Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft
File:                     7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft (raw, json)
Hash identifier:          j1r4xfiJCvVa/6EUxtjDxxqZuOoWY1yU6mey3EEMd6I=
Subject key identifier:   36:E2:C0:A4:6E:6F:7E:63:4E:25:4D:EE:37:25:0B:9E:95:D0:BE:B9
Authority key identifier: EF:0F:20:53:3D:CC:79:95:A2:8C:F6:77:67:A0:41:69:86:67:C4:CD
Certificate issuer:       /CN=ef0f20533dcc7995a28cf67767a041698667c4cd
Certificate serial:       019510C7E6DFC3CAE2F42DED9699F56449D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft
Manifest number:          099D
Signing time:             Sun 16 Feb 2025 22:01:31 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:31 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:31 +0000
Files and hashes:         1: 7w8gUz3MeZWijPZ3Z6BBaYZnxM0.crl (hash: XwgjkiqDRK4maYKQOu322G+WwZox2aa8yc3GB4aCr2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:e6:df:c3:ca:e2:f4:2d:ed:96:99:f5:64:49:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef0f20533dcc7995a28cf67767a041698667c4cd
        Validity
            Not Before: Feb 16 22:01:31 2025 GMT
            Not After : Feb 17 22:01:31 2025 GMT
        Subject: CN=36e2c0a46e6f7e634e254dee37250b9e95d0beb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:64:49:9a:3e:72:64:9a:0b:33:11:51:ab:73:
                    70:9d:0a:73:05:ae:34:73:27:c5:c7:c2:06:ac:73:
                    20:65:01:ab:8e:47:16:6c:11:8b:58:f3:2b:41:71:
                    3d:11:e9:ac:f9:7d:37:83:c0:af:ca:ac:9e:50:de:
                    b4:7d:b4:12:4d:69:d2:ee:c2:27:0b:3d:e6:14:99:
                    4c:f3:fb:d2:21:ae:1b:9d:50:a5:65:aa:84:a2:53:
                    db:b1:d8:5f:a0:30:bf:a3:2d:8b:65:85:c8:03:c6:
                    76:77:89:6b:a0:b9:18:48:ee:c0:87:fd:8f:e2:74:
                    88:0c:98:89:57:1c:ba:bb:67:ea:5b:88:49:b5:8a:
                    86:57:0b:c0:64:17:12:24:ee:37:2d:9e:7f:fe:06:
                    90:b4:17:ca:40:b8:09:4d:47:da:38:79:8a:20:c0:
                    8f:ad:ec:ed:0f:c5:01:a8:a7:e8:d4:3a:78:54:e5:
                    0e:c8:2f:54:62:c2:0c:82:04:a8:80:6c:89:af:85:
                    1c:5d:83:e3:76:18:e5:0c:0f:61:7c:cb:34:05:ca:
                    61:7a:61:81:fc:17:4b:92:77:bb:96:8e:e7:ed:f3:
                    36:1b:c5:a1:bf:a1:59:58:42:d3:ec:23:0c:51:26:
                    21:a7:a5:f7:2d:25:48:f4:a0:0f:d8:8c:8e:f0:22:
                    a9:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E2:C0:A4:6E:6F:7E:63:4E:25:4D:EE:37:25:0B:9E:95:D0:BE:B9
            X509v3 Authority Key Identifier:
