Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          gy2WGcQlV8l0igcT3xmhFeFJ6KG6bDDX+io5l0lteBw=
Subject key identifier:   FA:A4:9D:C7:51:34:18:74:69:26:84:AC:60:5D:CD:1B:B8:C4:CC:1B
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       0196895BD08D9E23098FE1545C9D97E66A73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          1515
Signing time:             Thu 01 May 2025 01:00:17 +0000
Manifest this update:     Thu 01 May 2025 01:00:17 +0000
Manifest next update:     Fri 02 May 2025 01:00:17 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: 4bo2qPoNeQ5xbdD4Kpae4MzYoMeIcXWJk2aSC4/7Hnk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:5b:d0:8d:9e:23:09:8f:e1:54:5c:9d:97:e6:6a:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: May  1 01:00:17 2025 GMT
            Not After : May  2 01:00:17 2025 GMT
        Subject: CN=faa49dc751341874692684ac605dcd1bb8c4cc1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b1:d7:a4:ea:99:66:b1:6a:19:be:2a:f3:fd:
                    c2:13:1d:ee:40:cf:b4:5a:84:57:fb:25:a6:a2:d2:
                    46:41:37:49:9f:9a:e1:64:98:85:d5:bb:ab:26:e8:
                    35:89:c8:d3:f3:03:77:77:35:b6:3a:a3:96:c0:5d:
                    3c:50:07:c4:cd:3f:ba:f2:63:cc:03:0e:94:af:8b:
                    71:10:f5:e2:2b:12:23:f4:a3:d8:43:b3:e0:89:6b:
                    dd:ea:41:48:b6:78:66:87:11:8f:34:ba:3d:ee:ca:
                    45:f7:b3:9e:c8:f1:79:3b:2b:f3:e4:bd:22:b8:5d:
                    43:26:e1:64:2d:b1:c4:c7:d7:0f:75:26:5e:44:75:
                    df:e5:48:0f:4f:26:16:a3:d0:d1:0e:3a:fc:c0:f3:
                    2d:99:45:1e:53:7d:40:75:66:6d:93:60:ba:34:3c:
                    4c:a1:d1:25:75:06:65:65:c7:b9:6b:f4:48:60:36:
                    90:d4:dd:a1:c7:92:ed:ed:db:86:23:39:56:36:12:
                    8e:35:92:f2:52:c8:8a:48:a6:e3:22:39:7a:e2:31:
                    98:37:ee:ae:56:f7:04:9f:9f:ba:5b:f4:03:13:42:
                    1a:fd:1f:8f:54:8d:7a:f4:a4:a3:61:2c:1e:7d:92:
                    0d:c9:ad:c3:1d:a7:85:af:aa:ed:26:6d:94:6c:95:
                    39:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A4:9D:C7:51:34:18:74:69:26:84:AC:60:5D:CD:1B:B8:C4:CC:1B
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:84:f7:f6:ac:6f:7d:86:a8:58:3a:32:dd:98:14:99:db:f8:
         4a:b2:f2:64:d0:5a:1b:13:9c:8c:7c:7b:4d:ae:33:78:b1:63:
         f2:e3:be:98:10:5a:c6:2f:9a:a8:15:b0:0b:87:6d:0b:f4:27:
         af:b6:7f:f2:98:dc:b5:25:a0:8a:6a:70:0b:76:b8:ea:16:b2:
         74:72:89:20:0d:28:55:6c:c8:d8:da:34:d2:ca:02:e2:03:ee:
         2b:74:c8:95:83:f2:3b:50:a8:d2:7e:76:9d:13:39:91:01:af:
         cd:d0:68:20:96:17:1e:cb:7c:31:a6:57:a7:39:6a:47:d0:f2:
         c9:69:a7:87:c7:f2:46:73:d8:4b:7d:2a:95:29:71:2d:47:ec:
         51:32:18:d5:f4:1d:4b:39:d7:2f:ff:f9:53:f0:d5:13:63:f9:
         57:13:07:90:78:f1:6e:fe:38:21:38:09:e3:a2:29:54:ce:1a:
         78:ec:dc:27:93:1f:e3:e0:bf:6e:3e:1b:49:1f:ba:31:eb:59:
         e5:c2:c3:fe:92:85:72:71:62:e0:a3:07:0e:40:80:c0:9d:0d:
         6a:c0:76:92:e1:22:ee:0f:35:31:64:76:a5:47:4f:06:b5:72:
         70:88:ff:04:97:07:9b:49:59:d7:0c:81:09:d1:59:b1:1b:75:
         86:a8:a6:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJW9CNniMJj+FUXJ2X5mpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUwNTAxMDEwMDE3WhcNMjUwNTAyMDEwMDE3WjAzMTEwLwYDVQQD
EyhmYWE0OWRjNzUxMzQxODc0NjkyNjg0YWM2MDVkY2QxYmI4YzRjYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLHXpOqZZrFqGb4q8/3CEx3uQM+0
WoRX+yWmotJGQTdJn5rhZJiF1burJug1icjT8wN3dzW2OqOWwF08UAfEzT+68mPM
Aw6Ur4txEPXiKxIj9KPYQ7PgiWvd6kFItnhmhxGPNLo97spF97OeyPF5Oyvz5L0i
uF1DJuFkLbHEx9cPdSZeRHXf5UgPTyYWo9DRDjr8wPMtmUUeU31AdWZtk2C6NDxM
odEldQZlZce5a/RIYDaQ1N2hx5Lt7duGIzlWNhKONZLyUsiKSKbjIjl64jGYN+6u
VvcEn5+6W/QDE0Ia/R+PVI169KSjYSwefZINya3DHaeFr6rtJm2UbJU5ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqkncdRNBh0aSaErGBdzRu4xMwbMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjoT39qxv
fYaoWDoy3ZgUmdv4SrLyZNBaGxOcjHx7Ta4zeLFj8uO+mBBaxi+aqBWwC4dtC/Qn
r7Z/8pjctSWgimpwC3a46haydHKJIA0oVWzI2No00soC4gPuK3TIlYPyO1Co0n52
nRM5kQGvzdBoIJYXHst8MaZXpzlqR9DyyWmnh8fyRnPYS30qlSlxLUfsUTIY1fQd
SznXL//5U/DVE2P5VxMHkHjxbv44ITgJ46IpVM4aeOzcJ5Mf4+C/bj4bSR+6MetZ
5cLD/pKFcnFi4KMHDkCAwJ0NasB2kuEi7g81MWR2pUdPBrVycIj/BJcHm0lZ1wyB
CdFZsRt1hqimcA==
-----END CERTIFICATE-----