Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          etnQF6yDDuVPpUG+V+vKbScLxi5raOKca9eEKWaKcYo=
Subject key identifier:   6F:0C:67:8B:47:16:E9:AA:7E:43:29:BB:12:98:21:03:39:BD:DE:23
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       0196A8E74F1D9E8562CF9CE83575B72E2169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          1527
Signing time:             Wed 07 May 2025 04:00:53 +0000
Manifest this update:     Wed 07 May 2025 04:00:53 +0000
Manifest next update:     Thu 08 May 2025 04:00:53 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: 3hG9HMG0VQeg2ionD/HtKAlC0ygcmrgZBxPVfAUO8Fg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 04:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:e7:4f:1d:9e:85:62:cf:9c:e8:35:75:b7:2e:21:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: May  7 04:00:53 2025 GMT
            Not After : May  8 04:00:53 2025 GMT
        Subject: CN=6f0c678b4716e9aa7e4329bb1298210339bdde23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1c:a1:6a:33:46:53:46:3d:54:69:57:21:13:
                    0d:16:60:27:6a:a3:52:a4:e8:69:f1:a5:ef:9f:79:
                    14:ad:4d:db:9a:48:67:74:29:db:72:a2:5b:b9:2e:
                    52:69:da:db:3f:47:22:e6:62:3e:83:a1:0a:bd:d4:
                    aa:24:15:8f:22:31:79:1e:a1:1b:40:e9:6d:60:47:
                    f7:01:f1:86:19:27:96:c5:06:f6:d6:86:cd:b5:c1:
                    19:04:40:2a:5d:fc:b5:d8:db:75:50:26:ab:70:b6:
                    56:5d:61:d0:70:e3:62:c5:49:24:2d:0b:36:39:c6:
                    c5:1d:3e:9b:0d:93:7a:c4:5d:8e:16:f1:1d:45:09:
                    f7:31:86:bb:39:02:3c:fb:3c:9f:d1:5e:e7:d4:7f:
                    b7:3a:66:54:4b:de:f6:f5:ba:da:8b:8e:65:3e:5c:
                    fb:d8:c6:55:6b:14:90:07:57:49:89:29:e5:af:f2:
                    d0:df:ce:3b:52:0c:f3:4d:09:78:d3:65:85:31:b8:
                    dd:a1:7f:7a:06:29:80:9f:1d:39:03:1d:78:11:0c:
                    cd:2d:1f:9b:96:e6:ff:55:da:54:57:1d:f1:0c:d1:
                    58:31:b1:dd:89:a1:8c:68:45:43:71:19:2f:80:a4:
                    61:bd:67:66:5e:83:0c:ff:af:e8:a0:74:8f:9a:e4:
                    f7:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:0C:67:8B:47:16:E9:AA:7E:43:29:BB:12:98:21:03:39:BD:DE:23
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:3d:df:cf:f8:c2:41:c9:d1:ca:96:8c:77:11:0a:8f:77:2a:
         c2:7b:3f:6b:06:0a:8b:1a:9c:df:5f:a3:57:88:8a:09:7c:2d:
         ea:0c:00:f9:6a:a2:b0:5a:06:14:6a:4d:50:a4:6b:e8:ab:e5:
         87:f0:3c:92:34:50:73:8a:44:d8:4c:64:b5:cd:c3:61:48:6a:
         8f:12:ee:9c:8c:a6:2e:ba:6f:6c:1e:e8:dc:70:5d:47:1a:5c:
         27:f5:1a:50:d7:6b:d6:4c:3a:96:fe:b8:a9:fd:48:72:5b:15:
         9a:48:4f:8c:e2:bc:2c:81:86:66:f0:20:0c:8b:22:eb:c9:3d:
         6f:1d:68:ed:ae:9d:43:e2:bc:2b:ae:99:48:81:10:04:13:f9:
         d7:96:45:6c:f7:b3:4b:7d:74:98:ff:10:b4:53:36:c2:a3:9b:
         62:a5:3b:67:69:08:66:eb:ce:54:b9:dc:40:07:3c:41:73:dd:
         ab:fb:3f:38:84:b5:24:2d:b1:fe:87:26:f8:00:6c:30:c0:5f:
         30:01:fc:65:70:6a:84:b0:48:f3:b5:14:7c:da:54:40:98:5a:
         71:01:c8:99:54:58:49:d9:4c:c5:45:83:db:1a:44:14:25:eb:
         9c:d5:04:42:71:36:36:98:c7:f0:b0:fc:bd:8b:5c:90:7f:74:
         a3:69:2c:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZao508dnoViz5zoNXW3LiFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUwNTA3MDQwMDUzWhcNMjUwNTA4MDQwMDUzWjAzMTEwLwYDVQQD
Eyg2ZjBjNjc4YjQ3MTZlOWFhN2U0MzI5YmIxMjk4MjEwMzM5YmRkZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwByhajNGU0Y9VGlXIRMNFmAnaqNS
pOhp8aXvn3kUrU3bmkhndCnbcqJbuS5SadrbP0ci5mI+g6EKvdSqJBWPIjF5HqEb
QOltYEf3AfGGGSeWxQb21obNtcEZBEAqXfy12Nt1UCarcLZWXWHQcONixUkkLQs2
OcbFHT6bDZN6xF2OFvEdRQn3MYa7OQI8+zyf0V7n1H+3OmZUS9729brai45lPlz7
2MZVaxSQB1dJiSnlr/LQ3847UgzzTQl402WFMbjdoX96BimAnx05Ax14EQzNLR+b
lub/VdpUVx3xDNFYMbHdiaGMaEVDcRkvgKRhvWdmXoMM/6/ooHSPmuT3NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8MZ4tHFumqfkMpuxKYIQM5vd4jMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALz3fz/jC
QcnRypaMdxEKj3cqwns/awYKixqc31+jV4iKCXwt6gwA+WqisFoGFGpNUKRr6Kvl
h/A8kjRQc4pE2Exktc3DYUhqjxLunIymLrpvbB7o3HBdRxpcJ/UaUNdr1kw6lv64
qf1IclsVmkhPjOK8LIGGZvAgDIsi68k9bx1o7a6dQ+K8K66ZSIEQBBP515ZFbPez
S310mP8QtFM2wqObYqU7Z2kIZuvOVLncQAc8QXPdq/s/OIS1JC2x/ocm+ABsMMBf
MAH8ZXBqhLBI87UUfNpUQJhacQHImVRYSdlMxUWD2xpEFCXrnNUEQnE2NpjH8LD8
vYtckH90o2ksBQ==
-----END CERTIFICATE-----