Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
File:                     ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json)
Hash identifier:          nlCWHXDhJ3WhhLA9/phHLc4F+V3VU/pRJRWX/92lf24=
Subject key identifier:   BA:E5:A0:41:69:41:B3:D0:D6:64:92:08:91:A9:87:C3:FB:78:3B:0A
Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3
Certificate issuer:       /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
Certificate serial:       01962DF3A06579572B0640BDDE9BE2186267
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
Manifest number:          0D96
Signing time:             Sun 13 Apr 2025 07:01:03 +0000
Manifest this update:     Sun 13 Apr 2025 07:01:03 +0000
Manifest next update:     Mon 14 Apr 2025 07:01:03 +0000
Files and hashes:         1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: NZ1ZA0GeMeRB6H8c6Rtjc94YJEA0vMvM8ad4haR1ci4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 14 Apr 2025 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2d:f3:a0:65:79:57:2b:06:40:bd:de:9b:e2:18:62:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
        Validity
            Not Before: Apr 13 07:01:03 2025 GMT
            Not After : Apr 14 07:01:03 2025 GMT
        Subject: CN=bae5a0416941b3d0d664920891a987c3fb783b0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:16:0f:0a:dc:ee:68:55:ea:01:95:b4:62:d9:
                    e0:92:0d:12:60:37:48:1b:11:6f:d4:0f:16:90:8d:
                    e3:cd:0c:bc:1b:57:2f:59:f1:c5:62:fd:f9:dc:94:
                    1f:db:69:02:ac:84:ef:71:9f:47:a8:4e:e6:df:07:
                    e1:a5:ca:0c:05:99:d1:2b:c9:18:65:db:fa:25:aa:
                    05:f9:a5:13:09:d7:62:7f:4f:11:da:64:be:26:bb:
                    ab:e1:0e:64:d3:22:0d:26:9b:43:82:2d:18:20:9d:
                    a8:7f:68:c1:2f:3d:83:c2:9a:d9:f1:e3:32:07:a1:
                    f6:17:94:f1:dc:78:0b:e0:53:ac:33:07:e3:3e:2e:
                    c3:f9:c5:f0:c5:17:84:49:53:8c:42:c3:bc:71:c6:
                    e9:9a:54:7a:24:32:f5:20:9f:55:4e:1e:63:1a:04:
                    f6:d7:c1:e2:ce:56:d6:27:ac:18:31:c3:38:b9:73:
                    cb:71:d0:59:07:62:dd:2a:9d:a4:d7:01:0f:db:d9:
                    fd:bd:95:a9:07:fc:8a:77:a5:35:07:31:43:d0:ce:
                    f4:c5:01:c3:ed:98:36:19:72:a1:55:96:8a:76:4b:
                    05:aa:bc:15:3b:25:53:d1:1b:39:d2:36:39:d3:97:
                    b9:08:97:44:1c:fa:54:70:3f:82:78:55:62:e8:63:
                    d7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E5:A0:41:69:41:B3:D0:D6:64:92:08:91:A9:87:C3:FB:78:3B:0A
            X509v3 Authority Key Identifier:
                keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:3c:5f:14:c9:ff:bc:3c:65:8e:02:5c:ee:82:60:a8:6d:57:
         c1:00:0c:8d:c6:4a:4a:4e:95:4b:72:24:dd:0f:9b:70:24:4f:
         98:56:d2:72:51:ea:31:18:db:5c:fb:f3:18:fb:9a:7e:7e:15:
         99:1d:3f:36:04:e5:e6:44:be:e0:7b:36:cf:39:89:96:c7:5e:
         97:bf:e2:ed:84:5f:5c:92:20:3c:6b:28:7d:e7:2e:ae:95:17:
         51:ba:08:fa:4e:6e:93:0c:80:ec:66:29:90:cd:5c:ef:d3:ee:
         73:ca:a0:dc:a9:65:d5:a7:71:4f:3f:a4:7d:7f:a1:ff:53:aa:
         66:af:e4:d6:6f:86:c4:e9:12:20:f7:c3:21:51:b9:73:e1:2b:
         46:ba:10:e3:df:18:bf:e5:e5:d2:45:9c:81:1e:84:51:d8:66:
         70:94:66:39:a3:a2:8e:46:67:93:00:f2:1a:00:cb:73:e6:d5:
         44:ad:6e:b8:62:19:90:3c:3f:c0:f8:b8:e7:b4:d8:ac:dc:dc:
         19:00:19:20:b1:6e:69:29:42:5d:6d:fb:d8:61:bd:aa:b4:e6:
         84:d4:73:e2:ef:75:b2:5e:2f:1b:a5:e3:a5:33:fa:b5:a1:a8:
         03:f3:4b:89:65:bb:73:bd:04:8f:a8:89:28:4f:8b:39:52:0f:
         6a:e2:ea:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYt86BleVcrBkC93pviGGJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2
M2FhYjMwHhcNMjUwNDEzMDcwMTAzWhcNMjUwNDE0MDcwMTAzWjAzMTEwLwYDVQQD
EyhiYWU1YTA0MTY5NDFiM2QwZDY2NDkyMDg5MWE5ODdjM2ZiNzgzYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hYPCtzuaFXqAZW0Ytngkg0SYDdI
GxFv1A8WkI3jzQy8G1cvWfHFYv353JQf22kCrITvcZ9HqE7m3wfhpcoMBZnRK8kY
Zdv6JaoF+aUTCddif08R2mS+Jrur4Q5k0yINJptDgi0YIJ2of2jBLz2DwprZ8eMy
B6H2F5Tx3HgL4FOsMwfjPi7D+cXwxReESVOMQsO8ccbpmlR6JDL1IJ9VTh5jGgT2
18HizlbWJ6wYMcM4uXPLcdBZB2LdKp2k1wEP29n9vZWpB/yKd6U1BzFD0M70xQHD
7Zg2GXKhVZaKdksFqrwVOyVT0Rs50jY505e5CJdEHPpUcD+CeFVi6GPXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrloEFpQbPQ1mSSCJGph8P7eDsKMB8GA1UdIwQY
MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt
YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2
LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALjxfFMn/
vDxljgJc7oJgqG1XwQAMjcZKSk6VS3Ik3Q+bcCRPmFbSclHqMRjbXPvzGPuafn4V
mR0/NgTl5kS+4Hs2zzmJlsdel7/i7YRfXJIgPGsofecurpUXUboI+k5ukwyA7GYp
kM1c79Puc8qg3Kll1adxTz+kfX+h/1OqZq/k1m+GxOkSIPfDIVG5c+ErRroQ498Y
v+Xl0kWcgR6EUdhmcJRmOaOijkZnkwDyGgDLc+bVRK1uuGIZkDw/wPi457TYrNzc
GQAZILFuaSlCXW372GG9qrTmhNRz4u91sl4vG6XjpTP6taGoA/NLiWW7c70Ej6iJ
KE+LOVIPauLq4g==
-----END CERTIFICATE-----