Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/752d3e-9126-41d4-b45b-47909dd57800/1/SjxCaDwIkTWknvH1ZTy5zl63C-Y.mft
File:                     SjxCaDwIkTWknvH1ZTy5zl63C-Y.mft (raw, json)
Hash identifier:          2Q7/WH4brsd+qtvYUW9SIiRMv8qjsIV75Z/P4SAYrW8=
Subject key identifier:   36:7A:2D:D1:B2:A5:F4:96:81:72:62:54:93:69:27:3E:4D:83:36:5E
Authority key identifier: 4A:3C:42:68:3C:08:91:35:A4:9E:F1:F5:65:3C:B9:CE:5E:B7:0B:E6
Certificate issuer:       /CN=4a3c42683c089135a49ef1f5653cb9ce5eb70be6
Certificate serial:       01965D961A52B6E7D131BFC15C57DCE1E936
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SjxCaDwIkTWknvH1ZTy5zl63C-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/752d3e-9126-41d4-b45b-47909dd57800/1/SjxCaDwIkTWknvH1ZTy5zl63C-Y.mft
Manifest number:          0AE0
Signing time:             Tue 22 Apr 2025 13:00:40 +0000
Manifest this update:     Tue 22 Apr 2025 13:00:40 +0000
Manifest next update:     Wed 23 Apr 2025 13:00:40 +0000
Files and hashes:         1: SjxCaDwIkTWknvH1ZTy5zl63C-Y.crl (hash: WfY59oOWcinY35BW6UbratPkB4Qlox8YprYoTuvBcG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/752d3e-9126-41d4-b45b-47909dd57800/1/SjxCaDwIkTWknvH1ZTy5zl63C-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/752d3e-9126-41d4-b45b-47909dd57800/1/SjxCaDwIkTWknvH1ZTy5zl63C-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SjxCaDwIkTWknvH1ZTy5zl63C-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:96:1a:52:b6:e7:d1:31:bf:c1:5c:57:dc:e1:e9:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a3c42683c089135a49ef1f5653cb9ce5eb70be6
        Validity
            Not Before: Apr 22 13:00:40 2025 GMT
            Not After : Apr 23 13:00:40 2025 GMT
        Subject: CN=367a2dd1b2a5f496817262549369273e4d83365e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:01:b5:50:88:b3:f6:46:12:81:4d:54:7e:92:
                    b6:69:b2:2e:69:72:43:cb:a6:55:9f:fc:99:7c:8a:
                    37:96:60:cc:c9:cf:bf:f7:2e:47:09:65:47:ff:7c:
                    9e:29:1c:3f:4e:fb:c8:48:aa:7c:87:c1:c3:de:db:
                    4e:fe:31:25:01:de:6a:0b:9b:5a:7b:79:a7:48:8a:
                    50:1d:6e:77:53:0c:36:97:45:f2:9c:10:32:ce:20:
                    18:d9:75:2e:63:8c:15:8b:f0:e8:c6:73:e1:4e:71:
                    dd:c3:a0:36:01:03:91:b0:48:70:10:57:94:c2:01:
                    16:6d:f9:ef:3a:39:62:46:9b:29:ef:3a:52:21:c7:
                    b7:2c:77:91:28:dc:84:6f:c0:90:fa:c8:1b:fe:ea:
                    50:b5:dd:b5:90:07:d0:5d:48:8a:eb:94:8f:76:77:
                    e8:3a:d7:5e:51:a3:3d:87:94:35:41:a3:9f:b9:60:
                    64:b7:b8:7c:53:45:ed:92:40:03:9a:aa:a6:f6:4e:
                    9e:93:f3:ed:d5:47:b6:34:23:9c:a5:ad:64:14:7d:
                    28:1f:14:50:0a:f4:88:26:3d:f4:f2:1f:5e:55:94:
                    97:10:b7:74:3e:37:80:aa:ff:5b:f0:9e:8a:1b:32:
                    89:df:c4:ca:bc:fb:7f:f0:9b:d4:f2:22:0f:9f:c7:
                    e7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:7A:2D:D1:B2:A5:F4:96:81:72:62:54:93:69:27:3E:4D:83:36:5E
