Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          D7ZnB4Pk+lTUeNiJfqBK2zaoQioYV7b8AGZaebvR5LI=
Subject key identifier:   AE:D4:B2:E1:2C:61:67:57:18:59:A1:6D:64:91:B7:A6:83:D9:15:A6
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       0196BB92DC4DD97FD81E261390361B4FB368
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          0E93
Signing time:             Sat 10 May 2025 19:01:25 +0000
Manifest this update:     Sat 10 May 2025 19:01:25 +0000
Manifest next update:     Sun 11 May 2025 19:01:25 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: 2hVQ1P3EAWeNq4EDFkdUxf4/r5jeGJMhn0lVM8fox/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:dc:4d:d9:7f:d8:1e:26:13:90:36:1b:4f:b3:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: May 10 19:01:25 2025 GMT
            Not After : May 11 19:01:25 2025 GMT
        Subject: CN=aed4b2e12c6167571859a16d6491b7a683d915a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:72:df:aa:c9:19:ee:ae:42:1c:da:1c:18:2b:
                    d2:59:e7:77:f1:02:7e:5b:f5:1d:5f:10:1a:54:54:
                    b5:30:48:73:57:5e:e4:8f:aa:70:60:aa:b7:f3:8d:
                    69:ef:9e:89:86:af:5b:21:fd:7c:67:9d:11:77:58:
                    36:04:b1:6a:73:1a:5a:30:57:31:e3:ef:0b:fd:54:
                    a1:9e:36:0a:ae:eb:75:5c:1b:08:9b:6c:55:09:83:
                    f1:1d:59:5d:f7:de:42:ad:30:77:ce:41:22:53:79:
                    b3:ad:25:a0:47:da:ec:26:57:d4:af:4d:4c:f3:08:
                    96:82:78:74:f8:cb:ad:92:b0:f4:a9:6e:02:7b:fc:
                    49:78:1d:27:f7:f7:84:70:ea:e4:fd:e1:7e:22:96:
                    b8:c7:be:d0:45:96:cb:7d:8d:23:de:80:8f:d5:79:
                    74:c9:74:0c:f4:eb:90:0c:d6:ca:5a:94:eb:02:2c:
                    d7:b8:cd:7f:2e:1c:13:dc:45:04:67:ec:6b:6a:1a:
                    19:bf:01:47:59:68:45:05:9e:2d:82:4c:93:c4:8e:
                    43:01:05:fd:5b:cb:80:48:0c:1c:ec:dc:49:07:18:
                    8f:f0:26:ec:7f:18:6f:0c:6d:bf:a0:e6:f1:4e:aa:
                    61:21:da:a9:62:92:f7:8a:fd:0c:2c:2c:fd:c6:35:
                    03:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:D4:B2:E1:2C:61:67:57:18:59:A1:6D:64:91:B7:A6:83:D9:15:A6
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:f2:99:a8:c3:c6:99:34:5a:13:75:80:f8:f7:ef:36:21:13:
         eb:0e:f8:42:13:e7:c1:57:4d:b3:59:80:23:dd:10:4e:fd:74:
         54:b4:cd:10:db:a8:27:2b:c8:cb:6d:ba:50:2c:69:eb:23:13:
         1a:13:99:3a:9e:e0:9e:36:3e:56:59:32:d5:00:72:44:15:da:
         6a:c0:a9:35:46:b6:ca:41:70:b9:ff:87:b1:e0:c0:58:3b:83:
         80:8e:7e:12:be:00:e6:88:30:7e:9c:c6:5d:71:dd:6d:80:3e:
         f6:98:c9:56:bd:59:7e:1f:15:45:ca:7e:9b:44:a1:73:27:7e:
         35:ea:df:25:33:3a:55:cf:c8:84:a6:0b:16:15:c9:ed:92:f9:
         ec:14:09:17:58:ca:1d:5c:d3:58:e8:22:c1:17:18:3d:43:f7:
         ce:59:bd:af:55:82:49:72:8b:19:16:f1:d4:14:f6:c5:ac:7c:
         dd:e9:fb:fe:93:2f:13:9b:72:61:f7:34:04:6e:64:62:bb:12:
         b0:47:88:dc:39:bc:a5:0d:1f:e5:a4:44:68:b3:ef:b3:ec:25:
         6a:4a:98:99:c2:22:43:38:b2:30:86:a1:14:f9:61:d7:62:8b:
         f7:07:2d:06:82:09:db:36:11:ce:fa:44:1a:7a:2c:b1:50:74:
         cc:84:69:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7ktxN2X/YHiYTkDYbT7NoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjUwNTEwMTkwMTI1WhcNMjUwNTExMTkwMTI1WjAzMTEwLwYDVQQD
EyhhZWQ0YjJlMTJjNjE2NzU3MTg1OWExNmQ2NDkxYjdhNjgzZDkxNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3LfqskZ7q5CHNocGCvSWed38QJ+
W/UdXxAaVFS1MEhzV17kj6pwYKq3841p756Jhq9bIf18Z50Rd1g2BLFqcxpaMFcx
4+8L/VShnjYKrut1XBsIm2xVCYPxHVld995CrTB3zkEiU3mzrSWgR9rsJlfUr01M
8wiWgnh0+MutkrD0qW4Ce/xJeB0n9/eEcOrk/eF+Ipa4x77QRZbLfY0j3oCP1Xl0
yXQM9OuQDNbKWpTrAizXuM1/LhwT3EUEZ+xrahoZvwFHWWhFBZ4tgkyTxI5DAQX9
W8uASAwc7NxJBxiP8CbsfxhvDG2/oObxTqphIdqpYpL3iv0MLCz9xjUDxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7UsuEsYWdXGFmhbWSRt6aD2RWmMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/KZqMPG
mTRaE3WA+PfvNiET6w74QhPnwVdNs1mAI90QTv10VLTNENuoJyvIy226UCxp6yMT
GhOZOp7gnjY+Vlky1QByRBXaasCpNUa2ykFwuf+HseDAWDuDgI5+Er4A5ogwfpzG
XXHdbYA+9pjJVr1Zfh8VRcp+m0Shcyd+NerfJTM6Vc/IhKYLFhXJ7ZL57BQJF1jK
HVzTWOgiwRcYPUP3zlm9r1WCSXKLGRbx1BT2xax83en7/pMvE5tyYfc0BG5kYrsS
sEeI3Dm8pQ0f5aREaLPvs+wlakqYmcIiQziyMIahFPlh12KL9wctBoIJ2zYRzvpE
GnossVB0zIRp5Q==
-----END CERTIFICATE-----