Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          by35/r8PdXQ9GPwrNkTjVeigAcUzYFGa8cInn9BKa94=
Subject key identifier:   E3:1A:18:13:67:CF:2F:66:29:27:42:E0:77:1C:37:B1:DB:CC:84:E5
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       01976D3E3531DFDBFC7AD7F7B6CA25735325
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0E3C
Signing time:             Sat 14 Jun 2025 07:01:22 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:22 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:22 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: MbdHOcX1swAw0KbyifbJq/wYBLAHYtntNd8Oxs562cY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:35:31:df:db:fc:7a:d7:f7:b6:ca:25:73:53:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Jun 14 07:01:22 2025 GMT
            Not After : Jun 15 07:01:22 2025 GMT
        Subject: CN=e31a181367cf2f66292742e0771c37b1dbcc84e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:dd:4e:75:cf:72:58:3c:7b:89:49:51:d5:26:
                    7a:2d:ef:6c:70:d8:28:eb:8f:d0:40:05:8a:c5:19:
                    d6:e9:5f:89:de:15:d3:f5:63:9e:94:29:59:b9:95:
                    44:77:2b:e8:da:38:c6:be:b9:56:c5:34:c3:ad:cd:
                    77:05:6f:ed:37:26:8f:42:0a:53:a9:07:35:8d:8f:
                    32:cc:1d:2f:35:72:0e:46:50:8c:8f:28:ea:a6:66:
                    19:9b:2e:30:54:b4:db:5c:22:68:b8:8a:c3:fe:c1:
                    9b:17:aa:77:03:cd:17:14:eb:06:ea:5f:7d:47:c4:
                    98:18:dd:75:ae:72:33:0d:88:6b:f8:03:dd:69:20:
                    d6:e7:29:90:67:a2:e1:bc:09:d8:6d:d5:b0:31:56:
                    94:61:77:4a:08:62:5c:6e:be:da:5e:ee:ef:6c:31:
                    a5:ea:db:b7:d5:b7:2f:e3:5b:0b:6d:9f:2d:f8:ad:
                    80:31:3a:84:62:db:52:09:22:ef:db:f6:57:35:8b:
                    cb:f2:43:11:d6:05:20:fc:21:e9:ee:e2:23:56:d9:
                    81:3d:2a:61:17:f9:91:81:f7:b8:f0:1f:73:8f:5b:
                    ad:09:cf:f6:54:e2:6c:1a:d6:9f:19:5b:83:cd:b4:
                    88:e3:ba:11:d7:b0:f4:a4:f7:b3:09:d0:e6:78:40:
                    d5:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:1A:18:13:67:CF:2F:66:29:27:42:E0:77:1C:37:B1:DB:CC:84:E5
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:fe:2c:bc:b3:83:2f:43:76:77:45:13:8e:2f:85:82:92:4a:
         d6:30:a3:ef:46:d4:30:c3:d1:86:a4:fe:32:89:64:f7:d0:6e:
         ec:8d:ab:b6:d3:19:9f:f3:6a:a3:46:d0:ca:5d:29:da:6d:c7:
         ab:2d:a0:4a:66:b0:37:1e:ab:ac:30:18:75:b8:31:7d:17:08:
         51:6f:c6:5a:0b:94:6a:e6:80:5d:cf:43:d1:04:c2:9b:43:80:
         73:31:68:66:ce:92:a8:17:95:73:dc:98:4e:79:ab:d8:ef:ae:
         64:59:5c:fd:a2:b3:0e:f2:f5:b5:68:e1:b7:06:ab:a6:e4:d9:
         16:ae:95:c1:f8:aa:e0:8c:7e:e5:66:e0:43:73:1e:b9:ea:f7:
         cd:af:87:fd:78:2a:db:8e:44:32:83:08:d1:80:d7:95:9f:0d:
         58:45:60:8e:8b:8a:ef:c3:e5:78:d5:2d:1c:24:dd:6d:86:fb:
         7e:2a:8e:90:f2:43:5c:0f:16:dd:28:bd:cb:e9:71:0a:93:a4:
         b8:e5:3e:92:8c:8d:6d:70:ae:31:62:5b:f3:c4:43:33:79:0f:
         61:e1:9d:ff:71:a9:58:31:8e:b3:ad:6d:31:74:e2:ec:51:41:
         0f:8c:42:3b:ea:1a:cd:06:fb:ec:a7:42:d7:39:02:7c:20:b6:
         bc:19:41:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPjUx39v8etf3tsolc1MlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwNjE0MDcwMTIyWhcNMjUwNjE1MDcwMTIyWjAzMTEwLwYDVQQD
EyhlMzFhMTgxMzY3Y2YyZjY2MjkyNzQyZTA3NzFjMzdiMWRiY2M4NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy91Odc9yWDx7iUlR1SZ6Le9scNgo
64/QQAWKxRnW6V+J3hXT9WOelClZuZVEdyvo2jjGvrlWxTTDrc13BW/tNyaPQgpT
qQc1jY8yzB0vNXIORlCMjyjqpmYZmy4wVLTbXCJouIrD/sGbF6p3A80XFOsG6l99
R8SYGN11rnIzDYhr+APdaSDW5ymQZ6LhvAnYbdWwMVaUYXdKCGJcbr7aXu7vbDGl
6tu31bcv41sLbZ8t+K2AMTqEYttSCSLv2/ZXNYvL8kMR1gUg/CHp7uIjVtmBPSph
F/mRgfe48B9zj1utCc/2VOJsGtafGVuDzbSI47oR17D0pPezCdDmeEDV4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMaGBNnzy9mKSdC4HccN7HbzITlMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjf4svLOD
L0N2d0UTji+FgpJK1jCj70bUMMPRhqT+Molk99Bu7I2rttMZn/Nqo0bQyl0p2m3H
qy2gSmawNx6rrDAYdbgxfRcIUW/GWguUauaAXc9D0QTCm0OAczFoZs6SqBeVc9yY
Tnmr2O+uZFlc/aKzDvL1tWjhtwarpuTZFq6Vwfiq4Ix+5WbgQ3Meuer3za+H/Xgq
245EMoMI0YDXlZ8NWEVgjouK78PleNUtHCTdbYb7fiqOkPJDXA8W3Si9y+lxCpOk
uOU+koyNbXCuMWJb88RDM3kPYeGd/3GpWDGOs61tMXTi7FFBD4xCO+oazQb77KdC
1zkCfCC2vBlBMQ==
-----END CERTIFICATE-----