Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          og+uqind7TkqSSw5qlxUOGjeajFj4ZwSE3h2Ia7NKp8=
Subject key identifier:   76:E2:99:9D:34:CB:E8:01:D9:AD:33:EC:96:45:75:B5:F5:56:DE:32
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       01967BD741B3B6DDADEFC527888494B49DFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          0E72
Signing time:             Mon 28 Apr 2025 10:00:26 +0000
Manifest this update:     Mon 28 Apr 2025 10:00:26 +0000
Manifest next update:     Tue 29 Apr 2025 10:00:26 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: 0RzcBw5ORyEiE8z29Gx0eGy3bsn+eWjZTbdEy7x0/e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d7:41:b3:b6:dd:ad:ef:c5:27:88:84:94:b4:9d:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: Apr 28 10:00:26 2025 GMT
            Not After : Apr 29 10:00:26 2025 GMT
        Subject: CN=76e2999d34cbe801d9ad33ec964575b5f556de32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:af:55:a2:26:7e:9c:d5:8c:0b:d7:e3:04:b1:
                    f7:91:a9:16:61:25:ec:f4:a1:3e:b8:32:6e:f1:af:
                    d0:f0:ae:94:48:fd:c7:4a:ae:cd:41:7a:af:07:5f:
                    48:e8:2c:5a:ff:c2:83:2d:02:06:32:09:6f:4b:86:
                    6e:17:d0:51:1f:c6:b3:8a:16:c8:5b:ad:05:0f:ab:
                    10:64:79:96:df:20:24:04:22:9f:b2:76:21:28:6e:
                    c8:ca:7c:c2:2b:c7:6e:6e:36:cf:ff:d4:ce:b9:7f:
                    60:11:42:b1:9f:d4:8a:09:a4:a6:2a:ec:d8:c2:79:
                    75:20:3c:03:0a:61:22:73:70:98:2e:d6:27:78:22:
                    da:a7:1e:f1:82:58:a1:2b:ef:a7:65:bd:14:db:2d:
                    1c:92:45:7f:a1:85:43:73:65:88:09:5e:10:e1:a2:
                    fd:53:5e:8d:c9:aa:12:2c:e8:dd:50:d5:43:34:ba:
                    69:14:e8:9e:bd:a3:59:eb:e5:02:32:13:4e:76:12:
                    0c:59:a1:ff:6d:bc:31:8e:53:83:52:28:15:b9:b2:
                    46:14:47:c7:36:6f:60:7a:80:0f:5b:13:b3:59:68:
                    22:fb:8f:44:a5:7b:5e:ea:8f:32:2b:c6:ea:aa:f7:
                    b4:8d:b2:a6:66:f1:23:7b:db:ee:a7:7c:57:d3:b7:
                    9c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:E2:99:9D:34:CB:E8:01:D9:AD:33:EC:96:45:75:B5:F5:56:DE:32
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:33:16:d1:8d:00:2b:64:35:01:d9:70:44:41:ff:56:b7:5b:
         ea:0a:fa:bc:fe:d1:fd:db:f3:d0:36:25:30:a4:f2:ea:38:45:
         c0:e8:5f:13:cd:be:74:5c:fc:fc:f8:44:60:9b:01:12:bb:69:
         46:2e:0d:fa:65:1e:38:be:e9:03:63:16:6b:74:c5:10:62:71:
         f0:d3:d3:13:cb:a5:c6:81:70:73:02:a2:b2:f3:0f:ce:58:58:
         77:50:ef:57:c8:97:75:00:85:87:6f:20:ee:6f:03:69:f3:fd:
         fb:21:a7:b7:2f:02:30:ec:e7:ac:12:24:65:43:8a:39:73:7b:
         81:5e:8f:b9:46:a4:27:e7:68:f9:d2:1d:13:85:61:0f:0d:4d:
         4a:87:40:64:0b:e1:d0:cc:c3:08:7a:66:38:f6:d4:c4:15:34:
         50:33:d6:42:9e:a2:67:8f:f2:0c:12:79:18:63:df:bc:08:78:
         07:1d:53:e0:d2:d1:30:58:df:83:d3:23:8b:23:53:f0:34:81:
         ce:d2:c8:6a:05:b8:5d:8e:c4:50:c2:3e:7c:e9:9c:76:a2:0f:
         0e:f8:10:f8:67:49:21:6f:97:45:1d:35:40:ab:74:38:30:d6:
         c1:cf:a8:a7:1f:1f:40:28:f6:87:fd:f8:73:c3:52:7f:69:3f:
         13:25:d4:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ710Gztt2t78UniISUtJ3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjUwNDI4MTAwMDI2WhcNMjUwNDI5MTAwMDI2WjAzMTEwLwYDVQQD
Eyg3NmUyOTk5ZDM0Y2JlODAxZDlhZDMzZWM5NjQ1NzViNWY1NTZkZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK9VoiZ+nNWMC9fjBLH3kakWYSXs
9KE+uDJu8a/Q8K6USP3HSq7NQXqvB19I6Cxa/8KDLQIGMglvS4ZuF9BRH8azihbI
W60FD6sQZHmW3yAkBCKfsnYhKG7IynzCK8dubjbP/9TOuX9gEUKxn9SKCaSmKuzY
wnl1IDwDCmEic3CYLtYneCLapx7xglihK++nZb0U2y0ckkV/oYVDc2WICV4Q4aL9
U16NyaoSLOjdUNVDNLppFOievaNZ6+UCMhNOdhIMWaH/bbwxjlODUigVubJGFEfH
Nm9geoAPWxOzWWgi+49EpXte6o8yK8bqqve0jbKmZvEje9vup3xX07ecEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbimZ00y+gB2a0z7JZFdbX1Vt4yMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMTMW0Y0A
K2Q1AdlwREH/Vrdb6gr6vP7R/dvz0DYlMKTy6jhFwOhfE82+dFz8/PhEYJsBErtp
Ri4N+mUeOL7pA2MWa3TFEGJx8NPTE8ulxoFwcwKisvMPzlhYd1DvV8iXdQCFh28g
7m8DafP9+yGnty8CMOznrBIkZUOKOXN7gV6PuUakJ+do+dIdE4VhDw1NSodAZAvh
0MzDCHpmOPbUxBU0UDPWQp6iZ4/yDBJ5GGPfvAh4Bx1T4NLRMFjfg9MjiyNT8DSB
ztLIagW4XY7EUMI+fOmcdqIPDvgQ+GdJIW+XRR01QKt0ODDWwc+opx8fQCj2h/34
c8NSf2k/EyXUzw==
-----END CERTIFICATE-----