Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          2jcX7an9wrs0NqQ3BsISQ2GR88s0DYHs2uObTFCmqao=
Subject key identifier:   43:0F:93:D9:D7:50:55:4F:F9:FA:B9:5A:D5:D8:45:0D:02:10:42:44
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       0194C3F5A468058E54A397F22B8A57165678
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          142A
Signing time:             Sun 02 Feb 2025 00:00:42 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:42 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:42 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: m1Pi3nN6pNJpivWZiyEDKCgMdZ5mUG1Bees81EmYP9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:a4:68:05:8e:54:a3:97:f2:2b:8a:57:16:56:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Feb  2 00:00:42 2025 GMT
            Not After : Feb  3 00:00:42 2025 GMT
        Subject: CN=430f93d9d750554ff9fab95ad5d8450d02104244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:41:7a:6a:72:88:80:ec:97:66:85:d7:52:52:
                    89:ae:0b:5b:13:85:63:e9:f5:d7:10:f8:45:fc:c5:
                    de:2b:92:48:6c:fc:4e:4f:e5:0b:88:7c:92:52:ef:
                    17:c8:ce:ea:7d:48:d9:93:dd:cc:c5:2c:ae:b3:9d:
                    6f:ba:03:4a:e1:35:46:52:e2:ce:83:20:43:89:0b:
                    c3:f7:51:f3:32:4b:6b:57:a3:99:f4:bd:1b:d9:7f:
                    94:66:bb:7a:04:1e:13:a0:25:85:7f:a8:3f:fa:cb:
                    95:1f:b6:78:e0:b4:84:f4:55:dc:f9:5a:19:8a:bd:
                    29:d6:1c:d2:8b:2e:f9:20:27:5e:d1:98:78:68:36:
                    7b:5a:98:60:56:18:db:b2:d8:e4:5f:d7:c2:4e:a1:
                    a1:60:c6:1c:d6:20:0a:12:c3:f4:c5:34:83:61:07:
                    e0:62:31:78:db:4a:97:04:26:a6:10:6f:93:8b:02:
                    d2:e5:fa:06:7e:b7:22:69:09:54:14:76:ed:e7:4c:
                    10:11:91:14:d7:6c:99:1e:42:90:9c:03:87:8a:93:
                    62:14:09:ef:08:02:a0:88:56:c4:3a:e1:41:a6:dd:
                    f1:63:f4:63:c3:0d:fc:d2:97:78:17:d5:f4:91:80:
                    3a:21:6b:c6:7e:86:bb:62:42:fb:e6:07:8d:00:5d:
                    0f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:0F:93:D9:D7:50:55:4F:F9:FA:B9:5A:D5:D8:45:0D:02:10:42:44
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:5b:37:b2:7e:77:87:8b:2a:fa:82:5d:46:87:b7:0e:3b:84:
         c0:14:17:09:a7:a0:5e:74:71:70:07:00:8c:66:de:43:b1:52:
         56:5b:69:48:8f:fa:db:62:51:1a:8d:f2:35:e3:74:84:12:24:
         5c:d9:9f:88:cd:7e:98:a6:2b:ef:fc:c7:d6:27:e5:e2:19:88:
         af:8e:f1:a0:48:78:81:30:78:49:41:a9:04:70:1b:fc:af:4f:
         a3:b2:dd:94:ae:6c:57:98:4c:62:16:35:7f:b0:70:f0:d4:da:
         10:98:a0:43:58:1a:8e:c8:da:dc:bb:f6:0a:ee:41:57:95:8b:
         ac:c9:84:a9:32:82:39:44:7b:85:1d:45:18:b6:b8:40:f9:da:
         43:95:81:12:f7:7b:6b:0f:c0:0d:45:00:90:3b:58:f2:a4:bc:
         7a:b7:db:61:5c:fb:9a:79:71:0b:32:a2:a0:72:18:37:64:da:
         75:85:b2:79:af:04:0a:ef:87:e3:00:ac:30:48:d3:db:9f:8b:
         3f:3e:5e:62:01:00:53:1f:ed:d5:1a:c2:c4:9d:3e:b6:08:46:
         21:3a:b5:a3:b0:a1:b9:e5:75:24:b6:19:33:56:b3:3c:77:a1:
         c4:15:ef:ed:46:0d:ab:2f:e8:1e:d0:f9:d5:46:22:c1:bb:a8:
         95:f6:ce:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9aRoBY5Uo5fyK4pXFlZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUwMjAyMDAwMDQyWhcNMjUwMjAzMDAwMDQyWjAzMTEwLwYDVQQD
Eyg0MzBmOTNkOWQ3NTA1NTRmZjlmYWI5NWFkNWQ4NDUwZDAyMTA0MjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0F6anKIgOyXZoXXUlKJrgtbE4Vj
6fXXEPhF/MXeK5JIbPxOT+ULiHySUu8XyM7qfUjZk93MxSyus51vugNK4TVGUuLO
gyBDiQvD91HzMktrV6OZ9L0b2X+UZrt6BB4ToCWFf6g/+suVH7Z44LSE9FXc+VoZ
ir0p1hzSiy75ICde0Zh4aDZ7WphgVhjbstjkX9fCTqGhYMYc1iAKEsP0xTSDYQfg
YjF420qXBCamEG+TiwLS5foGfrciaQlUFHbt50wQEZEU12yZHkKQnAOHipNiFAnv
CAKgiFbEOuFBpt3xY/Rjww380pd4F9X0kYA6IWvGfoa7YkL75geNAF0PrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMPk9nXUFVP+fq5WtXYRQ0CEEJEMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfFs3sn53
h4sq+oJdRoe3DjuEwBQXCaegXnRxcAcAjGbeQ7FSVltpSI/622JRGo3yNeN0hBIk
XNmfiM1+mKYr7/zH1ifl4hmIr47xoEh4gTB4SUGpBHAb/K9Po7LdlK5sV5hMYhY1
f7Bw8NTaEJigQ1gajsja3Lv2Cu5BV5WLrMmEqTKCOUR7hR1FGLa4QPnaQ5WBEvd7
aw/ADUUAkDtY8qS8erfbYVz7mnlxCzKioHIYN2TadYWyea8ECu+H4wCsMEjT25+L
Pz5eYgEAUx/t1RrCxJ0+tghGITq1o7ChueV1JLYZM1azPHehxBXv7UYNqy/oHtD5
1UYiwbuolfbObw==
-----END CERTIFICATE-----