            X509v3 Authority Key Identifier:
                keyid:4A:3C:42:68:3C:08:91:35:A4:9E:F1:F5:65:3C:B9:CE:5E:B7:0B:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SjxCaDwIkTWknvH1ZTy5zl63C-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/752d3e-9126-41d4-b45b-47909dd57800/1/SjxCaDwIkTWknvH1ZTy5zl63C-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/752d3e-9126-41d4-b45b-47909dd57800/1/SjxCaDwIkTWknvH1ZTy5zl63C-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:19:e1:41:df:cb:4b:67:05:d2:68:02:ad:3a:5d:14:82:cb:
         85:8a:d3:25:e1:54:7d:ae:2f:37:bf:26:0e:97:ef:e2:c0:a6:
         fc:57:49:38:8f:5e:3c:43:f1:2d:ed:d1:0a:4d:e7:f9:cf:1a:
         43:58:b2:80:7d:19:1a:79:7a:93:72:ed:7a:b6:9d:d1:8d:48:
         08:be:c9:3b:ca:8b:81:7f:59:5d:e3:ba:53:ca:07:00:9b:23:
         b3:71:4b:e6:76:bb:5e:6e:aa:70:c5:d9:98:63:df:49:c4:09:
         87:71:58:38:08:6c:7c:f3:19:c2:c3:43:d4:cd:8f:41:31:71:
         82:9c:32:27:58:6e:8f:f8:67:e3:66:4e:8c:08:c7:ac:c9:2b:
         96:bb:9f:3b:b0:32:2f:d3:8d:17:46:58:44:62:af:15:f7:81:
         a0:08:b9:4a:59:2a:73:ff:95:0e:7f:57:b2:96:13:cc:c9:8e:
         64:be:f5:d4:3c:b9:72:6a:fd:bd:cd:98:7e:5f:75:a1:ff:36:
         cd:36:dd:fe:b8:dd:56:41:26:35:4d:51:43:e3:00:85:cf:d6:
         a5:85:46:bf:dc:37:13:54:dc:bb:ba:40:97:0f:ea:cd:e1:98:
         19:01:b9:fb:c3:e3:d2:31:2d:f6:64:61:c6:1a:4b:38:fd:46:
         cd:f4:7e:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdlhpStufRMb/BXFfc4ek2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhM2M0MjY4M2MwODkxMzVhNDllZjFmNTY1M2NiOWNlNWVi
NzBiZTYwHhcNMjUwNDIyMTMwMDQwWhcNMjUwNDIzMTMwMDQwWjAzMTEwLwYDVQQD
EygzNjdhMmRkMWIyYTVmNDk2ODE3MjYyNTQ5MzY5MjczZTRkODMzNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwG1UIiz9kYSgU1UfpK2abIuaXJD
y6ZVn/yZfIo3lmDMyc+/9y5HCWVH/3yeKRw/TvvISKp8h8HD3ttO/jElAd5qC5ta
e3mnSIpQHW53Uww2l0XynBAyziAY2XUuY4wVi/DoxnPhTnHdw6A2AQORsEhwEFeU
wgEWbfnvOjliRpsp7zpSIce3LHeRKNyEb8CQ+sgb/upQtd21kAfQXUiK65SPdnfo
OtdeUaM9h5Q1QaOfuWBkt7h8U0XtkkADmqqm9k6ek/Pt1Ue2NCOcpa1kFH0oHxRQ
CvSIJj308h9eVZSXELd0PjeAqv9b8J6KGzKJ38TKvPt/8JvU8iIPn8fnswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZ6LdGypfSWgXJiVJNpJz5NgzZeMB8GA1UdIwQY
MBaAFEo8Qmg8CJE1pJ7x9WU8uc5etwvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2p4Q2FEd0lrVFdrbnZIMVpUeTV6bDYzQy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC83NTJkM2UtOTEyNi00MWQ0LWI0NWIt
NDc5MDlkZDU3ODAwLzEvU2p4Q2FEd0lrVFdrbnZIMVpUeTV6bDYzQy1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC83NTJkM2UtOTEyNi00MWQ0LWI0NWItNDc5MDlkZDU3ODAw
LzEvU2p4Q2FEd0lrVFdrbnZIMVpUeTV6bDYzQy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPBnhQd/L
S2cF0mgCrTpdFILLhYrTJeFUfa4vN78mDpfv4sCm/FdJOI9ePEPxLe3RCk3n+c8a
Q1iygH0ZGnl6k3Lterad0Y1ICL7JO8qLgX9ZXeO6U8oHAJsjs3FL5na7Xm6qcMXZ
mGPfScQJh3FYOAhsfPMZwsND1M2PQTFxgpwyJ1huj/hn42ZOjAjHrMkrlrufO7Ay
L9ONF0ZYRGKvFfeBoAi5Slkqc/+VDn9XspYTzMmOZL711Dy5cmr9vc2Yfl91of82
zTbd/rjdVkEmNU1RQ+MAhc/WpYVGv9w3E1Tcu7pAlw/qzeGYGQG5+8Pj0jEt9mRh
xhpLOP1GzfR+/Q==
-----END CERTIFICATE-----