Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          wrzI20yJ/yYnSHArg0TbA6Moaom57CYT6kQPEMoWTJE=
Subject key identifier:   82:C4:D0:05:84:39:38:1B:18:1A:43:02:DD:11:49:EB:82:0A:DD:24
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       0196A8426F33820240D10F0FC5201187A86B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0DD6
Signing time:             Wed 07 May 2025 01:00:48 +0000
Manifest this update:     Wed 07 May 2025 01:00:48 +0000
Manifest next update:     Thu 08 May 2025 01:00:48 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: Op2iPY5YTCsm+WEXvsr9sL6C986+U8Oz6StPv/xnqus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:42:6f:33:82:02:40:d1:0f:0f:c5:20:11:87:a8:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: May  7 01:00:48 2025 GMT
            Not After : May  8 01:00:48 2025 GMT
        Subject: CN=82c4d0058439381b181a4302dd1149eb820add24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6b:58:47:36:c0:a7:5b:eb:1d:02:e2:d2:ed:
                    9e:ee:1e:8f:f8:7a:eb:23:5d:04:8e:6c:bc:df:77:
                    ee:c5:c2:7b:65:07:bd:c1:2b:a9:19:0a:95:3f:50:
                    95:30:10:00:d6:56:3b:c1:5b:56:fc:c3:e6:a7:5c:
                    d2:a8:e5:40:39:ba:d1:58:d4:86:4d:e5:d8:3f:ba:
                    df:3f:c9:c0:5a:e4:65:7f:13:43:ac:b7:02:d3:59:
                    00:a1:4c:25:ef:6f:3e:84:f9:94:f6:9a:ed:5f:bc:
                    69:cb:ae:d3:22:60:2d:17:ff:21:01:4e:2d:7d:37:
                    09:c1:f3:cf:bc:ca:a9:c5:9b:a7:ed:f3:8b:81:06:
                    45:be:09:28:ba:69:43:11:48:49:cb:09:ea:54:dd:
                    58:60:de:72:ac:f7:bb:27:dc:a3:6e:8f:f6:06:d9:
                    ea:ae:b2:38:30:99:fb:9d:5d:cd:bb:02:47:20:0b:
                    f5:7b:12:ef:e6:b0:1a:58:7e:99:89:26:3b:b4:b5:
                    05:84:57:80:5d:0c:d2:76:8b:b3:a7:a8:5d:cd:b9:
                    a7:35:67:5d:8c:78:0d:e4:94:fa:20:25:e7:6c:31:
                    b9:a5:54:ee:d8:f0:b3:54:d6:a4:c2:ee:a7:a6:ff:
                    80:13:9c:18:5a:10:30:a2:7e:5e:a2:17:a7:d0:70:
                    b1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C4:D0:05:84:39:38:1B:18:1A:43:02:DD:11:49:EB:82:0A:DD:24
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:b7:25:23:26:d9:c2:47:c2:27:00:85:74:bc:80:34:39:77:
         58:05:bd:ab:b2:91:42:bb:3a:05:bc:b6:fd:89:75:44:22:e3:
         9a:b2:a0:47:af:c9:12:cc:05:80:65:02:0e:6a:08:be:df:bf:
         46:37:11:40:4f:f0:a1:e2:93:ff:dd:1e:2a:38:32:56:96:1f:
         1a:ac:1c:e9:ee:89:e9:96:42:91:b8:7b:ac:07:28:13:b8:87:
         52:33:96:6e:f9:ad:45:97:17:1e:42:b7:5b:44:6a:19:fc:05:
         11:48:e5:d8:a0:ef:5a:34:ff:15:b2:9a:97:dc:d2:c9:eb:7a:
         64:4f:7e:ce:2b:09:a8:aa:07:1e:fa:30:76:c7:2e:ae:5f:a6:
         b8:98:19:fd:37:42:03:70:d3:a6:31:27:0a:00:39:7d:49:91:
         a6:b6:fc:00:c1:95:16:13:08:3a:11:78:db:5b:82:6d:8e:d8:
         4f:27:f7:bc:8c:13:b2:50:c3:3a:60:7d:d6:b8:39:e4:5c:a1:
         19:a5:df:f6:bd:2a:c7:12:e9:a5:bb:6a:d6:86:d1:f3:33:c4:
         0d:e1:b5:7a:e1:0a:65:f5:d8:74:28:35:53:87:70:43:4d:b7:
         58:c7:a7:fe:36:c7:93:6b:b7:9c:22:14:81:a7:ff:34:bc:a0:
         a7:50:c9:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaoQm8zggJA0Q8PxSARh6hrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwNTA3MDEwMDQ4WhcNMjUwNTA4MDEwMDQ4WjAzMTEwLwYDVQQD
Eyg4MmM0ZDAwNTg0MzkzODFiMTgxYTQzMDJkZDExNDllYjgyMGFkZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomtYRzbAp1vrHQLi0u2e7h6P+Hrr
I10Ejmy833fuxcJ7ZQe9wSupGQqVP1CVMBAA1lY7wVtW/MPmp1zSqOVAObrRWNSG
TeXYP7rfP8nAWuRlfxNDrLcC01kAoUwl728+hPmU9prtX7xpy67TImAtF/8hAU4t
fTcJwfPPvMqpxZun7fOLgQZFvgkoumlDEUhJywnqVN1YYN5yrPe7J9yjbo/2Btnq
rrI4MJn7nV3NuwJHIAv1exLv5rAaWH6ZiSY7tLUFhFeAXQzSdouzp6hdzbmnNWdd
jHgN5JT6ICXnbDG5pVTu2PCzVNakwu6npv+AE5wYWhAwon5eohen0HCxmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILE0AWEOTgbGBpDAt0RSeuCCt0kMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ7clIybZ
wkfCJwCFdLyANDl3WAW9q7KRQrs6Bby2/Yl1RCLjmrKgR6/JEswFgGUCDmoIvt+/
RjcRQE/woeKT/90eKjgyVpYfGqwc6e6J6ZZCkbh7rAcoE7iHUjOWbvmtRZcXHkK3
W0RqGfwFEUjl2KDvWjT/FbKal9zSyet6ZE9+zisJqKoHHvowdscurl+muJgZ/TdC
A3DTpjEnCgA5fUmRprb8AMGVFhMIOhF421uCbY7YTyf3vIwTslDDOmB91rg55Fyh
GaXf9r0qxxLppbtq1obR8zPEDeG1euEKZfXYdCg1U4dwQ023WMen/jbHk2u3nCIU
gaf/NLygp1DJpQ==
-----END CERTIFICATE-----