Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft
File:                     Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft (raw, json)
Hash identifier:          j5kVAQJnmr01SIMklsl2cPCITJ/8o9kWogneTj9ab+E=
Subject key identifier:   FB:C7:8C:8E:C9:F3:87:F1:15:33:75:46:1D:19:EE:40:81:00:C2:BA
Authority key identifier: 67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
Certificate issuer:       /CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Certificate serial:       0194C388735462F4798145CF34E6E09B5448
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft
Manifest number:          0527
Signing time:             Sat 01 Feb 2025 22:01:27 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:27 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:27 +0000
Files and hashes:         1: Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl (hash: 8rMedefYq09WFdk2dApAsZaDqddn6KTn53z7IaMz/yY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:73:54:62:f4:79:81:45:cf:34:e6:e0:9b:54:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
        Validity
            Not Before: Feb  1 22:01:27 2025 GMT
            Not After : Feb  2 22:01:27 2025 GMT
        Subject: CN=fbc78c8ec9f387f1153375461d19ee408100c2ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c3:b0:e4:d8:cd:62:7a:f3:bf:3c:59:1e:4e:
                    8a:cc:cc:17:3b:9b:02:89:22:a3:94:6c:95:81:b2:
                    76:a0:97:ab:ed:d9:b9:2e:64:83:2c:d8:ef:0e:f3:
                    a9:8e:e9:c4:44:fd:ae:a6:ba:a7:f7:df:73:1b:80:
                    b7:4c:ab:38:1c:d2:dd:5f:b1:e9:bc:7b:3a:ba:c2:
                    2c:b1:73:49:ff:b9:10:9b:d3:ac:bb:bf:fb:9d:67:
                    8c:3f:c4:f3:3a:83:ab:68:a8:32:db:b2:2a:22:4a:
                    10:6d:54:17:99:78:41:76:25:3c:17:cd:b1:f2:c1:
                    db:5b:20:60:12:29:39:8f:d2:7a:63:1d:90:7d:c7:
                    78:1f:2a:1c:e5:02:40:da:d8:4a:3a:4d:20:7d:8c:
                    9c:70:4b:41:48:50:c4:8b:f8:e3:32:39:9e:b5:6b:
                    f5:83:1e:5f:14:bc:ce:e5:c9:d8:f0:87:2f:68:08:
                    40:e9:19:23:88:9c:e8:1b:e8:2f:1f:e2:34:e9:bb:
                    fd:f6:40:30:42:43:25:53:c6:ac:91:67:e2:f7:09:
                    ec:d2:ad:ae:fe:de:e7:5d:a2:3f:2d:d3:32:c4:20:
                    3d:24:99:ed:14:97:3e:1c:00:85:16:25:ab:d4:9f:
                    69:58:3b:21:ac:38:2b:4d:02:b3:83:7d:a4:06:a1:
                    0c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:C7:8C:8E:C9:F3:87:F1:15:33:75:46:1D:19:EE:40:81:00:C2:BA
            X509v3 Authority Key Identifier:
                keyid:67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:02:99:59:e9:ea:74:97:c6:fe:6e:b9:40:0f:37:2d:53:a5:
         d3:f6:fc:ad:70:ec:60:67:28:75:85:a9:4a:9a:45:62:c1:73:
         6e:90:57:f0:68:f9:ad:f4:98:6f:e2:3d:b2:cb:24:f4:f8:e2:
         44:9d:42:75:cc:68:f0:7f:8e:61:ab:62:13:2a:37:f2:21:56:
         4a:9f:c2:7a:35:f0:10:02:b4:c5:89:90:82:53:df:20:22:58:
         68:bb:56:3f:be:ce:d1:70:9d:09:ae:54:8d:84:57:d4:7e:54:
         94:92:8d:2d:de:5c:a7:20:a8:9f:74:a2:ce:f4:99:29:f0:b8:
         d5:3b:45:1a:00:73:1b:c4:f3:63:5b:c3:73:c0:3f:b9:cd:73:
         94:93:95:b2:d8:c0:0c:d1:d4:33:21:9d:4d:fe:dd:9a:42:0a:
         9e:2a:78:e4:17:74:e2:0b:df:cb:51:ce:b8:e9:b4:d8:b6:69:
         48:9b:7e:b3:8f:1c:8f:2e:ce:e7:e0:7c:b9:89:06:ef:15:e2:
         87:3e:50:1f:28:79:3e:23:2a:bc:ae:14:5a:40:83:82:5a:d5:
         a0:7b:3d:0a:7e:bb:66:aa:ca:5d:8a:fd:5c:82:c0:c5:f8:17:
         d5:88:93:a5:eb:bc:4e:7d:30:b7:32:b1:45:39:80:46:c6:ab:
         07:12:49:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiHNUYvR5gUXPNObgm1RIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YWJhOWFmYTM3ZDliY2U0MDdmZTIzYzc5MTk4OTJkOWQ5
YzA5MzkwHhcNMjUwMjAxMjIwMTI3WhcNMjUwMjAyMjIwMTI3WjAzMTEwLwYDVQQD
EyhmYmM3OGM4ZWM5ZjM4N2YxMTUzMzc1NDYxZDE5ZWU0MDgxMDBjMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycOw5NjNYnrzvzxZHk6KzMwXO5sC
iSKjlGyVgbJ2oJer7dm5LmSDLNjvDvOpjunERP2uprqn999zG4C3TKs4HNLdX7Hp
vHs6usIssXNJ/7kQm9Osu7/7nWeMP8TzOoOraKgy27IqIkoQbVQXmXhBdiU8F82x
8sHbWyBgEik5j9J6Yx2Qfcd4Hyoc5QJA2thKOk0gfYyccEtBSFDEi/jjMjmetWv1
gx5fFLzO5cnY8IcvaAhA6RkjiJzoG+gvH+I06bv99kAwQkMlU8askWfi9wns0q2u
/t7nXaI/LdMyxCA9JJntFJc+HACFFiWr1J9pWDshrDgrTQKzg32kBqEMswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvHjI7J84fxFTN1Rh0Z7kCBAMK6MB8GA1UdIwQY
MBaAFGerqa+jfZvOQH/iPHkZiS2dnAk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAt
YjAxZDhmMjk1YzE5LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAtYjAxZDhmMjk1YzE5
LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbwKZWenq
dJfG/m65QA83LVOl0/b8rXDsYGcodYWpSppFYsFzbpBX8Gj5rfSYb+I9sssk9Pji
RJ1Cdcxo8H+OYatiEyo38iFWSp/CejXwEAK0xYmQglPfICJYaLtWP77O0XCdCa5U
jYRX1H5UlJKNLd5cpyCon3SizvSZKfC41TtFGgBzG8TzY1vDc8A/uc1zlJOVstjA
DNHUMyGdTf7dmkIKnip45Bd04gvfy1HOuOm02LZpSJt+s48cjy7O5+B8uYkG7xXi
hz5QHyh5PiMqvK4UWkCDglrVoHs9Cn67ZqrKXYr9XILAxfgX1YiTpeu8Tn0wtzKx
RTmARsarBxJJ6A==
-----END CERTIFICATE-----