Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
File:                     ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft (raw, json)
Hash identifier:          zjjyGzzZLUDHUSV0A/cN5fkocbx+Nv+CfJFhmb2fCoo=
Subject key identifier:   98:0B:4E:44:1A:B0:25:C0:0B:A6:A3:F2:3D:87:D2:44:2A:04:2C:57
Authority key identifier: 44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61
Certificate issuer:       /CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
Certificate serial:       0194C3F551EC0F13992604C23EF971FE98E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
Manifest number:          142C
Signing time:             Sun 02 Feb 2025 00:00:21 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:21 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:21 +0000
Files and hashes:         1: ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl (hash: vANcF0KnLLU0LZ3tA6ESQzJOY8Sx1yVsqxVvCJvYKyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:51:ec:0f:13:99:26:04:c2:3e:f9:71:fe:98:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
        Validity
            Not Before: Feb  2 00:00:21 2025 GMT
            Not After : Feb  3 00:00:21 2025 GMT
        Subject: CN=980b4e441ab025c00ba6a3f23d87d2442a042c57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:02:25:a7:d9:03:2b:8f:be:80:11:50:5c:6e:
                    8b:7d:5c:66:91:53:23:f0:6c:dd:2f:7a:f7:b7:52:
                    0c:d9:b4:9c:34:ca:aa:8b:c4:8a:6a:f6:8b:66:28:
                    81:a6:fd:bc:06:e6:4b:ef:96:62:e4:7f:6e:9b:c2:
                    97:72:d3:6b:58:5f:bf:d7:26:31:52:c6:45:e7:f0:
                    ad:16:74:f8:69:b2:75:03:a0:fb:91:7d:c2:29:a2:
                    4a:95:dc:9e:6b:95:90:ce:fc:67:82:eb:4f:19:05:
                    53:fb:7a:2e:89:ba:27:2b:d2:2f:f8:77:fc:41:a1:
                    06:76:24:d8:0c:13:71:57:92:32:46:1a:7c:3a:2a:
                    98:52:62:c8:9f:ba:bf:4d:c0:e7:86:cf:65:28:43:
                    f1:d9:2d:33:8c:5d:a8:cc:4d:4e:ba:e4:a4:14:31:
                    54:96:5b:e2:4c:dc:dc:a3:54:aa:6a:72:4d:d8:c0:
                    4f:5a:6a:8f:aa:f2:25:d8:12:b1:b1:cb:88:93:6a:
                    19:fe:18:65:f2:b5:ea:53:a1:e1:28:0b:83:2d:30:
                    09:31:af:75:7f:31:5c:e1:c8:2d:c1:79:ff:41:c3:
                    14:a6:13:37:46:d2:da:dc:97:97:a4:6d:a6:4c:a3:
                    d0:cb:e0:60:53:4c:37:f3:68:d1:a8:02:10:28:d2:
                    02:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:0B:4E:44:1A:B0:25:C0:0B:A6:A3:F2:3D:87:D2:44:2A:04:2C:57
            X509v3 Authority Key Identifier:
                keyid:44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:5e:55:bd:81:f8:05:2e:bd:80:38:5f:20:77:9d:4e:79:27:
         eb:eb:03:13:cd:d4:39:30:a2:77:11:7d:09:38:f5:55:db:e6:
         7d:43:31:01:47:09:18:fd:e8:8a:3d:09:8b:1a:5e:94:aa:fb:
         b4:8d:72:8a:62:18:e9:78:6c:c3:12:aa:e0:38:26:65:c4:92:
         d4:a9:19:8f:b7:a1:f2:e4:63:c0:f1:b0:af:ba:3c:2d:a0:bd:
         d6:e3:a9:bc:b1:1d:fe:ef:6b:bc:b5:6d:83:96:71:dd:ad:da:
         63:8e:ce:45:ed:6b:7e:50:20:49:8e:31:ec:f7:80:a8:e5:c3:
         73:09:4d:82:48:19:68:9d:df:6a:0a:b1:f3:f2:1a:85:1a:66:
         8c:b6:a4:84:67:ed:91:ac:68:b4:34:3c:a2:de:de:27:cb:3f:
         b5:b1:18:85:7e:f7:c5:4f:8e:d8:7f:34:16:a7:98:6b:ab:2e:
         94:15:d0:cf:6c:d4:6c:31:cc:35:48:39:46:ad:ac:3d:c3:aa:
         79:c9:bd:5b:7a:69:a4:f1:15:7f:31:d5:2f:80:6b:1d:34:25:
         e6:72:48:79:57:21:0f:56:d4:57:a1:dd:b4:a1:36:4a:80:2b:
         93:59:f2:d7:1a:4f:81:93:d0:de:89:f2:18:54:54:3a:ea:a1:
         f3:d3:cc:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9VHsDxOZJgTCPvlx/pjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlZGU3ZTBmZmJkMzA4YWNiOTExMjEzNjhkZjhkNmNi
MmU5NjEwHhcNMjUwMjAyMDAwMDIxWhcNMjUwMjAzMDAwMDIxWjAzMTEwLwYDVQQD
Eyg5ODBiNGU0NDFhYjAyNWMwMGJhNmEzZjIzZDg3ZDI0NDJhMDQyYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gIlp9kDK4++gBFQXG6LfVxmkVMj
8GzdL3r3t1IM2bScNMqqi8SKavaLZiiBpv28BuZL75Zi5H9um8KXctNrWF+/1yYx
UsZF5/CtFnT4abJ1A6D7kX3CKaJKldyea5WQzvxngutPGQVT+3ouibonK9Iv+Hf8
QaEGdiTYDBNxV5IyRhp8OiqYUmLIn7q/TcDnhs9lKEPx2S0zjF2ozE1OuuSkFDFU
llviTNzco1SqanJN2MBPWmqPqvIl2BKxscuIk2oZ/hhl8rXqU6HhKAuDLTAJMa91
fzFc4cgtwXn/QcMUphM3RtLa3JeXpG2mTKPQy+BgU0w382jRqAIQKNICiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgLTkQasCXAC6aj8j2H0kQqBCxXMB8GA1UdIwQY
MBaAFETs7efg/70wisuREhNo341ssulhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUt
ODA5MzBiMjg0YTY5LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUtODA5MzBiMjg0YTY5
LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0V5VvYH4
BS69gDhfIHedTnkn6+sDE83UOTCidxF9CTj1VdvmfUMxAUcJGP3oij0JixpelKr7
tI1yimIY6XhswxKq4DgmZcSS1KkZj7eh8uRjwPGwr7o8LaC91uOpvLEd/u9rvLVt
g5Zx3a3aY47ORe1rflAgSY4x7PeAqOXDcwlNgkgZaJ3fagqx8/IahRpmjLakhGft
kaxotDQ8ot7eJ8s/tbEYhX73xU+O2H80FqeYa6sulBXQz2zUbDHMNUg5Rq2sPcOq
ecm9W3pppPEVfzHVL4BrHTQl5nJIeVchD1bUV6HdtKE2SoArk1ny1xpPgZPQ3ony
GFRUOuqh89PMWA==
-----END CERTIFICATE-----