Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          j8iS916m7c4u8t73H+ZU7eVrJyIM3I2TE+b0U+CuMzE=
Subject key identifier:   47:1E:A4:8D:78:6B:64:91:69:2C:3D:15:1B:C8:EF:B1:85:07:9D:4C
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       019510C7A935328A602E45B92900E5128ED3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          0F2A
Signing time:             Sun 16 Feb 2025 22:01:15 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:15 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:15 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: 1pYcAn6Nq7nVgiq3r2xebcSBVBQIiTEAhHjUovvSaA8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:a9:35:32:8a:60:2e:45:b9:29:00:e5:12:8e:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Feb 16 22:01:15 2025 GMT
            Not After : Feb 17 22:01:15 2025 GMT
        Subject: CN=471ea48d786b6491692c3d151bc8efb185079d4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2a:d5:40:a6:6b:60:af:c4:a4:58:f7:4a:49:
                    ac:b5:25:cb:fd:82:2f:db:4c:92:51:7e:89:c9:7d:
                    d0:04:b7:ae:b1:93:43:49:02:b8:ec:c3:5e:95:ee:
                    ca:d5:7e:6d:97:50:d4:46:eb:9c:f2:33:9d:7c:65:
                    e0:69:27:61:04:1d:ab:b4:7d:1f:d0:da:7b:89:a7:
                    67:8d:03:c1:ff:47:9a:0f:42:7c:a3:3c:95:60:8b:
                    6e:a6:b7:c1:97:c6:17:4b:e8:2f:31:e2:47:36:61:
                    99:fd:80:74:ee:82:ed:65:fd:24:0e:b0:d3:35:18:
                    ec:cd:97:26:8a:7d:90:06:b3:08:bc:6a:86:cf:04:
                    13:8c:1c:df:88:cd:8b:f6:65:cb:06:b0:5f:92:ed:
                    a9:f5:59:1a:9f:e9:85:d3:3e:4e:c1:68:6a:cb:a8:
                    d2:ac:02:94:9f:be:55:eb:16:86:df:bd:4e:58:0b:
                    7d:3d:99:d4:9c:5e:92:af:f2:7a:f6:4f:2d:93:e0:
                    80:7e:5e:48:1e:7e:b2:1c:6c:74:44:48:f5:05:56:
                    5d:c4:89:d2:a5:fd:1d:de:52:45:dd:9f:d5:e8:cb:
                    83:e8:0e:27:22:d6:19:c7:0c:c4:86:b2:a2:6c:7a:
                    d0:5c:ea:23:38:5d:cc:01:49:60:99:f4:a7:7f:e4:
                    42:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:1E:A4:8D:78:6B:64:91:69:2C:3D:15:1B:C8:EF:B1:85:07:9D:4C
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:50:7a:63:12:61:56:a0:b4:2c:3e:21:81:66:85:f2:c0:d8:
         4c:b7:5b:76:f7:bd:1a:45:ee:e5:d7:f0:58:a5:d8:5f:04:ae:
         70:9e:7a:dc:4a:99:4a:f9:cc:97:d5:db:00:df:ed:42:43:09:
         d0:a0:e9:f6:f5:d4:81:29:05:37:8b:b2:e1:c5:d2:48:b3:6e:
         73:1c:26:26:7d:c2:09:52:a6:03:c8:26:78:af:e7:66:e3:ea:
         c0:8c:90:86:07:39:98:56:85:45:2a:0b:5b:5b:5f:07:49:0c:
         ca:41:a6:e1:6e:58:b1:8b:07:0c:21:e2:fd:29:d1:7b:1b:06:
         e4:e8:73:01:06:bf:98:cb:17:dc:f3:9a:0d:26:bb:43:94:a6:
         af:8e:2c:4d:ee:3a:47:d4:b2:1e:21:05:d9:8b:ed:6f:fa:e2:
         22:d9:39:d2:56:b3:1f:96:b3:3b:9e:7b:4b:3e:1d:c2:53:43:
         12:23:c8:2b:3a:98:7e:65:09:21:e3:26:74:a0:18:8d:97:a7:
         f9:38:18:30:9a:2a:bf:63:7c:68:1f:08:10:0e:e9:97:70:04:
         d3:f4:03:6d:d9:f7:9d:17:3d:59:d4:d4:8d:68:c1:b2:b3:dd:
         79:12:d2:e3:9a:bb:ff:6d:12:e5:b4:b5:1d:c8:00:b5:6d:3e:
         cb:b5:fa:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx6k1MopgLkW5KQDlEo7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjUwMjE2MjIwMTE1WhcNMjUwMjE3MjIwMTE1WjAzMTEwLwYDVQQD
Eyg0NzFlYTQ4ZDc4NmI2NDkxNjkyYzNkMTUxYmM4ZWZiMTg1MDc5ZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqirVQKZrYK/EpFj3SkmstSXL/YIv
20ySUX6JyX3QBLeusZNDSQK47MNele7K1X5tl1DURuuc8jOdfGXgaSdhBB2rtH0f
0Np7iadnjQPB/0eaD0J8ozyVYItuprfBl8YXS+gvMeJHNmGZ/YB07oLtZf0kDrDT
NRjszZcmin2QBrMIvGqGzwQTjBzfiM2L9mXLBrBfku2p9Vkan+mF0z5OwWhqy6jS
rAKUn75V6xaG371OWAt9PZnUnF6Sr/J69k8tk+CAfl5IHn6yHGx0REj1BVZdxInS
pf0d3lJF3Z/V6MuD6A4nItYZxwzEhrKibHrQXOojOF3MAUlgmfSnf+RCGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcepI14a2SRaSw9FRvI77GFB51MMB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABFB6YxJh
VqC0LD4hgWaF8sDYTLdbdve9GkXu5dfwWKXYXwSucJ563EqZSvnMl9XbAN/tQkMJ
0KDp9vXUgSkFN4uy4cXSSLNucxwmJn3CCVKmA8gmeK/nZuPqwIyQhgc5mFaFRSoL
W1tfB0kMykGm4W5YsYsHDCHi/SnRexsG5OhzAQa/mMsX3POaDSa7Q5Smr44sTe46
R9SyHiEF2Yvtb/riItk50lazH5azO557Sz4dwlNDEiPIKzqYfmUJIeMmdKAYjZen
+TgYMJoqv2N8aB8IEA7pl3AE0/QDbdn3nRc9WdTUjWjBsrPdeRLS45q7/20S5bS1
HcgAtW0+y7X6cA==
-----END CERTIFICATE-----