Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          8N4xPlsfirmOWh0RHVj3aGftZTckQhNI3SukpSISU7c=
Subject key identifier:   75:77:AB:2F:FC:01:15:41:C9:39:9A:AB:1E:D2:32:A0:B3:A7:DF:98
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       0196876E3123BD0593AD756F75E2A9C09178
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0768
Signing time:             Wed 30 Apr 2025 16:01:07 +0000
Manifest this update:     Wed 30 Apr 2025 16:01:07 +0000
Manifest next update:     Thu 01 May 2025 16:01:07 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: JSkNh4pf92YeINQDxfJuCPynd+WJX04Zla/u/3pDNIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6e:31:23:bd:05:93:ad:75:6f:75:e2:a9:c0:91:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Apr 30 16:01:07 2025 GMT
            Not After : May  1 16:01:07 2025 GMT
        Subject: CN=7577ab2ffc011541c9399aab1ed232a0b3a7df98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:74:db:65:09:79:87:0c:c9:36:13:f0:b2:cb:
                    92:1b:41:dc:b2:04:18:f8:d0:e6:ee:88:d3:43:df:
                    82:5d:52:bc:e4:47:69:7c:99:4e:a4:70:22:8a:0b:
                    86:1e:bd:96:12:bf:4e:d4:50:8e:7c:bc:9f:96:e4:
                    36:7f:08:90:ac:cf:cd:9d:df:11:f9:c1:42:4b:10:
                    87:71:02:97:20:0c:eb:42:1b:1d:fd:e9:b3:20:7e:
                    fc:04:67:d7:27:44:55:4f:ac:b8:f2:4e:cf:cd:b5:
                    48:70:ec:97:df:24:93:8d:ee:13:98:ff:88:9a:6a:
                    cf:fa:c1:96:72:f3:9e:fc:d5:6b:96:0d:a3:a4:1d:
                    96:73:5b:d8:53:b2:e9:50:8d:09:06:2c:25:be:17:
                    52:ba:64:f7:f3:4c:6b:75:53:c8:a5:a2:18:ed:dc:
                    a9:27:d0:85:17:9d:02:c7:cb:a0:b6:7c:4b:09:d3:
                    2d:0e:58:9a:01:ab:14:ec:12:bd:26:58:48:c1:3c:
                    24:26:c0:fc:71:b3:2f:a3:e0:7a:1c:9c:d1:7b:e6:
                    63:9c:b6:6b:76:e5:77:5f:f7:2b:ad:ee:e4:29:22:
                    7f:e8:fc:29:6f:0d:cb:56:c3:5e:f7:c6:1b:8a:52:
                    5f:ff:a3:77:f7:50:80:7c:97:d0:4b:56:95:42:4a:
                    45:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:77:AB:2F:FC:01:15:41:C9:39:9A:AB:1E:D2:32:A0:B3:A7:DF:98
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:2b:f3:53:ba:3f:8e:55:8d:3b:ff:78:32:eb:ab:6a:9e:f3:
         3b:8a:24:89:d1:b9:ae:29:f7:51:ec:74:f3:1d:94:2c:95:fc:
         2a:6a:b4:d1:61:2a:35:56:f3:ad:8e:7b:ef:dc:94:47:e1:f7:
         e2:fe:fc:f1:26:5e:e1:93:62:38:88:55:58:c2:c6:31:c2:43:
         b7:a6:3a:57:66:23:ef:ff:d6:22:77:bd:95:13:47:8d:5a:5f:
         55:c8:ec:99:11:7b:c0:79:eb:02:e1:14:de:52:4d:de:d5:78:
         b8:51:fb:4f:ae:59:10:3c:f4:bf:3c:cb:99:25:58:f6:99:14:
         8a:fb:9f:f6:76:a6:2c:f0:09:e7:a0:76:11:fc:e1:2b:2f:32:
         75:30:8d:68:ad:1b:14:1b:96:d8:48:b3:7f:2f:bd:6b:1a:3a:
         40:96:d9:96:7a:e3:45:12:6d:5c:c9:4f:33:de:33:89:75:66:
         e8:bc:1a:d3:cb:a1:0a:c9:f9:c5:ef:0f:a5:89:4a:84:24:7a:
         9f:15:54:89:9d:b8:91:56:5e:c3:17:2b:37:e2:c4:b6:8a:22:
         8f:6e:ea:f6:46:c3:e6:e2:8a:ab:15:9a:40:06:25:12:11:e4:
         f4:cb:3d:03:03:c9:6e:f0:de:20:18:2c:86:14:4b:ae:8e:7c:
         2c:f5:d3:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbjEjvQWTrXVvdeKpwJF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUwNDMwMTYwMTA3WhcNMjUwNTAxMTYwMTA3WjAzMTEwLwYDVQQD
Eyg3NTc3YWIyZmZjMDExNTQxYzkzOTlhYWIxZWQyMzJhMGIzYTdkZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnTbZQl5hwzJNhPwssuSG0HcsgQY
+NDm7ojTQ9+CXVK85EdpfJlOpHAiiguGHr2WEr9O1FCOfLyfluQ2fwiQrM/Nnd8R
+cFCSxCHcQKXIAzrQhsd/emzIH78BGfXJ0RVT6y48k7PzbVIcOyX3ySTje4TmP+I
mmrP+sGWcvOe/NVrlg2jpB2Wc1vYU7LpUI0JBiwlvhdSumT380xrdVPIpaIY7dyp
J9CFF50Cx8ugtnxLCdMtDliaAasU7BK9JlhIwTwkJsD8cbMvo+B6HJzRe+ZjnLZr
duV3X/crre7kKSJ/6Pwpbw3LVsNe98YbilJf/6N391CAfJfQS1aVQkpFywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHV3qy/8ARVByTmaqx7SMqCzp9+YMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyvzU7o/
jlWNO/94Muurap7zO4okidG5rin3Uex08x2ULJX8Kmq00WEqNVbzrY5779yUR+H3
4v788SZe4ZNiOIhVWMLGMcJDt6Y6V2Yj7//WIne9lRNHjVpfVcjsmRF7wHnrAuEU
3lJN3tV4uFH7T65ZEDz0vzzLmSVY9pkUivuf9namLPAJ56B2EfzhKy8ydTCNaK0b
FBuW2Eizfy+9axo6QJbZlnrjRRJtXMlPM94ziXVm6Lwa08uhCsn5xe8PpYlKhCR6
nxVUiZ24kVZewxcrN+LEtooij27q9kbD5uKKqxWaQAYlEhHk9Ms9AwPJbvDeIBgs
hhRLro58LPXTCg==
-----END CERTIFICATE-----