Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          s406EAz70MxZNmmGr7jdmQydTHByTDZ5L/uYdJzfEK4=
Subject key identifier:   DF:16:49:C0:77:0A:EF:E9:EC:67:B6:C2:B7:AC:5B:F3:DC:2E:38:FD
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       0197CDCCE7837094988DC6C6BFCDAB4A2928
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0811
Signing time:             Thu 03 Jul 2025 01:00:47 +0000
Manifest this update:     Thu 03 Jul 2025 01:00:47 +0000
Manifest next update:     Fri 04 Jul 2025 01:00:47 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: fmoD+F18eXJp0A5p5bsIxPc877zUlcsSjQqJZieEfT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 01:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cd:cc:e7:83:70:94:98:8d:c6:c6:bf:cd:ab:4a:29:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Jul  3 01:00:47 2025 GMT
            Not After : Jul  4 01:00:47 2025 GMT
        Subject: CN=df1649c0770aefe9ec67b6c2b7ac5bf3dc2e38fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:3c:12:52:9b:32:28:14:ef:b7:f5:4d:ae:e8:
                    83:4e:83:6f:31:4f:30:9c:77:7b:ce:98:56:fd:19:
                    b7:01:8d:4c:ec:cc:01:e8:64:22:a0:61:a0:4f:45:
                    7b:dd:82:fe:63:d8:8c:71:aa:fb:92:ba:62:4b:8d:
                    c0:fc:77:36:83:29:cb:0e:a0:17:c2:fc:13:64:49:
                    39:a8:5d:8b:6b:8b:05:cf:d7:6e:28:b0:be:59:69:
                    3a:d3:1d:27:41:5f:20:67:cb:74:85:98:48:8e:97:
                    c6:18:a8:33:62:48:a8:1b:4f:d9:ed:af:e5:6f:2c:
                    c1:df:e8:af:09:64:16:b3:89:72:d5:e3:6d:2c:b6:
                    de:24:d6:fe:3b:e1:5f:92:83:ca:da:c6:ce:d9:16:
                    9e:dc:dc:c0:79:10:31:6a:83:87:b4:a3:57:e3:b4:
                    58:54:2e:c7:bf:86:c0:da:b5:dc:92:74:73:4a:0c:
                    ea:4d:22:1c:34:1c:3d:a9:d7:0f:67:9c:46:f8:89:
                    89:f9:92:2f:7d:75:b6:43:71:26:98:d3:27:be:60:
                    f2:d7:c8:3e:50:03:c9:2c:1a:db:1e:36:35:e9:f2:
                    c7:20:b6:f3:a5:d9:8b:6c:bc:2c:3e:90:2b:4b:6d:
                    80:0c:d1:c0:90:92:da:30:fb:83:ca:eb:a1:cc:d2:
                    f8:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:16:49:C0:77:0A:EF:E9:EC:67:B6:C2:B7:AC:5B:F3:DC:2E:38:FD
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:f0:18:c8:a5:24:f0:47:93:f1:47:8e:0b:7f:8c:4f:09:5e:
         76:63:61:06:04:18:3c:81:e9:ee:fc:f7:9d:43:56:b8:07:2d:
         3d:87:b7:24:2c:99:91:c3:5d:91:35:bf:3d:d9:a2:96:f6:6c:
         44:d4:f2:d6:ab:21:68:98:d5:49:8e:bd:0f:de:6a:13:80:24:
         d5:e8:4c:bc:e2:dc:a8:e3:74:bf:1d:e8:32:af:f7:61:25:26:
         75:28:d2:5a:af:ed:02:ab:f5:fa:ab:df:3f:eb:9f:87:23:a9:
         65:0d:dd:5e:10:f3:3b:4f:4e:57:4d:e2:a4:51:12:19:25:66:
         4c:5b:51:e5:5a:d1:f4:3e:a6:91:ab:5d:f1:f7:fb:46:78:22:
         5a:6f:e5:fe:b0:31:33:49:d1:8c:49:3c:56:1b:a5:1f:6e:02:
         28:24:6b:a0:7e:4d:b5:02:27:51:fd:d8:4e:df:bf:45:4a:91:
         e1:49:a9:0b:1d:b9:c2:5c:c9:16:4d:3b:98:28:05:71:63:4a:
         94:a3:a5:e4:5d:1f:2f:8c:8a:71:24:ca:a9:cb:fc:97:90:f1:
         6d:dc:cb:d9:58:6d:7d:28:3b:31:81:46:25:b4:f6:9d:73:f1:
         ae:cd:69:37:98:f4:b2:67:3b:6e:19:75:41:30:d0:13:e8:ad:
         14:f9:90:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfNzOeDcJSYjcbGv82rSikoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUwNzAzMDEwMDQ3WhcNMjUwNzA0MDEwMDQ3WjAzMTEwLwYDVQQD
EyhkZjE2NDljMDc3MGFlZmU5ZWM2N2I2YzJiN2FjNWJmM2RjMmUzOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zwSUpsyKBTvt/VNruiDToNvMU8w
nHd7zphW/Rm3AY1M7MwB6GQioGGgT0V73YL+Y9iMcar7krpiS43A/Hc2gynLDqAX
wvwTZEk5qF2La4sFz9duKLC+WWk60x0nQV8gZ8t0hZhIjpfGGKgzYkioG0/Z7a/l
byzB3+ivCWQWs4ly1eNtLLbeJNb+O+FfkoPK2sbO2Rae3NzAeRAxaoOHtKNX47RY
VC7Hv4bA2rXcknRzSgzqTSIcNBw9qdcPZ5xG+ImJ+ZIvfXW2Q3EmmNMnvmDy18g+
UAPJLBrbHjY16fLHILbzpdmLbLwsPpArS22ADNHAkJLaMPuDyuuhzNL4ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8WScB3Cu/p7Ge2wresW/PcLjj9MB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACfAYyKUk
8EeT8UeOC3+MTwledmNhBgQYPIHp7vz3nUNWuActPYe3JCyZkcNdkTW/PdmilvZs
RNTy1qshaJjVSY69D95qE4Ak1ehMvOLcqON0vx3oMq/3YSUmdSjSWq/tAqv1+qvf
P+ufhyOpZQ3dXhDzO09OV03ipFESGSVmTFtR5VrR9D6mkatd8ff7RngiWm/l/rAx
M0nRjEk8VhulH24CKCRroH5NtQInUf3YTt+/RUqR4UmpCx25wlzJFk07mCgFcWNK
lKOl5F0fL4yKcSTKqcv8l5DxbdzL2VhtfSg7MYFGJbT2nXPxrs1pN5j0smc7bhl1
QTDQE+itFPmQ5Q==
-----END CERTIFICATE-----