Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
File:                     pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft (raw, json)
Hash identifier:          ntOp+sq4EAJGidN+xybVzNa89yFzkjsNsqxWcGpywKo=
Subject key identifier:   41:7F:4F:6E:61:B1:B2:E9:57:5D:9F:65:4B:4D:95:03:4B:5C:DE:F1
Authority key identifier: A4:75:E6:51:F8:1A:AB:60:33:92:F2:55:21:B7:C9:AB:5B:D2:81:C0
Certificate issuer:       /CN=a475e651f81aab603392f25521b7c9ab5bd281c0
Certificate serial:       01967B69B90E11E447D12FF2BCC1A4827A14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
Manifest number:          033E
Signing time:             Mon 28 Apr 2025 08:00:48 +0000
Manifest this update:     Mon 28 Apr 2025 08:00:48 +0000
Manifest next update:     Tue 29 Apr 2025 08:00:48 +0000
Files and hashes:         1: pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl (hash: OxR6XgKtVOLMHD3f+XRK+rSdcPBu3II57Y9nbNhwJYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:69:b9:0e:11:e4:47:d1:2f:f2:bc:c1:a4:82:7a:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a475e651f81aab603392f25521b7c9ab5bd281c0
        Validity
            Not Before: Apr 28 08:00:48 2025 GMT
            Not After : Apr 29 08:00:48 2025 GMT
        Subject: CN=417f4f6e61b1b2e9575d9f654b4d95034b5cdef1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2b:bf:20:72:a6:04:b5:96:bc:6e:f8:4a:2c:
                    cf:f9:0a:f1:93:eb:a4:e6:bb:42:cd:87:c7:c2:8f:
                    6b:81:4f:4d:1d:4f:2b:cf:3e:11:0e:0d:86:61:e2:
                    b3:22:98:2c:22:e9:ba:cd:6e:00:dc:df:ba:e1:83:
                    d0:a2:00:b1:d8:56:8c:cc:d5:e6:1b:4b:94:0f:5c:
                    b2:c8:05:e4:fc:1d:92:eb:ae:19:c9:42:70:7d:aa:
                    62:73:f7:99:08:12:54:12:65:6e:3b:af:f0:20:39:
                    33:95:40:02:8b:aa:74:0c:e7:7b:5c:af:2e:b1:fb:
                    9c:a8:cb:32:42:06:c1:c6:98:3e:a0:f6:cd:b6:83:
                    82:c7:5c:94:ec:fe:89:1e:16:f4:d3:b5:1d:db:ec:
                    5d:ee:94:b0:c9:39:e7:c9:02:ce:eb:0a:4d:84:c6:
                    57:4b:0e:b7:c4:56:0f:ad:35:2a:d9:37:d8:5b:9f:
                    16:3d:68:30:32:f3:67:53:c5:72:d0:88:08:3b:ce:
                    cf:1a:51:f4:32:64:40:6d:35:d8:7d:54:3d:c4:ae:
                    80:e9:9b:70:a0:ba:7d:1c:ef:41:e2:08:d6:6e:44:
                    41:58:e5:9c:30:59:cc:11:07:7e:04:c2:46:73:81:
                    3b:45:52:61:0b:84:89:2b:c0:4e:5b:6e:82:d2:aa:
                    78:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:7F:4F:6E:61:B1:B2:E9:57:5D:9F:65:4B:4D:95:03:4B:5C:DE:F1
