WFms7DI2UD
I+eZFxnYfqZEeD+CNHlfiF6gKF+qwWPD/XzJUoLgzJn3m9SkRi8NkTWDkn1NsXmj
8zUCuevXd7EnEKlrwxTmy0m3rYic9JrlWB7pG7cqwHFBIAkYveMUYbwrOgAogwna
kLkuI7IAoAaj7S0eZgfSUbJ8xSjKAzhV+g6p/U9qol4rZj14hPmRf9wcJ0lvtCjS
i3d5CZ2CyD9zcYlOEy7PiXClGWfBE8+SqOIfTEGWJXE3i7PwwtC2NsWLaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvZkMQtTyv5W12RTNbwKF5PBSXQMB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArWkHb6bP
t4Sy8EiyYnFN62rUN6v7mVXAcNUoEEQBprlBzKLMTjFkIV/SVNGqyxYZYylbUZ0Z
sesEudEGvXEtWl1pKMjG6a7QKV+dpHBRNX6ROACy+zh1pJyT4vsbKqJJwLgvCotl
hlRAINJniaAXKQWAQhIWOwlHNxtFot9eG2L4otViUqqZoIOiTVuhIdhI9Tv+m2bB
gFf23e+vDU9C1pcxLQmClYgAWIVhRPyOhgKjLEGTSPnVOIDjbOM6iSisapt8tpu3
TizniSp2I6WNKOOQ3OAc5i7T8SdtyAloDcPk4zaXmCmYeFzs8g5JBJNOcABnHhp/
0GidC+c4u7iIPA==
-----END CERTIFICATE-----