Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          cqjBPFQzXHXECZw11sXfti80mCC3N0fHj59ApSvIQMY=
Subject key identifier:   48:73:53:0F:F9:B7:AE:61:A2:66:6B:FD:60:58:48:F5:A5:3F:DE:FB
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       0196C34C0C7846361F1C238138695BC64721
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          1533
Signing time:             Mon 12 May 2025 07:01:03 +0000
Manifest this update:     Mon 12 May 2025 07:01:03 +0000
Manifest next update:     Tue 13 May 2025 07:01:03 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: 89iWtbIUS4Vmal/LSMFLElkLuYfi5ZjiSrpxG/b0V84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:0c:78:46:36:1f:1c:23:81:38:69:5b:c6:47:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: May 12 07:01:03 2025 GMT
            Not After : May 13 07:01:03 2025 GMT
        Subject: CN=4873530ff9b7ae61a2666bfd605848f5a53fdefb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d4:d4:31:55:8e:fa:0a:f7:85:68:ef:ad:72:
                    e1:ea:a9:4a:35:17:52:bf:72:ae:7b:c5:f2:14:38:
                    ec:37:56:70:ef:bc:1c:4c:41:0d:7e:23:d0:55:24:
                    6d:76:11:1e:5f:aa:77:76:68:7a:34:38:5e:33:fc:
                    c6:02:24:b7:79:c5:98:8e:5c:cd:d9:7c:ec:29:8a:
                    65:3c:a6:67:ad:d7:02:13:72:d6:f8:7e:16:1a:1a:
                    1f:0e:67:a2:11:66:47:45:87:3d:15:05:c3:05:22:
                    02:63:98:8d:a2:25:96:cb:1b:e3:a6:a5:a4:64:fa:
                    c6:81:a0:ff:6e:72:1c:74:59:94:0e:4b:7d:7e:93:
                    2e:3c:fa:73:1b:87:fa:76:08:20:36:a6:f1:81:9b:
                    7a:47:fd:07:44:a5:bd:90:22:b6:ae:e4:fe:40:29:
                    59:0b:73:08:e4:c1:de:af:81:30:58:1c:69:1c:81:
                    ad:0e:c0:c3:9f:5c:94:7f:5d:03:91:a0:40:7b:f7:
                    cd:0d:e4:8c:e1:94:45:23:7c:54:70:45:a5:bb:3f:
                    97:60:7b:a0:59:77:ab:1e:7c:27:57:9f:b6:80:3c:
                    60:69:f2:2a:70:41:74:c8:ec:3e:82:4b:b0:a2:21:
                    e8:f5:8f:0c:05:11:9e:ab:03:7f:38:83:ac:39:6b:
                    29:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:73:53:0F:F9:B7:AE:61:A2:66:6B:FD:60:58:48:F5:A5:3F:DE:FB
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:2b:2f:f0:c7:13:21:70:2b:95:54:55:bc:1b:7a:0d:02:bc:
         9f:22:06:39:2e:b6:b2:fa:32:bb:05:a7:64:48:20:a3:07:f1:
         6c:7f:90:53:c6:97:6d:17:55:19:6e:15:98:af:77:f0:50:25:
         cb:db:28:76:94:88:15:6d:0f:e4:ea:de:ad:39:0a:85:51:4a:
         c1:28:7a:a7:ae:3b:96:e6:0c:24:82:a8:d8:4b:01:e0:6b:bb:
         ac:4a:73:24:70:10:a9:00:21:73:f4:28:37:8e:c8:83:57:ee:
         9d:6f:08:3e:6d:f3:c4:4e:b3:5d:28:f2:ca:31:5b:3e:96:1f:
         13:c9:ce:e1:a1:c0:da:44:70:f4:43:57:cb:fc:7c:43:7b:58:
         5f:4d:ed:f8:e8:be:83:96:6e:9a:39:90:0c:65:21:39:12:6a:
         63:e3:90:20:62:87:d4:bc:34:15:5f:67:dc:e9:79:f2:30:b8:
         75:76:3b:e7:3d:68:d0:2f:39:28:f9:e4:4f:92:63:54:ff:da:
         da:ad:f7:c8:46:d3:73:3f:06:b9:cf:23:60:42:95:ca:7b:bd:
         b1:9b:00:be:0c:b4:93:17:d5:9e:42:50:6c:ce:25:dd:55:ee:
         45:b6:eb:30:39:30:2e:0f:5b:e0:b6:89:67:d9:c5:e7:0d:89:
         a9:0b:79:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTAx4RjYfHCOBOGlbxkchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUwNTEyMDcwMTAzWhcNMjUwNTEzMDcwMTAzWjAzMTEwLwYDVQQD
Eyg0ODczNTMwZmY5YjdhZTYxYTI2NjZiZmQ2MDU4NDhmNWE1M2ZkZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29TUMVWO+gr3hWjvrXLh6qlKNRdS
v3Kue8XyFDjsN1Zw77wcTEENfiPQVSRtdhEeX6p3dmh6NDheM/zGAiS3ecWYjlzN
2XzsKYplPKZnrdcCE3LW+H4WGhofDmeiEWZHRYc9FQXDBSICY5iNoiWWyxvjpqWk
ZPrGgaD/bnIcdFmUDkt9fpMuPPpzG4f6dgggNqbxgZt6R/0HRKW9kCK2ruT+QClZ
C3MI5MHer4EwWBxpHIGtDsDDn1yUf10DkaBAe/fNDeSM4ZRFI3xUcEWluz+XYHug
WXerHnwnV5+2gDxgafIqcEF0yOw+gkuwoiHo9Y8MBRGeqwN/OIOsOWspNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhzUw/5t65homZr/WBYSPWlP977MB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEysv8McT
IXArlVRVvBt6DQK8nyIGOS62svoyuwWnZEggowfxbH+QU8aXbRdVGW4VmK938FAl
y9sodpSIFW0P5OrerTkKhVFKwSh6p647luYMJIKo2EsB4Gu7rEpzJHAQqQAhc/Qo
N47Ig1funW8IPm3zxE6zXSjyyjFbPpYfE8nO4aHA2kRw9ENXy/x8Q3tYX03t+Oi+
g5ZumjmQDGUhORJqY+OQIGKH1Lw0FV9n3Ol58jC4dXY75z1o0C85KPnkT5JjVP/a
2q33yEbTcz8Guc8jYEKVynu9sZsAvgy0kxfVnkJQbM4l3VXuRbbrMDkwLg9b4LaJ
Z9nF5w2JqQt5/A==
-----END CERTIFICATE-----