Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          gV00L6bHeS0wdayaSDF5boX/Qe9UHt3ExwanQw3gHJI=
Subject key identifier:   A9:4D:B4:BC:17:82:70:50:EC:70:79:B6:0D:C3:C5:BD:76:5D:9F:22
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       0196CEE22E9740FB990F3E2792DD5523F828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          0FD8
Signing time:             Wed 14 May 2025 13:00:51 +0000
Manifest this update:     Wed 14 May 2025 13:00:51 +0000
Manifest next update:     Thu 15 May 2025 13:00:51 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: hWkklrwLrjMzQrGS3cGaMwzM2IbGpMPRaZFbpya1JLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 13:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:e2:2e:97:40:fb:99:0f:3e:27:92:dd:55:23:f8:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: May 14 13:00:51 2025 GMT
            Not After : May 15 13:00:51 2025 GMT
        Subject: CN=a94db4bc17827050ec7079b60dc3c5bd765d9f22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9e:28:47:c7:8d:51:96:04:65:4a:2f:c8:3e:
                    c5:d7:de:ff:66:8f:51:e1:a0:49:52:ae:98:e8:57:
                    13:43:a7:a4:63:01:3c:be:6a:96:f1:a6:d4:9a:48:
                    5e:9e:78:25:8a:b6:3f:f6:ef:ce:fe:ea:a0:b9:ef:
                    b3:6d:3f:e8:5c:a4:c2:8b:1d:78:68:6e:35:e5:71:
                    94:5f:f0:6b:aa:bd:b0:16:e3:89:3a:e6:c2:7b:69:
                    12:a1:87:32:65:61:c9:35:84:cd:fa:0a:57:f9:00:
                    1f:be:7b:6c:e0:b0:6f:dd:2e:19:5f:3c:82:84:06:
                    90:3d:fd:d6:6a:9d:cf:53:44:91:78:bb:16:06:aa:
                    a0:24:c5:69:d5:6e:1d:f2:f2:dc:46:07:09:5a:d6:
                    12:dc:d3:c6:f2:f0:42:35:64:76:7f:01:4d:22:58:
                    b0:16:22:68:d7:6b:ed:11:93:ce:7a:9b:66:81:b1:
                    c4:9a:99:e9:e0:38:21:cd:e3:84:13:d0:c6:10:b9:
                    6e:05:5b:93:cd:61:85:6e:b8:ba:9c:fa:21:ee:b0:
                    23:58:07:c4:98:48:4a:86:bc:4e:2a:60:d4:78:a7:
                    5c:ba:f7:71:40:d7:79:d5:76:b0:26:9b:94:18:d2:
                    65:d1:fe:ad:2b:b3:df:e1:c0:53:f8:9c:e2:9a:dc:
                    79:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:4D:B4:BC:17:82:70:50:EC:70:79:B6:0D:C3:C5:BD:76:5D:9F:22
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:96:a3:af:36:6d:a4:d3:17:38:09:c8:e5:4f:6d:fb:93:26:
         9a:cc:e9:d2:76:9b:0b:ed:c3:75:33:1a:a6:e7:fc:95:97:96:
         b7:bf:1a:ee:cc:6b:ab:f9:91:bf:50:a7:77:96:dd:07:34:30:
         2a:b7:cb:43:1d:f7:fc:3a:9d:b9:6d:81:97:11:26:5a:ac:3c:
         ed:ef:8f:9a:b4:d6:85:bf:ec:b1:c8:9d:99:59:3a:f5:bb:38:
         c0:ad:a4:d7:25:44:7f:1a:57:22:2a:31:4a:ac:00:8a:7d:29:
         c3:e8:17:b2:2b:b1:8e:cc:bb:ae:8c:d7:63:31:3b:11:ce:c2:
         28:5a:7b:75:54:7d:56:98:6f:a2:fa:7e:2e:0d:1d:27:37:c9:
         ce:a4:02:0b:1a:68:42:bb:e3:38:24:80:9f:e7:f9:ef:e5:bb:
         86:13:76:a1:7a:23:89:72:79:8d:0e:96:8b:c8:3e:f5:a4:9a:
         e3:4f:3d:1d:03:98:7e:00:33:db:18:04:bb:89:3b:7b:a7:b3:
         9f:52:ec:2a:ed:76:23:b7:97:5d:f7:21:75:1b:35:b0:f8:e7:
         99:35:7a:0e:cd:82:cd:71:3e:a0:4d:e1:c2:65:ce:08:58:70:
         5d:5f:bf:bb:e4:f3:cc:48:8c:ae:4a:0f:74:5c:b5:1e:09:0d:
         17:6d:bf:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbO4i6XQPuZDz4nkt1VI/goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjUwNTE0MTMwMDUxWhcNMjUwNTE1MTMwMDUxWjAzMTEwLwYDVQQD
EyhhOTRkYjRiYzE3ODI3MDUwZWM3MDc5YjYwZGMzYzViZDc2NWQ5ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw54oR8eNUZYEZUovyD7F197/Zo9R
4aBJUq6Y6FcTQ6ekYwE8vmqW8abUmkhennglirY/9u/O/uqgue+zbT/oXKTCix14
aG415XGUX/Brqr2wFuOJOubCe2kSoYcyZWHJNYTN+gpX+QAfvnts4LBv3S4ZXzyC
hAaQPf3Wap3PU0SReLsWBqqgJMVp1W4d8vLcRgcJWtYS3NPG8vBCNWR2fwFNIliw
FiJo12vtEZPOeptmgbHEmpnp4DghzeOEE9DGELluBVuTzWGFbri6nPoh7rAjWAfE
mEhKhrxOKmDUeKdcuvdxQNd51XawJpuUGNJl0f6tK7Pf4cBT+Jzimtx5LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlNtLwXgnBQ7HB5tg3Dxb12XZ8iMB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbZajrzZt
pNMXOAnI5U9t+5Mmmszp0nabC+3DdTMapuf8lZeWt78a7sxrq/mRv1Cnd5bdBzQw
KrfLQx33/DqduW2BlxEmWqw87e+PmrTWhb/sscidmVk69bs4wK2k1yVEfxpXIiox
SqwAin0pw+gXsiuxjsy7rozXYzE7Ec7CKFp7dVR9Vphvovp+Lg0dJzfJzqQCCxpo
QrvjOCSAn+f57+W7hhN2oXojiXJ5jQ6Wi8g+9aSa4089HQOYfgAz2xgEu4k7e6ez
n1LsKu12I7eXXfchdRs1sPjnmTV6Ds2CzXE+oE3hwmXOCFhwXV+/u+TzzEiMrkoP
dFy1HgkNF22/xQ==
-----END CERTIFICATE-----