Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          PwBcC9RzUaMsC7LHJPtkbs2jmJYE1spjnzZacFEBksY=
Subject key identifier:   72:AE:34:12:F6:72:22:31:23:35:6E:25:2B:C6:AD:2D:3E:DE:24:C6
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       01965EDF52EDEB3D94655203A2CDDB01BAA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0753
Signing time:             Tue 22 Apr 2025 19:00:16 +0000
Manifest this update:     Tue 22 Apr 2025 19:00:16 +0000
Manifest next update:     Wed 23 Apr 2025 19:00:16 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: bTy+Qbe78UqsLCgGlbM31TR7utrN0Sqi87ernKYPz6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 19:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5e:df:52:ed:eb:3d:94:65:52:03:a2:cd:db:01:ba:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Apr 22 19:00:16 2025 GMT
            Not After : Apr 23 19:00:16 2025 GMT
        Subject: CN=72ae3412f672223123356e252bc6ad2d3ede24c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:02:77:bf:bf:29:57:b9:df:df:60:c6:14:d5:
                    8e:67:ec:c8:8c:a4:f6:fe:ba:a7:e9:d3:19:0a:7f:
                    3d:e3:08:1d:91:51:b3:3e:01:5a:f4:40:32:cd:17:
                    d7:b7:b8:da:90:1b:5b:da:fd:fd:5c:07:e7:36:fe:
                    37:a4:61:ec:22:1c:27:04:34:ac:86:4d:3b:58:9c:
                    69:04:ff:6d:c5:87:11:83:45:d9:05:88:c3:8f:9c:
                    83:00:3d:39:b0:ad:52:a7:45:6b:c9:51:5e:1b:e1:
                    b1:35:3d:a2:dd:bf:e1:e0:47:5a:0a:58:b1:12:72:
                    56:f2:b8:82:b2:82:76:9d:ec:9f:1d:b9:70:5c:3d:
                    ba:6e:1b:55:e7:cb:70:13:60:b8:8b:30:8f:f9:4e:
                    60:4a:74:0c:1c:7b:4a:28:72:05:8f:0d:3d:ec:04:
                    49:94:b8:de:b7:7a:85:31:ca:ef:f5:5d:c6:14:a2:
                    d6:3b:df:98:83:07:16:f8:82:78:97:7c:58:cd:f7:
                    38:95:0c:54:34:2a:43:54:3a:71:56:8f:fe:b7:c5:
                    f7:c1:3b:b0:a9:fe:6f:8a:f2:80:6e:fc:f2:12:bb:
                    34:2f:81:c2:dc:61:70:68:4c:e5:d0:0a:1e:92:6a:
                    26:a2:a1:14:a6:42:53:f1:6d:30:97:ab:17:04:92:
                    5e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:AE:34:12:F6:72:22:31:23:35:6E:25:2B:C6:AD:2D:3E:DE:24:C6
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:cb:6a:57:90:30:fb:85:81:e7:41:50:ed:51:b3:8e:e1:5b:
         ab:bf:87:50:89:51:55:e2:fe:23:e8:e8:e5:16:28:3e:c1:67:
         71:9d:a7:70:37:a4:4e:75:99:6d:53:5f:9f:ae:df:17:6e:72:
         48:8b:12:79:85:8d:d4:28:a4:68:7d:d9:e5:dd:76:53:53:6c:
         ed:ba:39:17:e1:7c:23:63:d6:4e:72:8c:ce:ff:01:54:5c:17:
         e7:bf:54:b7:e4:75:58:79:81:e4:de:e4:7d:82:82:7c:8e:eb:
         2a:52:65:c0:a4:d3:35:5b:85:e2:73:f8:94:62:76:f5:e1:f0:
         f0:ed:42:ab:45:bf:cb:ce:87:22:2b:ea:24:52:73:e0:de:6a:
         43:a9:db:73:ac:27:dd:3e:1b:3b:67:b6:7a:bf:2b:5c:06:a8:
         cf:74:13:3b:50:f6:d0:08:78:7e:bd:63:99:a1:6a:58:58:8a:
         38:99:04:86:f1:e7:3c:2d:ca:4e:77:74:0a:e1:ad:f7:b5:66:
         ff:ca:d3:10:14:ef:e7:70:43:dc:4e:a2:f9:4a:d1:a5:00:85:
         7f:31:7c:c2:8c:73:17:eb:64:7d:38:8b:fd:a9:6d:6b:4f:e6:
         10:3e:e7:9c:57:70:93:69:76:7a:c3:83:9f:f1:49:94:98:78:
         48:e3:1b:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZe31Lt6z2UZVIDos3bAbqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUwNDIyMTkwMDE2WhcNMjUwNDIzMTkwMDE2WjAzMTEwLwYDVQQD
Eyg3MmFlMzQxMmY2NzIyMjMxMjMzNTZlMjUyYmM2YWQyZDNlZGUyNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgJ3v78pV7nf32DGFNWOZ+zIjKT2
/rqn6dMZCn894wgdkVGzPgFa9EAyzRfXt7jakBtb2v39XAfnNv43pGHsIhwnBDSs
hk07WJxpBP9txYcRg0XZBYjDj5yDAD05sK1Sp0VryVFeG+GxNT2i3b/h4EdaClix
EnJW8riCsoJ2neyfHblwXD26bhtV58twE2C4izCP+U5gSnQMHHtKKHIFjw097ARJ
lLjet3qFMcrv9V3GFKLWO9+YgwcW+IJ4l3xYzfc4lQxUNCpDVDpxVo/+t8X3wTuw
qf5vivKAbvzyErs0L4HC3GFwaEzl0AoekmomoqEUpkJT8W0wl6sXBJJeDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKuNBL2ciIxIzVuJSvGrS0+3iTGMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvctqV5Aw
+4WB50FQ7VGzjuFbq7+HUIlRVeL+I+jo5RYoPsFncZ2ncDekTnWZbVNfn67fF25y
SIsSeYWN1CikaH3Z5d12U1Ns7bo5F+F8I2PWTnKMzv8BVFwX579Ut+R1WHmB5N7k
fYKCfI7rKlJlwKTTNVuF4nP4lGJ29eHw8O1Cq0W/y86HIivqJFJz4N5qQ6nbc6wn
3T4bO2e2er8rXAaoz3QTO1D20Ah4fr1jmaFqWFiKOJkEhvHnPC3KTnd0CuGt97Vm
/8rTEBTv53BD3E6i+UrRpQCFfzF8woxzF+tkfTiL/alta0/mED7nnFdwk2l2esOD
n/FJlJh4SOMbKw==
-----END CERTIFICATE-----