Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          dLhoefCrTbaT9Z41JYEZzC4kc8aCzLLaTd9c8K1sSq8=
Subject key identifier:   2E:83:71:49:A0:89:F2:9A:54:BF:04:51:61:08:41:66:DE:8C:41:08
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       0197B88F1674F2E0F6FE831D9A73E00FAB5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0E63
Signing time:             Sat 28 Jun 2025 22:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:14 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: n0edS57m6H1q0TnOX4uv8esttbivWRUQUD/guGDdEoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:16:74:f2:e0:f6:fe:83:1d:9a:73:e0:0f:ab:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Jun 28 22:01:14 2025 GMT
            Not After : Jun 29 22:01:14 2025 GMT
        Subject: CN=2e837149a089f29a54bf045161084166de8c4108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ed:64:7c:91:38:97:e7:c7:6d:38:72:52:75:
                    bb:28:12:6c:3c:a2:74:77:da:f5:7f:41:93:3d:48:
                    0c:3e:07:c6:63:de:b0:dd:df:3c:f7:df:d8:de:68:
                    e5:53:24:14:99:89:ed:a7:ef:a4:36:82:42:ac:88:
                    32:54:af:89:4c:0d:2e:29:a6:6e:6b:93:63:16:20:
                    b0:89:8e:ab:53:2e:f8:b7:1f:f1:d5:e6:f7:84:c4:
                    4c:20:53:19:21:69:bb:4a:77:68:05:4d:ef:3b:4b:
                    02:8c:0e:40:04:f1:04:59:b5:5e:e1:75:f2:ba:5e:
                    f9:77:d4:f0:f2:80:f9:62:ed:6b:05:52:a2:0f:49:
                    0f:9e:5d:fa:28:e6:2e:0c:af:2f:71:e8:d0:43:f3:
                    25:27:43:39:82:0f:c0:58:c6:d5:c0:97:8f:30:6f:
                    51:ad:19:50:f7:75:91:63:cd:72:27:0e:bb:c5:76:
                    1b:05:8d:74:d4:fd:4a:06:0c:fe:f1:93:3f:7c:79:
                    6e:0c:81:12:b3:6e:18:6d:cf:0a:bb:93:d5:ad:fa:
                    ef:ef:55:2f:1d:a0:d4:3f:74:59:e8:97:e8:c2:8f:
                    f0:86:cb:c8:04:3b:fd:9f:39:14:66:2b:c7:47:4e:
                    4c:3d:51:87:f3:03:17:6f:b3:3d:6c:9d:c0:d1:14:
                    ed:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:83:71:49:A0:89:F2:9A:54:BF:04:51:61:08:41:66:DE:8C:41:08
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:90:4b:f4:6a:f8:2d:be:19:ef:05:69:84:b7:97:a8:54:af:
         b0:d7:76:e9:e4:1f:bb:56:5f:86:93:c2:bf:60:9c:20:9a:0d:
         ce:35:62:04:d3:ca:80:1b:c9:a0:c0:e6:65:91:ad:71:c7:4f:
         c7:b5:eb:5e:98:0f:ae:bd:8e:81:4c:76:f3:2b:6f:a2:09:ea:
         6c:79:d2:e8:a4:6e:18:32:b0:9c:3e:2b:31:c9:ea:09:54:a9:
         40:f6:51:9d:b5:75:3d:96:54:c2:76:a3:30:fb:20:0d:dd:2a:
         1f:01:65:89:0f:68:49:9d:d9:81:f6:b1:bc:a4:7b:c7:7b:20:
         aa:32:64:5c:e4:91:6d:07:65:d2:94:cf:55:09:7e:dc:b7:c4:
         22:ee:c9:7a:39:0f:f1:cb:f6:29:ae:2f:f5:27:e7:7e:35:bf:
         c2:c5:02:40:08:04:4b:1e:ba:10:b0:18:60:16:da:23:06:3d:
         d1:d4:98:4b:30:5e:88:73:4f:8d:bd:61:c6:52:aa:7d:2d:d4:
         31:f9:29:3c:90:31:39:15:cf:c8:ac:16:60:7d:95:bc:bb:31:
         e8:98:dd:50:4f:a7:70:4e:39:d6:68:48:d2:f9:00:ff:e6:83:
         3f:a8:da:43:0b:b8:cc:31:0b:9b:6f:46:46:d8:31:73:76:d0:
         79:61:22:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jxZ08uD2/oMdmnPgD6tdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwNjI4MjIwMTE0WhcNMjUwNjI5MjIwMTE0WjAzMTEwLwYDVQQD
EygyZTgzNzE0OWEwODlmMjlhNTRiZjA0NTE2MTA4NDE2NmRlOGM0MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe1kfJE4l+fHbThyUnW7KBJsPKJ0
d9r1f0GTPUgMPgfGY96w3d8899/Y3mjlUyQUmYntp++kNoJCrIgyVK+JTA0uKaZu
a5NjFiCwiY6rUy74tx/x1eb3hMRMIFMZIWm7SndoBU3vO0sCjA5ABPEEWbVe4XXy
ul75d9Tw8oD5Yu1rBVKiD0kPnl36KOYuDK8vcejQQ/MlJ0M5gg/AWMbVwJePMG9R
rRlQ93WRY81yJw67xXYbBY101P1KBgz+8ZM/fHluDIESs24Ybc8Ku5PVrfrv71Uv
HaDUP3RZ6Jfowo/whsvIBDv9nzkUZivHR05MPVGH8wMXb7M9bJ3A0RTt2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6DcUmgifKaVL8EUWEIQWbejEEIMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKpBL9Gr4
Lb4Z7wVphLeXqFSvsNd26eQfu1ZfhpPCv2CcIJoNzjViBNPKgBvJoMDmZZGtccdP
x7XrXpgPrr2OgUx28ytvognqbHnS6KRuGDKwnD4rMcnqCVSpQPZRnbV1PZZUwnaj
MPsgDd0qHwFliQ9oSZ3ZgfaxvKR7x3sgqjJkXOSRbQdl0pTPVQl+3LfEIu7JejkP
8cv2Ka4v9SfnfjW/wsUCQAgESx66ELAYYBbaIwY90dSYSzBeiHNPjb1hxlKqfS3U
MfkpPJAxORXPyKwWYH2VvLsx6JjdUE+ncE451mhI0vkA/+aDP6jaQwu4zDELm29G
Rtgxc3bQeWEilg==
-----END CERTIFICATE-----