Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          OVR5Tbn6wwagUKr2mMJLlmg5jxTLgDnUWnvgfWONYdo=
Subject key identifier:   00:59:E9:83:3A:77:E3:45:15:2D:55:84:F4:A3:43:F3:A8:27:7E:49
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       019655A5E1C6115E1CF4D60715541F731B85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          14B7
Signing time:             Mon 21 Apr 2025 00:00:56 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:56 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:56 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: DH0cOcepdSwZsrWEqqcK5clYpRXB0215d8yu9s12S1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:e1:c6:11:5e:1c:f4:d6:07:15:54:1f:73:1b:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: Apr 21 00:00:56 2025 GMT
            Not After : Apr 22 00:00:56 2025 GMT
        Subject: CN=0059e9833a77e345152d5584f4a343f3a8277e49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:91:be:dd:68:19:d6:13:95:e3:cf:c4:d7:9e:
                    5e:56:58:25:69:63:ef:3a:72:b5:08:10:1c:28:be:
                    9e:cf:40:2b:fa:07:34:91:84:6a:0c:79:ef:63:f8:
                    35:e6:96:ca:c6:28:f7:60:50:eb:18:d2:a2:cd:3a:
                    56:1b:2b:28:a9:e1:16:32:03:b7:63:6d:3f:10:52:
                    74:90:c0:d5:1d:e6:86:b6:90:95:97:18:b3:88:1d:
                    54:c8:70:c9:a8:d9:df:4c:3d:7c:8d:f4:ab:bf:9a:
                    4a:5f:2d:64:72:26:10:e3:31:32:e4:f2:cf:29:dc:
                    19:0c:e7:b7:0d:9a:01:06:05:c8:72:8e:9d:80:5c:
                    51:ab:38:0d:4f:25:72:a6:00:88:38:4d:2f:c2:b5:
                    99:b8:f6:30:b5:52:2f:eb:e0:9f:8a:a3:61:14:96:
                    84:89:d3:52:c0:e8:73:f9:76:d6:75:f7:66:1c:09:
                    bc:5b:68:c8:b9:76:34:1a:36:b4:85:e7:13:28:54:
                    ed:44:35:04:52:d0:f8:c2:5f:23:c9:59:09:00:f9:
                    b2:44:c0:95:37:ee:c6:0f:0c:ea:fd:eb:00:1d:19:
                    d9:dc:79:c4:c6:83:cf:36:f7:ff:15:26:8e:38:d7:
                    15:f2:87:aa:44:cf:49:ed:2c:86:ae:16:5d:7e:f7:
                    b2:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:59:E9:83:3A:77:E3:45:15:2D:55:84:F4:A3:43:F3:A8:27:7E:49
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:92:9d:15:39:25:78:b1:65:05:09:63:b9:af:e3:1e:2c:5b:
         7c:d2:48:c6:37:c0:93:ce:6c:78:17:45:80:62:d0:fd:66:7f:
         0b:0a:e9:5f:39:8f:24:82:3d:7e:47:3e:62:ac:cf:67:b8:18:
         f1:f1:73:bc:8f:8e:86:c6:b3:fd:56:8b:5b:5e:64:7b:f3:ad:
         2c:c8:04:03:39:db:9f:cc:a3:02:b0:84:b6:f0:65:ba:f2:e6:
         07:66:ad:16:43:9f:b1:02:cf:cb:1a:96:0f:bf:1c:c1:77:be:
         43:83:6e:e4:11:c9:b3:ff:cf:40:72:d4:b8:0e:a5:b5:a5:2d:
         6c:fb:cf:95:84:47:ec:50:3e:9a:c8:1a:6d:95:96:0d:a5:ed:
         91:89:31:6b:a8:f1:37:a9:d8:40:b6:df:a2:ed:6e:97:68:dc:
         83:57:fb:54:b1:41:44:be:bf:19:c7:5a:31:b5:f1:0d:6d:70:
         8c:46:fd:a4:93:4f:3d:e9:a5:75:cd:cd:59:7e:bc:34:c2:fd:
         f4:29:4e:e6:42:f5:2c:dc:cc:fb:1b:ee:75:3e:df:a9:2f:28:
         98:c3:89:47:87:e0:b8:82:54:69:8f:2d:14:f9:e9:76:65:c5:
         cd:f0:67:51:b3:6b:9e:85:1c:10:bd:b2:4a:b1:ae:2b:72:41:
         c9:d0:33:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpeHGEV4c9NYHFVQfcxuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjUwNDIxMDAwMDU2WhcNMjUwNDIyMDAwMDU2WjAzMTEwLwYDVQQD
EygwMDU5ZTk4MzNhNzdlMzQ1MTUyZDU1ODRmNGEzNDNmM2E4Mjc3ZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpG+3WgZ1hOV48/E155eVlglaWPv
OnK1CBAcKL6ez0Ar+gc0kYRqDHnvY/g15pbKxij3YFDrGNKizTpWGysoqeEWMgO3
Y20/EFJ0kMDVHeaGtpCVlxiziB1UyHDJqNnfTD18jfSrv5pKXy1kciYQ4zEy5PLP
KdwZDOe3DZoBBgXIco6dgFxRqzgNTyVypgCIOE0vwrWZuPYwtVIv6+CfiqNhFJaE
idNSwOhz+XbWdfdmHAm8W2jIuXY0Gja0hecTKFTtRDUEUtD4wl8jyVkJAPmyRMCV
N+7GDwzq/esAHRnZ3HnExoPPNvf/FSaOONcV8oeqRM9J7SyGrhZdfveyUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABZ6YM6d+NFFS1VhPSjQ/OoJ35JMB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD5KdFTkl
eLFlBQljua/jHixbfNJIxjfAk85seBdFgGLQ/WZ/CwrpXzmPJII9fkc+YqzPZ7gY
8fFzvI+Ohsaz/VaLW15ke/OtLMgEAznbn8yjArCEtvBluvLmB2atFkOfsQLPyxqW
D78cwXe+Q4Nu5BHJs//PQHLUuA6ltaUtbPvPlYRH7FA+msgabZWWDaXtkYkxa6jx
N6nYQLbfou1ul2jcg1f7VLFBRL6/GcdaMbXxDW1wjEb9pJNPPemldc3NWX68NML9
9ClO5kL1LNzM+xvudT7fqS8omMOJR4fguIJUaY8tFPnpdmXFzfBnUbNrnoUcEL2y
SrGuK3JBydAzow==
-----END CERTIFICATE-----