                keyid:EF:0F:20:53:3D:CC:79:95:A2:8C:F6:77:67:A0:41:69:86:67:C4:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:9e:02:55:14:bb:8e:3c:13:91:46:47:e0:4d:ef:fa:6c:3e:
         29:ad:84:e8:b1:b4:d0:54:d2:ec:6b:7d:14:6e:81:98:16:b6:
         95:e5:20:32:17:80:f8:d7:ba:e5:4e:90:64:35:fa:f9:30:c6:
         5f:5c:00:6a:62:94:4b:e0:bb:35:43:a8:a7:73:86:d9:3b:8e:
         18:90:7f:07:b0:b7:e2:bd:ab:74:3d:55:fb:39:12:bf:51:50:
         fe:98:24:7d:12:27:03:67:6a:f1:76:e5:12:d2:64:04:b1:9c:
         bd:f5:8f:91:68:52:5b:f4:e2:d9:8b:e7:c6:81:55:19:9d:ce:
         31:77:3b:5c:a1:ff:cd:eb:66:3a:83:43:7e:74:e0:e8:18:32:
         59:ca:bc:7e:45:f3:a5:5e:63:4d:d7:4e:d2:b4:dc:d6:0b:f5:
         3a:67:50:24:57:76:03:81:4f:b5:09:4a:36:18:ea:27:a9:49:
         76:a5:7b:14:e0:bf:dd:f4:aa:a7:cd:92:83:58:ec:c5:66:8a:
         c7:a3:45:4c:c2:4a:c8:ba:b5:bc:2d:35:68:31:75:5f:b2:b5:
         10:7c:de:a2:d1:97:31:e9:35:2e:b2:b9:17:dd:f3:90:59:0b:
         5a:5b:0e:3c:bd:91:5d:e7:2f:35:4a:ac:c2:cd:e7:b2:7a:70:
         86:6a:55:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx+bfw8ri9C3tlpn1ZEnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGYyMDUzM2RjYzc5OTVhMjhjZjY3NzY3YTA0MTY5ODY2
N2M0Y2QwHhcNMjUwMjE2MjIwMTMxWhcNMjUwMjE3MjIwMTMxWjAzMTEwLwYDVQQD
EygzNmUyYzBhNDZlNmY3ZTYzNGUyNTRkZWUzNzI1MGI5ZTk1ZDBiZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mRJmj5yZJoLMxFRq3NwnQpzBa40
cyfFx8IGrHMgZQGrjkcWbBGLWPMrQXE9Eems+X03g8CvyqyeUN60fbQSTWnS7sIn
Cz3mFJlM8/vSIa4bnVClZaqEolPbsdhfoDC/oy2LZYXIA8Z2d4lroLkYSO7Ah/2P
4nSIDJiJVxy6u2fqW4hJtYqGVwvAZBcSJO43LZ5//gaQtBfKQLgJTUfaOHmKIMCP
reztD8UBqKfo1Dp4VOUOyC9UYsIMggSogGyJr4UcXYPjdhjlDA9hfMs0BcphemGB
/BdLkne7lo7n7fM2G8Whv6FZWELT7CMMUSYhp6X3LSVI9KAP2IyO8CKpowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbiwKRub35jTiVN7jclC56V0L65MB8GA1UdIwQY
MBaAFO8PIFM9zHmVooz2d2egQWmGZ8TNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c4Z1V6M01lWldpalBaM1o2QkJhWVpueE0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9hZDg4M2QtZDI0My00YjFlLWEzMmEt
ZDE0OTQ2ZTRmNWNkLzEvN3c4Z1V6M01lWldpalBaM1o2QkJhWVpueE0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9hZDg4M2QtZDI0My00YjFlLWEzMmEtZDE0OTQ2ZTRmNWNk
LzEvN3c4Z1V6M01lWldpalBaM1o2QkJhWVpueE0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqp4CVRS7
jjwTkUZH4E3v+mw+Ka2E6LG00FTS7Gt9FG6BmBa2leUgMheA+Ne65U6QZDX6+TDG
X1wAamKUS+C7NUOop3OG2TuOGJB/B7C34r2rdD1V+zkSv1FQ/pgkfRInA2dq8Xbl
EtJkBLGcvfWPkWhSW/Ti2YvnxoFVGZ3OMXc7XKH/zetmOoNDfnTg6BgyWcq8fkXz
pV5jTddO0rTc1gv1OmdQJFd2A4FPtQlKNhjqJ6lJdqV7FOC/3fSqp82Sg1jsxWaK
x6NFTMJKyLq1vC01aDF1X7K1EHzeotGXMek1LrK5F93zkFkLWlsOPL2RXecvNUqs
ws3nsnpwhmpV+g==
-----END CERTIFICATE-----