Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          sdiczpJO7x4CTw4ZZjuXL6TiQhc6OxA9P/Li1ROyKu4=
Subject key identifier:   4C:A6:19:63:10:5A:60:7C:58:8D:DE:78:EA:A9:F7:03:9E:0A:7E:D8
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       019510C72C6CD9870C40300074F444D0389B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          0DF7
Signing time:             Sun 16 Feb 2025 22:00:43 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:43 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:43 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: upggBGhY039dHLj13wK2wU5ikI1ZvVVYsXcnut4cr5o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:2c:6c:d9:87:0c:40:30:00:74:f4:44:d0:38:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: Feb 16 22:00:43 2025 GMT
            Not After : Feb 17 22:00:43 2025 GMT
        Subject: CN=4ca61963105a607c588dde78eaa9f7039e0a7ed8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:a2:c6:5d:4c:0f:3b:4c:e8:78:f3:24:a5:35:
                    52:a6:12:ed:59:37:27:88:ca:b6:34:57:c5:ed:16:
                    c3:c7:19:0e:49:cf:2d:0d:1e:b9:48:19:22:39:67:
                    50:f2:20:aa:c8:50:85:4f:cb:98:1c:ff:61:1a:d6:
                    66:34:1c:8e:01:d4:5b:18:b7:de:64:c2:67:10:c7:
                    0a:70:0c:17:e7:aa:ad:dc:4e:be:b1:8b:64:ed:f7:
                    c3:ac:da:10:42:86:e1:9d:1d:21:3c:8f:be:ee:65:
                    49:52:3b:4d:ed:9b:71:b6:69:f7:56:8b:dc:50:aa:
                    a9:36:e1:38:44:b8:9b:a4:8a:d6:dd:73:ec:4e:96:
                    73:81:dc:a8:a6:79:5b:54:f7:b3:e1:0c:18:ed:00:
                    c4:43:58:01:db:74:43:20:11:e8:e3:01:e0:92:30:
                    c1:6d:d7:76:66:03:bd:67:4e:35:c6:3a:62:9c:51:
                    05:aa:d0:14:11:0f:71:2a:61:db:36:b7:e6:30:ac:
                    a0:17:2c:d8:e0:46:bb:f1:7c:e0:d4:4b:8b:03:e8:
                    15:ab:ba:a3:41:ca:14:dd:38:bf:64:5d:97:bb:77:
                    49:7e:57:d4:8e:c8:43:96:13:dc:5c:05:ab:fc:3d:
                    83:5e:c8:b1:10:29:aa:e3:29:21:81:c0:2a:7b:4a:
                    5d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A6:19:63:10:5A:60:7C:58:8D:DE:78:EA:A9:F7:03:9E:0A:7E:D8
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:bd:71:f1:98:d0:dd:3d:45:08:ca:0c:d0:76:19:c9:7e:3b:
         39:70:b8:8d:73:2d:d2:74:7f:e8:0d:1d:25:ee:66:79:f3:60:
         cf:ea:e9:28:b2:42:d6:d2:36:c3:95:92:7b:7c:53:1b:82:98:
         26:ca:d3:9c:b8:98:7b:81:25:5c:e2:07:ed:c9:67:87:d8:ba:
         e0:90:4e:8d:b5:fa:58:f6:63:16:98:e2:81:43:a7:e4:5a:95:
         02:01:08:9f:6b:0f:d7:16:ca:81:61:77:f9:b2:31:b2:36:fd:
         f1:3b:c7:54:3f:6c:69:d6:98:36:b2:c8:9f:a3:5e:26:67:c1:
         bf:29:6d:05:07:0d:cc:34:5d:5d:2f:b9:ff:2a:35:ee:3e:46:
         8c:9d:f0:11:8b:58:ce:a5:c6:f8:d6:0a:4e:25:db:0d:a3:34:
         cf:a7:ed:37:8b:ca:1b:5d:4c:98:8c:b5:65:f7:97:b6:d0:54:
         ca:94:0d:7d:2f:c7:9c:db:dc:ff:bb:c0:3b:ed:6d:76:46:08:
         0d:a8:67:15:83:0c:d0:e3:85:db:64:7d:9c:0b:4a:f7:8f:9a:
         ef:e3:50:e7:f3:14:e7:13:f2:a2:c2:6e:63:54:9e:4c:a7:0c:
         a4:c4:2e:9c:bb:86:a5:f1:02:5c:cb:76:6e:10:82:e7:ab:4f:
         41:1a:51:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxyxs2YcMQDAAdPRE0DibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjUwMjE2MjIwMDQzWhcNMjUwMjE3MjIwMDQzWjAzMTEwLwYDVQQD
Eyg0Y2E2MTk2MzEwNWE2MDdjNTg4ZGRlNzhlYWE5ZjcwMzllMGE3ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KLGXUwPO0zoePMkpTVSphLtWTcn
iMq2NFfF7RbDxxkOSc8tDR65SBkiOWdQ8iCqyFCFT8uYHP9hGtZmNByOAdRbGLfe
ZMJnEMcKcAwX56qt3E6+sYtk7ffDrNoQQobhnR0hPI++7mVJUjtN7Ztxtmn3Vovc
UKqpNuE4RLibpIrW3XPsTpZzgdyopnlbVPez4QwY7QDEQ1gB23RDIBHo4wHgkjDB
bdd2ZgO9Z041xjpinFEFqtAUEQ9xKmHbNrfmMKygFyzY4Ea78Xzg1EuLA+gVq7qj
QcoU3Ti/ZF2Xu3dJflfUjshDlhPcXAWr/D2DXsixECmq4ykhgcAqe0pdKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEymGWMQWmB8WI3eeOqp9wOeCn7YMB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIL1x8ZjQ
3T1FCMoM0HYZyX47OXC4jXMt0nR/6A0dJe5mefNgz+rpKLJC1tI2w5WSe3xTG4KY
JsrTnLiYe4ElXOIH7clnh9i64JBOjbX6WPZjFpjigUOn5FqVAgEIn2sP1xbKgWF3
+bIxsjb98TvHVD9sadaYNrLIn6NeJmfBvyltBQcNzDRdXS+5/yo17j5GjJ3wEYtY
zqXG+NYKTiXbDaM0z6ftN4vKG11MmIy1ZfeXttBUypQNfS/HnNvc/7vAO+1tdkYI
DahnFYMM0OOF22R9nAtK94+a7+NQ5/MU5xPyosJuY1SeTKcMpMQunLuGpfECXMt2
bhCC56tPQRpRCQ==
-----END CERTIFICATE-----