Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          bXldylyQ2vlpZ2VEKMfM2ECE6pkaar1mNEgde/l8kfM=
Subject key identifier:   48:31:20:E3:B0:44:9D:E5:BF:84:02:03:30:73:FD:C9:04:FE:89:24
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       01963FF956BD23C373212EF1B4483E6AABF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          0FC7
Signing time:             Wed 16 Apr 2025 19:00:27 +0000
Manifest this update:     Wed 16 Apr 2025 19:00:27 +0000
Manifest next update:     Thu 17 Apr 2025 19:00:27 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: VS4ONEVrkDSqm1+/w9Yu50hT1pr1CVd7G/vlgfMjFLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 19:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:f9:56:bd:23:c3:73:21:2e:f1:b4:48:3e:6a:ab:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Apr 16 19:00:27 2025 GMT
            Not After : Apr 17 19:00:27 2025 GMT
        Subject: CN=483120e3b0449de5bf8402033073fdc904fe8924
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:1e:98:e9:97:08:37:aa:45:26:5c:44:e1:4b:
                    f5:32:4b:d5:be:87:5e:eb:e9:2c:51:ad:0d:40:e6:
                    22:80:53:9a:79:c1:c4:14:99:c7:03:b5:88:bf:14:
                    cf:e0:ea:2e:60:2f:05:0b:c3:f9:a6:f3:8f:2d:ae:
                    02:27:ff:37:c8:d8:0c:15:72:43:0d:bf:52:7a:b0:
                    f6:87:0e:42:60:6c:1a:4d:0c:86:3c:25:23:41:b0:
                    c5:76:e0:f2:24:da:ac:48:df:83:76:1a:b4:21:b8:
                    97:6d:fb:2a:bf:1f:f5:6a:42:16:a8:51:01:47:1f:
                    9c:e8:b0:74:17:5d:7c:ab:f5:66:a8:a3:d5:91:dc:
                    f3:2c:d3:45:64:32:96:0d:cb:18:08:36:b1:40:92:
                    b8:7c:ab:5f:22:65:b3:ca:68:63:d1:60:a0:11:da:
                    24:47:8e:24:ff:6b:37:9e:54:59:48:04:b7:f3:2f:
                    e6:a0:f6:68:a1:c0:d7:77:49:26:f5:e7:93:02:c6:
                    c0:1b:0f:f3:af:1f:85:4f:cb:ca:12:4e:80:7e:82:
                    9a:0b:15:fa:aa:72:df:4e:14:d1:97:1d:4d:4d:6a:
                    62:68:96:af:8d:55:51:33:6f:c8:7d:ce:20:f2:c0:
                    20:5c:5f:3c:f6:4c:9f:80:ba:26:2d:d8:3f:d1:8d:
                    aa:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:31:20:E3:B0:44:9D:E5:BF:84:02:03:30:73:FD:C9:04:FE:89:24
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:45:6c:ff:83:04:42:ab:df:78:7e:cf:06:92:e0:80:46:c4:
         29:9e:09:6a:36:a1:7b:54:ba:84:fb:2c:f0:8b:b1:cd:3c:d5:
         3b:ca:4a:82:10:55:c7:76:38:03:ba:ca:7b:77:89:2b:06:4e:
         c2:6e:dd:ba:6a:cd:e4:d5:7d:2b:29:f1:d7:c1:8b:41:be:4f:
         81:5f:be:81:7b:ba:c7:9d:7d:c3:2b:4d:a1:36:ee:fc:46:a8:
         bd:d6:9c:81:fc:98:62:72:3c:35:48:bc:30:1d:50:20:dd:48:
         b0:ab:45:0d:d8:7c:d3:86:d9:c2:86:f8:53:a2:39:3d:b7:9f:
         7d:55:0a:28:1c:cf:24:f5:e0:96:68:0b:e1:7f:7c:97:ac:79:
         b5:52:bd:16:39:76:9d:13:03:2b:bb:eb:a7:81:9c:6e:ab:fc:
         dc:65:75:8a:f0:ac:ee:46:f1:20:c2:b3:6e:eb:be:7d:be:ab:
         7b:ca:50:14:fd:a2:50:5b:bd:5c:b4:73:e5:d5:1f:32:b8:a5:
         6c:3e:70:e0:13:e7:b8:60:f6:28:23:62:49:4e:98:16:aa:49:
         7d:84:04:6a:0a:81:e3:3c:2c:6c:16:02:0e:44:3d:ea:a1:47:
         40:98:58:63:13:81:10:a6:a1:25:13:38:4f:f7:30:ae:0a:54:
         f2:82:5f:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+Va9I8NzIS7xtEg+aqv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjUwNDE2MTkwMDI3WhcNMjUwNDE3MTkwMDI3WjAzMTEwLwYDVQQD
Eyg0ODMxMjBlM2IwNDQ5ZGU1YmY4NDAyMDMzMDczZmRjOTA0ZmU4OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR6Y6ZcIN6pFJlxE4Uv1MkvVvode
6+ksUa0NQOYigFOaecHEFJnHA7WIvxTP4OouYC8FC8P5pvOPLa4CJ/83yNgMFXJD
Db9SerD2hw5CYGwaTQyGPCUjQbDFduDyJNqsSN+Ddhq0IbiXbfsqvx/1akIWqFEB
Rx+c6LB0F118q/VmqKPVkdzzLNNFZDKWDcsYCDaxQJK4fKtfImWzymhj0WCgEdok
R44k/2s3nlRZSAS38y/moPZoocDXd0km9eeTAsbAGw/zrx+FT8vKEk6AfoKaCxX6
qnLfThTRlx1NTWpiaJavjVVRM2/Ifc4g8sAgXF889kyfgLomLdg/0Y2qxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgxIOOwRJ3lv4QCAzBz/ckE/okkMB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMEVs/4ME
QqvfeH7PBpLggEbEKZ4Jajahe1S6hPss8IuxzTzVO8pKghBVx3Y4A7rKe3eJKwZO
wm7dumrN5NV9Kynx18GLQb5PgV++gXu6x519wytNoTbu/EaovdacgfyYYnI8NUi8
MB1QIN1IsKtFDdh804bZwob4U6I5PbeffVUKKBzPJPXglmgL4X98l6x5tVK9Fjl2
nRMDK7vrp4Gcbqv83GV1ivCs7kbxIMKzbuu+fb6re8pQFP2iUFu9XLRz5dUfMril
bD5w4BPnuGD2KCNiSU6YFqpJfYQEagqB4zwsbBYCDkQ96qFHQJhYYxOBEKahJRM4
T/cwrgpU8oJfCA==
-----END CERTIFICATE-----