Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          B6xRH23oVtaR4cq+DlZF0Et8cyLukRZLyKcIwS56/g8=
Subject key identifier:   03:3B:18:AA:70:47:5E:21:B6:22:33:64:99:4D:C7:34:C3:93:FF:FE
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       0196AE0D1DC89EF56C4CD905DB07B39EA7E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          1000
Signing time:             Thu 08 May 2025 04:00:17 +0000
Manifest this update:     Thu 08 May 2025 04:00:17 +0000
Manifest next update:     Fri 09 May 2025 04:00:17 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: kkunZQGaMm89WPj1V3KSle1soC5ZgAeBn1cfCIYlln0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:0d:1d:c8:9e:f5:6c:4c:d9:05:db:07:b3:9e:a7:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: May  8 04:00:17 2025 GMT
            Not After : May  9 04:00:17 2025 GMT
        Subject: CN=033b18aa70475e21b6223364994dc734c393fffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:05:03:30:ce:d3:9f:9b:27:47:37:37:95:6f:
                    9c:d7:e0:e0:cc:84:80:1d:5a:09:9d:00:af:54:b3:
                    9b:09:35:0e:77:2c:d1:e3:99:95:85:fd:ce:34:79:
                    b4:77:58:f7:bb:64:10:44:ed:b2:c4:c8:9b:7d:cc:
                    1e:e9:e0:7a:48:10:8a:2d:88:fa:81:05:3a:78:e0:
                    2c:a6:32:34:8d:bb:29:3c:a3:eb:b6:41:a4:5b:19:
                    4a:77:c8:07:9f:80:b6:b4:13:af:ca:d5:fb:b5:1a:
                    32:3b:c6:53:f7:81:a5:26:4a:e4:cc:b8:3b:b5:62:
                    f1:fc:ed:15:8a:43:d8:48:24:8e:d9:e0:7c:07:ec:
                    23:6c:5b:1e:73:9f:37:f3:ab:50:a4:d7:b4:ba:7e:
                    58:9e:7c:b2:bf:a3:c2:1b:fc:52:3e:0f:60:87:15:
                    72:7b:bd:3f:3a:18:4e:78:24:e8:32:d8:8a:00:5f:
                    b3:7b:47:ff:84:4e:eb:a0:b9:c9:ed:bb:7d:90:af:
                    cb:7a:97:a8:d6:49:f1:e6:e6:86:23:0a:c4:a9:ee:
                    66:b7:ae:b6:89:32:71:c1:2f:53:7a:31:28:ea:e5:
                    50:00:38:05:70:d0:b4:c0:fb:b9:2c:fd:45:66:91:
                    8e:ca:8a:17:12:72:74:3c:03:ab:be:7a:78:4f:98:
                    e3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:3B:18:AA:70:47:5E:21:B6:22:33:64:99:4D:C7:34:C3:93:FF:FE
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:37:f8:02:1a:23:d9:fb:be:52:df:96:fb:82:ee:20:bf:98:
         0b:69:e9:51:d9:d4:e7:e8:10:29:62:98:ec:af:77:2f:71:02:
         d8:6e:e8:42:75:0b:56:af:85:42:7a:75:f2:1f:7f:7e:66:81:
         54:4b:29:e5:1d:4c:0a:ac:2a:b3:8a:32:88:bc:b7:9a:e9:0e:
         84:29:fd:70:d4:ba:0a:13:29:1a:fc:bc:08:59:43:bb:89:9f:
         ba:f2:3a:03:eb:f0:2f:a4:c2:c2:c1:49:a7:e3:86:69:05:da:
         30:aa:ab:9f:bf:47:bd:13:e0:09:1c:c3:de:cb:06:1a:5e:75:
         0e:cb:46:fc:c1:af:f6:03:3e:96:9e:56:68:f7:67:39:fb:1d:
         5d:77:d4:40:73:76:ab:99:b9:be:1d:e2:b8:28:c9:82:19:c3:
         a5:35:77:da:c4:2b:db:b5:e8:a6:66:a6:62:89:84:40:80:51:
         fc:2a:b5:0f:1d:a3:4c:9a:2e:e4:d2:53:be:46:48:8d:11:83:
         f8:7c:fc:a5:fe:ae:43:13:6f:04:7e:59:1e:d3:77:8f:d3:ee:
         c4:ac:e2:ef:02:cf:ee:7c:fd:e9:02:a0:c8:2d:2a:74:b5:f4:
         8a:05:3a:34:ae:96:2f:e7:53:99:6b:9d:3e:44:6a:1f:73:f1:
         95:90:ce:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZauDR3InvVsTNkF2weznqfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjUwNTA4MDQwMDE3WhcNMjUwNTA5MDQwMDE3WjAzMTEwLwYDVQQD
EygwMzNiMThhYTcwNDc1ZTIxYjYyMjMzNjQ5OTRkYzczNGMzOTNmZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwUDMM7Tn5snRzc3lW+c1+DgzISA
HVoJnQCvVLObCTUOdyzR45mVhf3ONHm0d1j3u2QQRO2yxMibfcwe6eB6SBCKLYj6
gQU6eOAspjI0jbspPKPrtkGkWxlKd8gHn4C2tBOvytX7tRoyO8ZT94GlJkrkzLg7
tWLx/O0VikPYSCSO2eB8B+wjbFsec58386tQpNe0un5Ynnyyv6PCG/xSPg9ghxVy
e70/OhhOeCToMtiKAF+ze0f/hE7roLnJ7bt9kK/Lepeo1knx5uaGIwrEqe5mt662
iTJxwS9TejEo6uVQADgFcNC0wPu5LP1FZpGOyooXEnJ0PAOrvnp4T5jjQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAM7GKpwR14htiIzZJlNxzTDk//+MB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABzf4Ahoj
2fu+Ut+W+4LuIL+YC2npUdnU5+gQKWKY7K93L3EC2G7oQnULVq+FQnp18h9/fmaB
VEsp5R1MCqwqs4oyiLy3mukOhCn9cNS6ChMpGvy8CFlDu4mfuvI6A+vwL6TCwsFJ
p+OGaQXaMKqrn79HvRPgCRzD3ssGGl51DstG/MGv9gM+lp5WaPdnOfsdXXfUQHN2
q5m5vh3iuCjJghnDpTV32sQr27XopmamYomEQIBR/Cq1Dx2jTJou5NJTvkZIjRGD
+Hz8pf6uQxNvBH5ZHtN3j9PuxKzi7wLP7nz96QKgyC0qdLX0igU6NK6WL+dTmWud
PkRqH3PxlZDObw==
-----END CERTIFICATE-----