Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          V4zBgcm6rsoBNSXs0YjVYhWCIMCyXJ2C8yf+Tdh7XPk=
Subject key identifier:   0E:D8:FB:3A:06:8A:23:81:EA:57:A3:37:0C:02:9A:E1:A7:B6:1B:53
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       01974C698BE6B550A9754484E5C46C9389F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          1052
Signing time:             Sat 07 Jun 2025 22:01:14 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:14 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:14 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: XRM6e1f/JzkWxpfhyrhyDmtyRAHmSkcFURiEvnTozKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:8b:e6:b5:50:a9:75:44:84:e5:c4:6c:93:89:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Jun  7 22:01:14 2025 GMT
            Not After : Jun  8 22:01:14 2025 GMT
        Subject: CN=0ed8fb3a068a2381ea57a3370c029ae1a7b61b53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:22:0c:96:ae:3d:5d:dd:1e:4f:a4:55:31:ae:
                    c4:55:23:37:58:4b:41:3e:2a:63:2d:23:77:03:62:
                    1b:2e:03:08:7e:34:23:78:b2:c4:1f:9b:ec:ba:29:
                    6b:2b:e0:0f:b8:59:be:a8:92:9b:9b:fd:19:2b:49:
                    07:6f:89:58:1a:63:5e:7a:28:eb:d5:55:de:cd:0e:
                    ad:1e:9a:05:43:5b:6d:a0:40:6a:09:c7:77:49:35:
                    d8:35:f5:13:b9:f0:f7:f5:ae:0e:9e:1c:e6:89:be:
                    34:0a:99:1f:7a:81:8e:e0:47:15:a7:2c:3d:e3:3e:
                    5a:95:57:0e:e0:53:bc:5b:03:b2:67:f2:4d:e5:21:
                    58:b1:88:30:2a:0b:5a:53:c2:cb:80:95:09:7b:39:
                    94:9a:83:1b:b7:25:0f:0e:b1:4b:81:46:e3:fc:76:
                    a9:cd:dd:80:17:b9:ad:66:cc:a0:dd:bf:eb:42:b8:
                    ab:7e:45:03:6e:6a:db:14:53:24:29:4c:ce:f1:91:
                    9f:81:9f:7c:30:39:42:c6:98:cb:5d:af:52:44:37:
                    d4:6d:46:64:eb:87:b3:49:a9:f2:3e:b0:bd:5d:e4:
                    1f:5e:06:1e:29:7a:cd:fa:f1:96:ea:06:11:01:bf:
                    9d:65:79:ec:5f:36:fe:e8:ef:5f:c7:26:be:c0:cc:
                    94:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:D8:FB:3A:06:8A:23:81:EA:57:A3:37:0C:02:9A:E1:A7:B6:1B:53
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:18:29:20:7e:be:4a:ef:ae:8f:e1:cb:f8:a4:d3:dd:8f:05:
         f2:c5:1b:0f:61:7f:04:02:bf:bc:80:39:e7:84:66:86:41:de:
         67:39:10:76:74:cd:cf:f3:60:0e:a2:1d:39:ba:d9:21:85:3d:
         80:5a:c9:60:1c:0e:e9:2e:28:dd:1f:fb:19:c0:89:6e:fe:07:
         46:70:56:11:7b:bf:ba:3a:49:f6:35:01:15:86:2a:dc:1b:42:
         0b:6a:7c:63:11:26:f2:2f:83:87:95:d2:10:db:db:36:79:17:
         ca:05:7d:a7:99:5f:31:09:65:d1:8a:b7:a4:25:fd:d4:d6:c6:
         a4:aa:9d:ae:3e:24:bc:bb:48:13:90:90:8f:f8:3a:22:0f:f2:
         43:5e:0d:1b:1e:67:6f:29:7a:b1:1a:b2:c3:d0:67:18:85:7e:
         98:1b:07:53:0d:95:0c:e8:d1:43:26:4b:0a:9d:1f:58:7c:7b:
         5e:3e:e6:c6:21:62:d5:d8:5c:fc:87:60:14:21:dd:69:c6:11:
         7e:15:fd:c3:2c:8b:ec:cd:f4:66:e9:e6:80:5d:4a:19:51:81:
         a7:d2:39:8f:71:1c:74:cb:1c:db:6e:f1:d5:6c:39:85:44:83:
         4e:5e:f4:7f:c1:b7:23:47:7e:72:13:2a:06:0f:5f:a4:0e:f7:
         af:ad:6f:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaYvmtVCpdUSE5cRsk4nwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjUwNjA3MjIwMTE0WhcNMjUwNjA4MjIwMTE0WjAzMTEwLwYDVQQD
EygwZWQ4ZmIzYTA2OGEyMzgxZWE1N2EzMzcwYzAyOWFlMWE3YjYxYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviIMlq49Xd0eT6RVMa7EVSM3WEtB
PipjLSN3A2IbLgMIfjQjeLLEH5vsuilrK+APuFm+qJKbm/0ZK0kHb4lYGmNeeijr
1VXezQ6tHpoFQ1ttoEBqCcd3STXYNfUTufD39a4Onhzmib40CpkfeoGO4EcVpyw9
4z5alVcO4FO8WwOyZ/JN5SFYsYgwKgtaU8LLgJUJezmUmoMbtyUPDrFLgUbj/Hap
zd2AF7mtZsyg3b/rQrirfkUDbmrbFFMkKUzO8ZGfgZ98MDlCxpjLXa9SRDfUbUZk
64ezSanyPrC9XeQfXgYeKXrN+vGW6gYRAb+dZXnsXzb+6O9fxya+wMyUuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7Y+zoGiiOB6lejNwwCmuGnthtTMB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchgpIH6+
Su+uj+HL+KTT3Y8F8sUbD2F/BAK/vIA554RmhkHeZzkQdnTNz/NgDqIdObrZIYU9
gFrJYBwO6S4o3R/7GcCJbv4HRnBWEXu/ujpJ9jUBFYYq3BtCC2p8YxEm8i+Dh5XS
ENvbNnkXygV9p5lfMQll0Yq3pCX91NbGpKqdrj4kvLtIE5CQj/g6Ig/yQ14NGx5n
byl6sRqyw9BnGIV+mBsHUw2VDOjRQyZLCp0fWHx7Xj7mxiFi1dhc/IdgFCHdacYR
fhX9wyyL7M30ZunmgF1KGVGBp9I5j3EcdMsc227x1Ww5hUSDTl70f8G3I0d+chMq
Bg9fpA73r61vJA==
-----END CERTIFICATE-----