            X509v3 Authority Key Identifier:
                keyid:A4:75:E6:51:F8:1A:AB:60:33:92:F2:55:21:B7:C9:AB:5B:D2:81:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:f4:6e:e6:53:0b:d7:2a:cd:dd:c8:ed:c9:d4:c3:1c:bc:8e:
         35:4d:b6:1c:da:5f:b1:1f:ab:7c:2e:59:d1:7c:a1:2a:eb:00:
         e5:d3:25:a3:98:d4:27:3a:d4:a8:d9:0b:01:5b:10:95:c2:8d:
         1d:fa:7d:fd:fb:7d:4e:5a:99:e9:17:93:7c:bd:22:0c:7f:5a:
         12:f6:ae:ef:2e:5c:8e:e7:9f:db:6d:3e:f1:5b:4f:8b:9e:10:
         8e:aa:9f:ed:98:21:be:92:ff:1f:3e:8e:c4:6d:2a:6a:8d:ab:
         84:bf:d5:68:75:e6:b1:71:e6:e0:8a:bc:02:71:2d:f6:b6:37:
         8e:2a:9b:8a:44:87:d7:4c:49:dc:86:8b:28:a8:68:09:c8:31:
         85:57:8e:74:b4:40:de:d5:ea:e8:03:64:29:4a:6f:50:af:a8:
         28:40:56:32:ec:0a:90:8e:ef:b6:d5:ad:2c:74:30:2d:cc:c2:
         6a:96:79:12:ae:5a:95:be:ab:d1:6d:06:f6:ff:a2:8c:f8:82:
         20:5a:4a:82:0f:19:2d:cb:e4:fa:07:04:dd:1a:a3:9a:66:eb:
         5d:91:a8:41:70:34:13:43:56:71:fa:f8:aa:a9:57:01:00:49:
         8c:c4:d7:ce:30:8b:5e:af:aa:02:17:9e:22:d4:7b:db:f5:d0:
         0a:5f:d4:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7abkOEeRH0S/yvMGkgnoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzVlNjUxZjgxYWFiNjAzMzkyZjI1NTIxYjdjOWFiNWJk
MjgxYzAwHhcNMjUwNDI4MDgwMDQ4WhcNMjUwNDI5MDgwMDQ4WjAzMTEwLwYDVQQD
Eyg0MTdmNGY2ZTYxYjFiMmU5NTc1ZDlmNjU0YjRkOTUwMzRiNWNkZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yu/IHKmBLWWvG74SizP+Qrxk+uk
5rtCzYfHwo9rgU9NHU8rzz4RDg2GYeKzIpgsIum6zW4A3N+64YPQogCx2FaMzNXm
G0uUD1yyyAXk/B2S664ZyUJwfapic/eZCBJUEmVuO6/wIDkzlUACi6p0DOd7XK8u
sfucqMsyQgbBxpg+oPbNtoOCx1yU7P6JHhb007Ud2+xd7pSwyTnnyQLO6wpNhMZX
Sw63xFYPrTUq2TfYW58WPWgwMvNnU8Vy0IgIO87PGlH0MmRAbTXYfVQ9xK6A6Ztw
oLp9HO9B4gjWbkRBWOWcMFnMEQd+BMJGc4E7RVJhC4SJK8BOW26C0qp43QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEF/T25hsbLpV12fZUtNlQNLXN7xMB8GA1UdIwQY
MBaAFKR15lH4GqtgM5LyVSG3yatb0oHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jZWMzMjctMzhlMS00YWY0LWEwOGYt
NzdjZmQyMTViNzMyLzEvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jZWMzMjctMzhlMS00YWY0LWEwOGYtNzdjZmQyMTViNzMy
LzEvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC/Ru5lML
1yrN3cjtydTDHLyONU22HNpfsR+rfC5Z0XyhKusA5dMlo5jUJzrUqNkLAVsQlcKN
Hfp9/ft9TlqZ6ReTfL0iDH9aEvau7y5cjuef220+8VtPi54Qjqqf7ZghvpL/Hz6O
xG0qao2rhL/VaHXmsXHm4Iq8AnEt9rY3jiqbikSH10xJ3IaLKKhoCcgxhVeOdLRA
3tXq6ANkKUpvUK+oKEBWMuwKkI7vttWtLHQwLczCapZ5Eq5alb6r0W0G9v+ijPiC
IFpKgg8ZLcvk+gcE3RqjmmbrXZGoQXA0E0NWcfr4qqlXAQBJjMTXzjCLXq+qAhee
ItR72/XQCl/UsA==
-----END CERTIFICATE-----