Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
File:                     0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft (raw, json)
Hash identifier:          Yc2WvIQgGSxuKLnzXahuILQs+EFfVnKiNBV7TqqO7QY=
Subject key identifier:   08:93:C4:FF:41:5B:8E:C6:48:04:29:C8:EF:CC:2D:BC:FD:C0:68:BA
Authority key identifier: D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4
Certificate issuer:       /CN=d217978586bff3a6777d55a9a9635841516d43b4
Certificate serial:       01968A6F212BCFA21D38EFEDCB1623AD327C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
Manifest number:          0AAD
Signing time:             Thu 01 May 2025 06:01:00 +0000
Manifest this update:     Thu 01 May 2025 06:01:00 +0000
Manifest next update:     Fri 02 May 2025 06:01:00 +0000
Files and hashes:         1: 0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl (hash: jw4YkGdfBNu6bEaT2otz8IOr0JShm+T4oy3MLLNPSuA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 06:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:6f:21:2b:cf:a2:1d:38:ef:ed:cb:16:23:ad:32:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217978586bff3a6777d55a9a9635841516d43b4
        Validity
            Not Before: May  1 06:01:00 2025 GMT
            Not After : May  2 06:01:00 2025 GMT
        Subject: CN=0893c4ff415b8ec6480429c8efcc2dbcfdc068ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:51:c9:62:2e:75:aa:27:23:bc:7b:f2:86:19:
                    44:80:82:4e:0d:e7:3c:66:0c:48:55:8f:76:d1:02:
                    0b:59:ca:db:f9:72:93:13:b7:c7:4c:13:b8:d2:f0:
                    95:84:32:68:07:f0:ab:7f:79:f6:11:96:60:e0:89:
                    71:ae:6c:d9:ec:57:92:9c:f4:1f:98:ca:2a:d1:17:
                    52:ac:1f:81:f2:df:20:66:61:67:07:2f:01:d2:d3:
                    48:61:c0:c8:6c:31:85:3e:c9:dc:6b:92:87:3f:8a:
                    8a:55:15:88:01:f4:ed:85:7d:81:41:1d:2e:cf:28:
                    4f:c9:aa:ee:b8:f8:71:64:af:16:22:0f:72:b3:2f:
                    f6:ff:2e:49:fa:f3:66:27:e7:52:a7:89:7f:3a:bd:
                    c5:7c:9f:6c:3a:37:98:36:d7:7f:4a:46:e0:22:ca:
                    1f:01:0f:57:76:95:4a:09:3d:de:a0:64:8c:0c:02:
                    7b:80:bf:72:64:f1:78:c1:d1:c7:78:b8:65:c0:07:
                    b4:c6:60:6f:5f:92:f1:02:25:41:cf:69:12:24:bf:
                    78:f9:d0:1e:9b:66:90:ad:8e:57:92:5d:17:26:a3:
                    18:20:48:2d:fb:fd:d4:89:e7:ac:06:95:5e:d8:20:
                    cc:25:cd:6f:41:8f:3c:ee:ee:40:4e:f3:c2:2b:0b:
                    30:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:93:C4:FF:41:5B:8E:C6:48:04:29:C8:EF:CC:2D:BC:FD:C0:68:BA
            X509v3 Authority Key Identifier:
                keyid:D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:02:c7:61:c1:35:25:65:73:0c:92:d3:43:ef:0f:26:23:e3:
         67:62:b8:b7:44:90:00:12:fc:b8:60:2f:7d:9c:99:4a:11:ab:
         0d:0b:01:af:a9:26:27:e2:6b:db:75:fc:c7:5e:12:89:10:d6:
         b2:62:8c:90:ea:f8:ed:e0:ab:24:ea:49:5e:16:0e:97:e0:0a:
         07:69:ca:88:fb:f4:8d:83:e8:93:c3:4d:76:ab:42:af:e3:23:
         e7:0b:e1:c2:b3:af:a2:7e:df:0a:82:c5:ae:c4:4d:73:7d:d2:
         c6:3f:c5:1d:d3:4d:17:7b:a8:f2:58:39:d7:61:31:44:78:fe:
         0f:da:be:42:e8:fc:91:cd:8f:0d:5a:9e:e5:e8:84:97:68:d0:
         08:61:9e:96:d0:65:4f:36:21:28:c4:51:1a:9a:3d:bf:9b:03:
         15:97:c9:a8:d0:fa:b3:62:8c:44:84:06:ae:a1:10:8c:d5:c2:
         0c:51:e4:f4:53:8f:c2:1e:e6:ea:4d:da:52:89:29:99:7b:5c:
         99:ab:99:b7:73:07:3a:5b:55:07:18:b7:61:a7:16:08:92:2d:
         fb:99:6a:10:f0:6c:78:9d:c4:3e:fe:56:ac:27:bb:0b:2c:10:
         33:83:e7:57:56:60:b4:32:96:e6:bb:84:10:71:54:4b:27:05:
         6f:6a:af:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKbyErz6IdOO/tyxYjrTJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTc5Nzg1ODZiZmYzYTY3NzdkNTVhOWE5NjM1ODQxNTE2
ZDQzYjQwHhcNMjUwNTAxMDYwMTAwWhcNMjUwNTAyMDYwMTAwWjAzMTEwLwYDVQQD
EygwODkzYzRmZjQxNWI4ZWM2NDgwNDI5YzhlZmNjMmRiY2ZkYzA2OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlHJYi51qicjvHvyhhlEgIJODec8
ZgxIVY920QILWcrb+XKTE7fHTBO40vCVhDJoB/Crf3n2EZZg4IlxrmzZ7FeSnPQf
mMoq0RdSrB+B8t8gZmFnBy8B0tNIYcDIbDGFPsnca5KHP4qKVRWIAfTthX2BQR0u
zyhPyaruuPhxZK8WIg9ysy/2/y5J+vNmJ+dSp4l/Or3FfJ9sOjeYNtd/SkbgIsof
AQ9XdpVKCT3eoGSMDAJ7gL9yZPF4wdHHeLhlwAe0xmBvX5LxAiVBz2kSJL94+dAe
m2aQrY5Xkl0XJqMYIEgt+/3UieesBpVe2CDMJc1vQY887u5ATvPCKwsw7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiTxP9BW47GSAQpyO/MLbz9wGi6MB8GA1UdIwQY
MBaAFNIXl4WGv/Omd31VqaljWEFRbUO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEt
NGNlNGQzYjE5N2Q4LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEtNGNlNGQzYjE5N2Q4
LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANALHYcE1
JWVzDJLTQ+8PJiPjZ2K4t0SQABL8uGAvfZyZShGrDQsBr6kmJ+Jr23X8x14SiRDW
smKMkOr47eCrJOpJXhYOl+AKB2nKiPv0jYPok8NNdqtCr+Mj5wvhwrOvon7fCoLF
rsRNc33Sxj/FHdNNF3uo8lg512ExRHj+D9q+Quj8kc2PDVqe5eiEl2jQCGGeltBl
TzYhKMRRGpo9v5sDFZfJqND6s2KMRIQGrqEQjNXCDFHk9FOPwh7m6k3aUokpmXtc
mauZt3MHOltVBxi3YacWCJIt+5lqEPBseJ3EPv5WrCe7CywQM4PnV1ZgtDKW5ruE
EHFUSycFb2qvbA==
-----END CERTIFICATE-----