Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          kerEszlVycdBxKafYGPBxy2geMtPrhKXdKbucJVu0AQ=
Subject key identifier:   E3:33:66:DF:AE:8C:FF:20:26:D0:82:B5:E5:90:6A:0C:AB:D9:FC:91
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       019646A0B05F7D974EDA4000F876EF4FD4CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          B3
Signing time:             Fri 18 Apr 2025 02:00:58 +0000
Manifest this update:     Fri 18 Apr 2025 02:00:58 +0000
Manifest next update:     Sat 19 Apr 2025 02:00:58 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: X03wb0fkSlW7FHLXjtOiFeuRbMRuw1pO7eX2P84BQSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:a0:b0:5f:7d:97:4e:da:40:00:f8:76:ef:4f:d4:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Apr 18 02:00:58 2025 GMT
            Not After : Apr 19 02:00:58 2025 GMT
        Subject: CN=e33366dfae8cff2026d082b5e5906a0cabd9fc91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1d:8e:76:d9:31:4a:11:19:98:b7:13:c8:8b:
                    26:57:49:71:68:e1:9f:df:f7:5d:6e:d5:99:22:6f:
                    4f:6d:58:d8:4a:1e:4d:62:7b:4c:b7:8b:fe:4e:11:
                    68:fc:97:68:ac:f2:b1:57:b4:d3:ec:27:42:eb:7a:
                    d7:2a:78:91:51:75:12:c9:36:72:0d:2f:31:53:6c:
                    df:29:37:8b:da:49:07:1a:1a:f6:cf:7a:9c:03:41:
                    a0:18:d3:85:50:be:6e:4e:07:94:b5:9c:9f:ba:19:
                    4c:21:81:b4:16:ba:72:f9:21:0d:79:49:15:6c:05:
                    10:a6:50:2f:c1:75:79:b3:6a:c5:11:12:5f:d4:28:
                    95:87:f5:a5:b4:8f:c5:c7:4a:54:4c:4c:60:53:2c:
                    3d:b0:71:d9:6c:ae:0d:ce:40:d6:1b:aa:e2:17:0f:
                    dd:eb:62:99:98:82:04:b3:a6:44:89:4f:13:3a:ed:
                    58:f1:87:e0:75:07:e0:23:63:f9:91:c9:11:da:fd:
                    0b:cd:1b:a3:29:b5:25:1f:d9:ac:66:bc:07:f5:bf:
                    8c:b7:b8:d9:3f:56:d8:14:64:17:0a:f9:e4:eb:f5:
                    d3:b7:10:f2:8c:31:a3:ce:c9:91:84:fb:01:f3:1a:
                    fd:af:7c:b6:46:5a:e2:75:54:72:b6:66:0e:2e:ab:
                    ba:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:33:66:DF:AE:8C:FF:20:26:D0:82:B5:E5:90:6A:0C:AB:D9:FC:91
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:6a:ae:ed:c6:ce:47:95:a2:55:ac:1f:10:42:0d:7c:7f:49:
         da:d6:3a:4a:b7:15:ed:44:71:3c:8c:2f:0c:c2:60:45:42:b4:
         cf:e1:dc:06:a6:a7:6b:be:3b:10:13:c7:c6:88:e2:41:09:36:
         68:04:52:65:cd:d4:37:eb:13:92:cb:e0:10:fc:90:39:2a:d6:
         1f:8e:24:73:b4:50:57:5e:2a:71:20:04:8a:c2:63:7a:c4:75:
         0d:fc:82:58:ae:02:36:7b:f3:e2:93:2e:3c:03:23:ac:32:25:
         1c:97:60:eb:06:11:23:7e:f7:ce:f1:08:ad:d8:b9:4b:78:e0:
         c6:71:a6:4a:23:88:b9:4b:a1:d7:c5:bc:ac:b9:e1:74:34:cf:
         b3:70:34:f7:51:ca:6f:59:e0:21:68:18:19:c1:08:19:a9:a5:
         7c:92:ac:a1:be:8c:4a:a4:67:67:98:0e:3e:31:ac:4d:9e:35:
         c9:be:ac:c0:26:7b:70:7e:c9:28:5a:b5:c6:7d:a5:de:43:7b:
         6a:33:3c:df:f0:58:1f:77:2c:65:0d:92:c0:f6:ff:e3:27:b8:
         2a:e2:71:23:d9:a3:de:ee:ca:16:47:3f:a4:6d:66:cc:f3:80:
         d2:0b:17:03:98:9c:d0:ce:54:02:46:8e:ea:1d:4c:45:c6:00:
         a2:af:53:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGoLBffZdO2kAA+HbvT9TMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUwNDE4MDIwMDU4WhcNMjUwNDE5MDIwMDU4WjAzMTEwLwYDVQQD
EyhlMzMzNjZkZmFlOGNmZjIwMjZkMDgyYjVlNTkwNmEwY2FiZDlmYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR2OdtkxShEZmLcTyIsmV0lxaOGf
3/ddbtWZIm9PbVjYSh5NYntMt4v+ThFo/JdorPKxV7TT7CdC63rXKniRUXUSyTZy
DS8xU2zfKTeL2kkHGhr2z3qcA0GgGNOFUL5uTgeUtZyfuhlMIYG0Frpy+SENeUkV
bAUQplAvwXV5s2rFERJf1CiVh/WltI/Fx0pUTExgUyw9sHHZbK4NzkDWG6riFw/d
62KZmIIEs6ZEiU8TOu1Y8YfgdQfgI2P5kckR2v0LzRujKbUlH9msZrwH9b+Mt7jZ
P1bYFGQXCvnk6/XTtxDyjDGjzsmRhPsB8xr9r3y2RlridVRytmYOLqu6vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMzZt+ujP8gJtCCteWQagyr2fyRMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWqu7cbO
R5WiVawfEEINfH9J2tY6SrcV7URxPIwvDMJgRUK0z+HcBqana747EBPHxojiQQk2
aARSZc3UN+sTksvgEPyQOSrWH44kc7RQV14qcSAEisJjesR1DfyCWK4CNnvz4pMu
PAMjrDIlHJdg6wYRI373zvEIrdi5S3jgxnGmSiOIuUuh18W8rLnhdDTPs3A091HK
b1ngIWgYGcEIGamlfJKsob6MSqRnZ5gOPjGsTZ41yb6swCZ7cH7JKFq1xn2l3kN7
ajM83/BYH3csZQ2SwPb/4ye4KuJxI9mj3u7KFkc/pG1mzPOA0gsXA5ic0M5UAkaO
6h1MRcYAoq9Tmg==
-----END CERTIFICATE-----