Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
File:                     NhIf0uc0bus8H451uTyE-VhB9EY.mft (raw, json)
Hash identifier:          FxeGsnTnrKItx3XYmz2WCDU2rp1JxeYBkDYUK6c+st4=
Subject key identifier:   9E:70:84:66:D8:73:3B:33:61:0A:95:D7:8E:BB:A1:DA:62:CB:42:6D
Authority key identifier: 36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46
Certificate issuer:       /CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
Certificate serial:       0196507EFBA6C00F56EF2F1604B88840F863
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
Manifest number:          0212
Signing time:             Sun 20 Apr 2025 00:00:21 +0000
Manifest this update:     Sun 20 Apr 2025 00:00:21 +0000
Manifest next update:     Mon 21 Apr 2025 00:00:21 +0000
Files and hashes:         1: NhIf0uc0bus8H451uTyE-VhB9EY.crl (hash: Uaqm5iUXEwGWK+X0hnGom8thBJFcAiVKv6x3VLY+ZTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:7e:fb:a6:c0:0f:56:ef:2f:16:04:b8:88:40:f8:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
        Validity
            Not Before: Apr 20 00:00:21 2025 GMT
            Not After : Apr 21 00:00:21 2025 GMT
        Subject: CN=9e708466d8733b33610a95d78ebba1da62cb426d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ae:f1:d7:fe:f4:1c:fe:ab:ad:4a:ba:ce:ba:
                    0b:6d:45:49:b6:a4:34:9e:c2:03:ce:74:1f:c2:0a:
                    00:7d:29:f2:da:d4:cf:6e:04:fc:fc:e9:8c:65:ac:
                    85:79:ca:36:d0:f1:53:ac:92:32:7e:2a:94:e4:94:
                    cc:66:13:4d:a8:c9:cb:2c:3a:da:d2:9e:a3:68:4f:
                    d8:ca:4d:6e:8a:9e:c9:7c:7e:63:96:f7:2a:73:7d:
                    cd:98:e2:ed:51:62:59:d4:d7:19:a8:0c:2a:84:95:
                    10:98:c3:6b:d9:19:f8:64:b8:18:26:b5:4b:38:db:
                    d3:8d:f7:bb:b2:a2:47:27:30:ec:e4:f4:0f:79:67:
                    21:27:6d:03:04:81:5b:3d:ce:ca:16:a9:e6:92:cc:
                    48:60:74:f1:07:a3:c9:df:cd:f6:2d:0a:39:4f:1a:
                    1b:aa:5b:6a:46:69:44:5d:66:54:f9:cb:f4:f7:2a:
                    25:6e:8a:da:8c:7c:36:7d:b7:8e:51:e4:11:b9:33:
                    6f:41:9b:82:bb:dd:ef:d7:cb:20:45:c9:38:a5:f2:
                    33:cf:91:a8:ad:83:b1:f7:2d:39:eb:cb:d2:c3:91:
                    57:8d:1e:f6:db:8d:d6:83:3f:da:bf:71:63:51:03:
                    e9:e5:cf:96:b2:ef:80:63:e7:e8:49:0f:9b:5a:e4:
                    48:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:70:84:66:D8:73:3B:33:61:0A:95:D7:8E:BB:A1:DA:62:CB:42:6D
            X509v3 Authority Key Identifier:
                keyid:36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:a8:b1:42:30:dc:a3:68:9a:fa:66:a1:f3:b3:f3:cf:9a:a4:
         85:bf:bc:0c:a4:02:2f:93:8d:90:aa:c0:cf:68:a1:40:7c:bc:
         31:8b:8c:83:55:31:29:86:9c:cb:7a:a0:82:32:a5:9a:dd:83:
         87:77:07:32:d2:9c:52:48:fd:02:9b:2f:14:8a:9f:eb:5b:aa:
         5d:d0:50:6b:27:19:5a:5f:9c:96:c7:59:30:bc:f6:4a:4f:19:
         64:b8:eb:98:c7:c5:4e:54:44:be:9c:c7:2a:47:f8:e6:03:1b:
         1c:c9:c4:6a:31:50:ee:59:3d:c4:d2:89:c1:c9:08:ab:5c:36:
         60:3e:ce:bd:a5:11:07:af:60:cb:b6:f0:97:49:d0:ef:a1:b4:
         ed:b0:26:18:f7:b8:22:f5:11:ff:bc:59:cd:25:7d:19:4c:e2:
         a3:3c:52:b2:3f:89:35:8d:a7:8d:16:b4:81:34:73:c2:86:85:
         9d:b8:02:fb:b8:27:e8:34:7c:1a:0b:42:49:26:85:cb:2a:79:
         e6:e1:39:82:58:6c:56:2c:97:c3:fe:c9:b9:53:8d:74:0e:a8:
         8a:cc:af:26:b3:45:d9:9c:37:13:e1:5b:a2:83:0f:dc:3f:55:
         ef:cf:9b:9f:11:67:d3:c7:72:96:08:71:fa:53:6c:ce:70:5d:
         35:b4:d0:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQfvumwA9W7y8WBLiIQPhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTIxZmQyZTczNDZlZWIzYzFmOGU3NWI5M2M4NGY5NTg0
MWY0NDYwHhcNMjUwNDIwMDAwMDIxWhcNMjUwNDIxMDAwMDIxWjAzMTEwLwYDVQQD
Eyg5ZTcwODQ2NmQ4NzMzYjMzNjEwYTk1ZDc4ZWJiYTFkYTYyY2I0MjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa7x1/70HP6rrUq6zroLbUVJtqQ0
nsIDznQfwgoAfSny2tTPbgT8/OmMZayFeco20PFTrJIyfiqU5JTMZhNNqMnLLDra
0p6jaE/Yyk1uip7JfH5jlvcqc33NmOLtUWJZ1NcZqAwqhJUQmMNr2Rn4ZLgYJrVL
ONvTjfe7sqJHJzDs5PQPeWchJ20DBIFbPc7KFqnmksxIYHTxB6PJ3832LQo5Txob
qltqRmlEXWZU+cv09yolborajHw2fbeOUeQRuTNvQZuCu93v18sgRck4pfIzz5Go
rYOx9y0568vSw5FXjR72243Wgz/av3FjUQPp5c+Wsu+AY+foSQ+bWuRIqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5whGbYczszYQqV1467odpiy0JtMB8GA1UdIwQY
MBaAFDYSH9LnNG7rPB+Odbk8hPlYQfRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQt
YTg5ZTkzN2UyOWQxLzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQtYTg5ZTkzN2UyOWQx
LzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf6ixQjDc
o2ia+mah87Pzz5qkhb+8DKQCL5ONkKrAz2ihQHy8MYuMg1UxKYacy3qggjKlmt2D
h3cHMtKcUkj9ApsvFIqf61uqXdBQaycZWl+clsdZMLz2Sk8ZZLjrmMfFTlREvpzH
Kkf45gMbHMnEajFQ7lk9xNKJwckIq1w2YD7OvaURB69gy7bwl0nQ76G07bAmGPe4
IvUR/7xZzSV9GUziozxSsj+JNY2njRa0gTRzwoaFnbgC+7gn6DR8GgtCSSaFyyp5
5uE5glhsViyXw/7JuVONdA6oisyvJrNF2Zw3E+FbooMP3D9V78+bnxFn08dylghx
+lNsznBdNbTQBA==
-----END CERTIFICATE-----