Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
File:                     hVLmDnmh3nUzQ9eBW4cMloDArn8.mft (raw, json)
Hash identifier:          WH1RTAWpv+2vNcogaLRgVttZSRVUDDw1aDZsyEdYjUw=
Subject key identifier:   7E:C8:C5:93:C7:1E:AD:47:AF:39:54:C1:94:8F:E8:70:37:10:3E:0B
Authority key identifier: 85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F
Certificate issuer:       /CN=8552e60e79a1de753343d7815b870c9680c0ae7f
Certificate serial:       0196515BCF1F9CDF17B490FAF0A28E0F82AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
Manifest number:          0ACD
Signing time:             Sun 20 Apr 2025 04:01:32 +0000
Manifest this update:     Sun 20 Apr 2025 04:01:32 +0000
Manifest next update:     Mon 21 Apr 2025 04:01:32 +0000
Files and hashes:         1: hVLmDnmh3nUzQ9eBW4cMloDArn8.crl (hash: CANCfHOKpqm3OFDuNuvaZ9aMCNAn16dQDo2Gpdiy5VM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:cf:1f:9c:df:17:b4:90:fa:f0:a2:8e:0f:82:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8552e60e79a1de753343d7815b870c9680c0ae7f
        Validity
            Not Before: Apr 20 04:01:32 2025 GMT
            Not After : Apr 21 04:01:32 2025 GMT
        Subject: CN=7ec8c593c71ead47af3954c1948fe87037103e0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:04:a7:ea:75:3e:b9:a4:8e:ee:2e:6a:bb:82:
                    c6:4f:30:3c:7e:6d:37:00:4c:e3:04:ad:6e:0e:8c:
                    5b:3a:64:84:4c:a4:97:dd:2d:a1:6e:b8:7a:1e:89:
                    75:35:8b:94:d5:10:48:22:97:8d:83:0f:75:51:40:
                    d2:f6:f8:0f:fe:31:db:7a:9d:11:0c:51:5f:36:69:
                    cc:88:30:d2:c8:6d:e0:00:0d:12:b3:5c:ec:d8:96:
                    25:b6:b9:7c:e1:25:5f:6d:4a:df:ec:62:2b:0c:7f:
                    82:27:ee:9e:82:21:99:87:e7:ee:a0:58:ad:27:dc:
                    fc:8c:e4:80:5d:3f:16:69:b6:df:d0:66:22:1c:6f:
                    56:24:68:89:96:33:18:4d:05:e2:61:3a:72:20:b4:
                    d5:74:f9:84:4e:51:20:b1:36:f0:27:73:84:48:cc:
                    b5:8a:10:1c:2f:ea:1f:2c:d1:76:5f:a3:b3:24:a0:
                    70:a3:04:bf:26:6b:a6:d9:f4:7f:16:b6:1d:88:69:
                    54:b5:ca:c6:9d:2c:47:e5:cd:01:26:75:f8:c2:d7:
                    d8:41:e2:b7:55:f2:82:ac:c0:68:1e:5c:f9:2e:09:
                    62:41:22:a1:2b:08:46:f4:18:7f:39:a2:9c:d5:f0:
                    86:a0:dd:ed:72:05:35:63:e0:a1:06:25:ce:44:57:
                    ca:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:C8:C5:93:C7:1E:AD:47:AF:39:54:C1:94:8F:E8:70:37:10:3E:0B
            X509v3 Authority Key Identifier:
                keyid:85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:ba:8e:1d:bb:11:d0:c6:ad:b5:0a:6b:aa:c0:eb:bc:f7:a8:
         f8:d5:0e:ec:8d:95:61:3e:55:4f:45:f7:dd:20:f8:ea:5c:8c:
         76:9c:98:b5:36:62:d9:45:2c:11:d2:62:ad:2d:ef:ce:15:6c:
         e1:d7:63:23:66:cd:6e:bf:3e:7a:eb:c3:09:34:6e:60:00:5f:
         58:57:26:a5:a0:65:3f:27:34:28:52:30:6f:35:05:9d:7c:db:
         8b:d2:12:33:c2:c6:57:4c:8f:b0:ce:0c:15:5d:f7:74:ae:b4:
         ba:76:03:ad:db:9e:b9:11:6b:1f:e5:0a:25:76:99:06:b9:b9:
         20:d4:a8:d5:6d:10:23:16:1a:ff:cc:03:7f:5b:d9:69:66:6e:
         ca:c4:6f:9a:bc:35:f9:50:19:db:7c:5f:87:67:bb:8e:c4:1f:
         ea:31:e3:2b:63:9a:d8:f9:4c:9b:ee:9f:0b:8d:c9:47:b7:4f:
         a1:fc:db:07:44:ce:21:8b:64:80:5e:22:76:ad:3c:95:90:9d:
         5a:1f:4c:b6:4b:54:00:30:41:9f:a8:e8:b2:4a:75:06:89:17:
         b8:b8:84:a8:31:a1:26:38:6c:15:c5:4d:0d:01:68:ce:a9:25:
         7b:81:96:1d:5c:59:18:7b:5c:f7:29:3d:92:13:c5:7d:c2:7e:
         25:59:bd:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW88fnN8XtJD68KKOD4KrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTJlNjBlNzlhMWRlNzUzMzQzZDc4MTViODcwYzk2ODBj
MGFlN2YwHhcNMjUwNDIwMDQwMTMyWhcNMjUwNDIxMDQwMTMyWjAzMTEwLwYDVQQD
Eyg3ZWM4YzU5M2M3MWVhZDQ3YWYzOTU0YzE5NDhmZTg3MDM3MTAzZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywSn6nU+uaSO7i5qu4LGTzA8fm03
AEzjBK1uDoxbOmSETKSX3S2hbrh6Hol1NYuU1RBIIpeNgw91UUDS9vgP/jHbep0R
DFFfNmnMiDDSyG3gAA0Ss1zs2JYltrl84SVfbUrf7GIrDH+CJ+6egiGZh+fuoFit
J9z8jOSAXT8Wabbf0GYiHG9WJGiJljMYTQXiYTpyILTVdPmETlEgsTbwJ3OESMy1
ihAcL+ofLNF2X6OzJKBwowS/Jmum2fR/FrYdiGlUtcrGnSxH5c0BJnX4wtfYQeK3
VfKCrMBoHlz5LgliQSKhKwhG9Bh/OaKc1fCGoN3tcgU1Y+ChBiXORFfKMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7IxZPHHq1HrzlUwZSP6HA3ED4LMB8GA1UdIwQY
MBaAFIVS5g55od51M0PXgVuHDJaAwK5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEt
OWZmYTYwZGI4ZjcxLzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEtOWZmYTYwZGI4Zjcx
LzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdbqOHbsR
0MattQprqsDrvPeo+NUO7I2VYT5VT0X33SD46lyMdpyYtTZi2UUsEdJirS3vzhVs
4ddjI2bNbr8+euvDCTRuYABfWFcmpaBlPyc0KFIwbzUFnXzbi9ISM8LGV0yPsM4M
FV33dK60unYDrdueuRFrH+UKJXaZBrm5INSo1W0QIxYa/8wDf1vZaWZuysRvmrw1
+VAZ23xfh2e7jsQf6jHjK2Oa2PlMm+6fC43JR7dPofzbB0TOIYtkgF4idq08lZCd
Wh9MtktUADBBn6joskp1BokXuLiEqDGhJjhsFcVNDQFozqkle4GWHVxZGHtc9yk9
khPFfcJ+JVm9lA==
-----END CERTIFICATE-----