Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          CRs34bawDbPB7eMPHuTrzBcPklowN0NU4KCQsi2qxsQ=
Subject key identifier:   E8:D5:2C:87:7A:E9:2C:01:C4:B9:AD:D8:04:CE:F5:FD:98:BF:57:E8
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       019681A29C4F3A365D249645B68CEA3CBA9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0DC2
Signing time:             Tue 29 Apr 2025 13:00:39 +0000
Manifest this update:     Tue 29 Apr 2025 13:00:39 +0000
Manifest next update:     Wed 30 Apr 2025 13:00:39 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: JTIiiy2CibVzBRfL7z+iRiBLhXVN4Pt39To9VB3sthc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a2:9c:4f:3a:36:5d:24:96:45:b6:8c:ea:3c:ba:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Apr 29 13:00:39 2025 GMT
            Not After : Apr 30 13:00:39 2025 GMT
        Subject: CN=e8d52c877ae92c01c4b9add804cef5fd98bf57e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f3:7e:f0:ea:06:85:34:91:fe:3e:8a:5f:cd:
                    65:35:ed:05:f4:7b:5c:2e:04:02:19:ed:c7:47:f0:
                    3b:de:00:f4:16:d8:cc:6e:ac:39:50:bd:5d:ab:58:
                    00:1e:fc:cb:31:19:d2:02:45:6f:07:0f:6b:d7:1d:
                    eb:8d:f5:f5:cd:c5:67:69:65:4b:80:98:4e:f1:dd:
                    4c:45:51:cc:0e:2f:d6:13:8d:05:da:4e:e5:49:11:
                    4f:53:96:da:e7:60:fc:c5:17:7f:de:c3:92:66:44:
                    b2:32:0f:b1:87:da:72:f2:70:e1:fe:45:29:46:f7:
                    cd:e5:79:40:50:40:49:5b:b0:26:15:48:3f:75:24:
                    4d:96:f1:49:a7:15:4e:12:90:e7:10:ee:95:99:68:
                    12:1c:f3:ca:43:ef:40:c8:4a:7c:e9:d3:80:23:f1:
                    06:cf:d9:d1:53:7c:a3:e8:fb:af:94:f4:ff:46:19:
                    7a:1c:e4:30:01:53:8a:35:d1:52:67:43:18:d3:32:
                    19:54:e0:1a:77:9e:b6:37:64:2a:f7:c7:60:50:74:
                    ee:2f:33:28:21:6c:86:01:9f:f3:b2:6e:77:81:48:
                    f2:2c:1b:43:c4:ac:c2:6a:88:11:98:8a:85:e5:46:
                    15:e7:8c:6a:52:1f:50:54:f0:35:ce:fd:ec:09:a8:
                    1a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:D5:2C:87:7A:E9:2C:01:C4:B9:AD:D8:04:CE:F5:FD:98:BF:57:E8
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:c7:40:66:28:e0:2b:ba:6f:73:d6:61:9f:38:5b:4d:4c:a8:
         4e:24:b7:62:97:ec:6c:8d:0f:e1:4f:6f:15:26:eb:8e:a3:c8:
         ac:7f:46:a0:57:47:af:2c:e4:72:04:51:be:3f:4c:de:47:6c:
         b0:ba:7a:ac:89:b4:b3:8b:d8:03:de:5a:1c:ce:17:4a:ec:85:
         f7:da:8b:8b:32:73:ce:01:64:d5:5c:8a:71:ac:02:bb:aa:5d:
         63:b7:b0:c6:a9:d5:f2:33:93:2f:f8:18:7c:a5:cb:ed:ce:79:
         98:0d:9a:fd:8e:68:8b:f8:7d:dd:5d:73:38:91:07:5c:26:7c:
         1d:da:08:93:1a:79:4d:a4:90:12:cb:28:5f:8e:ee:5c:c9:d8:
         78:64:10:db:1c:d0:dd:c3:3c:64:08:32:2b:9d:f2:98:12:64:
         c2:77:36:3a:dc:62:ec:4e:11:42:2c:1d:e0:5b:8e:b7:e8:92:
         76:d4:c4:3c:4f:59:4a:25:e8:fd:8b:71:6f:5c:83:b1:1f:44:
         e8:77:d6:1c:c4:56:aa:cd:d5:d2:92:87:90:62:a8:dd:d3:78:
         88:85:7d:03:4a:c9:93:61:4d:56:f7:69:ca:97:b7:dc:9a:eb:
         c4:ab:df:61:a5:7c:7f:4d:e5:25:91:79:be:f8:06:00:1f:d2:
         9f:12:66:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBopxPOjZdJJZFtozqPLqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwNDI5MTMwMDM5WhcNMjUwNDMwMTMwMDM5WjAzMTEwLwYDVQQD
EyhlOGQ1MmM4NzdhZTkyYzAxYzRiOWFkZDgwNGNlZjVmZDk4YmY1N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPN+8OoGhTSR/j6KX81lNe0F9Htc
LgQCGe3HR/A73gD0FtjMbqw5UL1dq1gAHvzLMRnSAkVvBw9r1x3rjfX1zcVnaWVL
gJhO8d1MRVHMDi/WE40F2k7lSRFPU5ba52D8xRd/3sOSZkSyMg+xh9py8nDh/kUp
RvfN5XlAUEBJW7AmFUg/dSRNlvFJpxVOEpDnEO6VmWgSHPPKQ+9AyEp86dOAI/EG
z9nRU3yj6PuvlPT/Rhl6HOQwAVOKNdFSZ0MY0zIZVOAad562N2Qq98dgUHTuLzMo
IWyGAZ/zsm53gUjyLBtDxKzCaogRmIqF5UYV54xqUh9QVPA1zv3sCaga4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjVLId66SwBxLmt2ATO9f2Yv1foMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE8dAZijg
K7pvc9ZhnzhbTUyoTiS3YpfsbI0P4U9vFSbrjqPIrH9GoFdHryzkcgRRvj9M3kds
sLp6rIm0s4vYA95aHM4XSuyF99qLizJzzgFk1VyKcawCu6pdY7ewxqnV8jOTL/gY
fKXL7c55mA2a/Y5oi/h93V1zOJEHXCZ8HdoIkxp5TaSQEssoX47uXMnYeGQQ2xzQ
3cM8ZAgyK53ymBJkwnc2Otxi7E4RQiwd4FuOt+iSdtTEPE9ZSiXo/Ytxb1yDsR9E
6HfWHMRWqs3V0pKHkGKo3dN4iIV9A0rJk2FNVvdpype33JrrxKvfYaV8f03lJZF5
vvgGAB/SnxJmzg==
-----END CERTIFICATE-----