Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
File:                     h_S8G8xE8-kQBwQ1297UG25ILmg.mft (raw, json)
Hash identifier:          HNItPmYl0GsoQClLhojmXYNl2cfPn9yINSxqWlrRm6s=
Subject key identifier:   1E:DC:E4:A4:B7:6A:43:6B:BD:E4:F3:A4:5D:99:A6:27:5C:6A:C5:5D
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Certificate issuer:       /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial:       019652DB4B3886A9BE4634B7BEA78FD5A79B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
Manifest number:          0330
Signing time:             Sun 20 Apr 2025 11:00:25 +0000
Manifest this update:     Sun 20 Apr 2025 11:00:25 +0000
Manifest next update:     Mon 21 Apr 2025 11:00:25 +0000
Files and hashes:         1: h_S8G8xE8-kQBwQ1297UG25ILmg.crl (hash: qkMc86KcgSk5vAqaTo2xGP2o57o1/+mFan9EwNz4sRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 11:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:db:4b:38:86:a9:be:46:34:b7:be:a7:8f:d5:a7:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
        Validity
            Not Before: Apr 20 11:00:25 2025 GMT
            Not After : Apr 21 11:00:25 2025 GMT
        Subject: CN=1edce4a4b76a436bbde4f3a45d99a6275c6ac55d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:f8:5a:85:3f:e3:f9:83:62:e5:a1:8b:22:82:
                    66:6c:b7:dc:a1:9c:32:68:49:d0:b4:04:97:fd:f0:
                    43:58:6a:82:3a:d3:37:96:bc:e7:a3:53:f8:97:db:
                    0a:15:24:29:d5:72:cf:71:60:d5:bf:a5:42:a8:f5:
                    a1:61:58:4c:b1:f2:37:65:e8:4a:8a:6f:0e:38:08:
                    24:0f:7d:46:2e:92:f5:26:a3:2e:04:dc:ee:ce:a2:
                    9d:b6:b4:61:7f:84:35:4c:c5:b7:98:a3:1b:16:e4:
                    1f:80:7d:ba:db:6e:cd:d9:40:02:e6:70:51:5a:78:
                    b3:ed:f6:e6:d4:de:14:ce:a0:0f:6b:be:5c:5f:04:
                    7b:14:05:cc:c6:2a:51:af:0b:f1:14:69:44:01:a6:
                    06:ad:85:23:72:50:89:c3:56:f2:ea:6c:a2:f9:31:
                    c8:4e:38:df:3f:3f:66:43:9c:3c:42:06:eb:de:74:
                    fb:e3:42:97:af:a6:63:a6:ec:98:9f:a4:2e:1c:b8:
                    da:f5:f7:21:50:a1:fa:23:d0:48:15:e9:4e:f3:44:
                    33:e5:4c:95:9e:ab:74:c8:7f:a2:ff:34:80:1f:83:
                    6f:ec:7a:05:18:22:4e:db:77:56:8a:e4:65:eb:15:
                    b2:63:30:f6:ba:9c:c6:e2:8e:4f:4e:85:27:81:2b:
                    78:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:DC:E4:A4:B7:6A:43:6B:BD:E4:F3:A4:5D:99:A6:27:5C:6A:C5:5D
            X509v3 Authority Key Identifier:
                keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:79:01:2d:fc:90:e6:51:da:c1:b1:97:86:37:c3:d5:46:c1:
         d2:b4:a2:38:49:32:52:91:c1:d2:13:45:e4:78:3f:b7:41:b6:
         bf:55:66:6f:4d:9e:68:9c:fc:d1:aa:21:69:fc:ab:c9:6d:f8:
         3b:d2:63:60:03:b4:e1:c0:28:0b:50:fd:89:78:0b:65:1c:8a:
         30:34:48:82:70:71:d5:ca:cc:81:3c:61:d5:b2:b8:62:96:6f:
         02:10:ec:b5:6f:a0:af:35:58:9d:88:ea:06:de:47:90:75:35:
         0c:f0:93:4c:25:eb:a3:37:84:e7:c6:f7:c7:0f:b0:0b:47:24:
         64:59:75:d4:92:11:a5:40:7d:b8:dd:c5:1c:6b:37:b9:d4:fa:
         ec:82:a7:5c:10:fd:b0:e6:21:e4:74:cb:08:d1:12:3a:61:88:
         d6:06:25:27:fe:a4:8e:51:35:b1:13:73:ed:c7:f5:f7:1f:8e:
         2b:5d:df:6c:04:05:ba:67:aa:21:f5:bd:c3:2f:0f:97:4c:f5:
         90:07:7e:98:5a:5c:68:f4:35:f3:30:14:8f:66:18:67:05:ca:
         12:9e:09:80:f9:32:8c:b5:08:e4:1a:28:40:5f:31:7b:76:94:
         d6:81:3d:d5:af:26:ca:b1:51:60:cc:8b:ff:c1:7e:99:f6:3d:
         62:f9:53:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZS20s4hqm+RjS3vqeP1aebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjUwNDIwMTEwMDI1WhcNMjUwNDIxMTEwMDI1WjAzMTEwLwYDVQQD
EygxZWRjZTRhNGI3NmE0MzZiYmRlNGYzYTQ1ZDk5YTYyNzVjNmFjNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PhahT/j+YNi5aGLIoJmbLfcoZwy
aEnQtASX/fBDWGqCOtM3lrzno1P4l9sKFSQp1XLPcWDVv6VCqPWhYVhMsfI3ZehK
im8OOAgkD31GLpL1JqMuBNzuzqKdtrRhf4Q1TMW3mKMbFuQfgH26227N2UAC5nBR
Wniz7fbm1N4UzqAPa75cXwR7FAXMxipRrwvxFGlEAaYGrYUjclCJw1by6myi+THI
TjjfPz9mQ5w8Qgbr3nT740KXr6ZjpuyYn6QuHLja9fchUKH6I9BIFelO80Qz5UyV
nqt0yH+i/zSAH4Nv7HoFGCJO23dWiuRl6xWyYzD2upzG4o5PToUngSt4mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7c5KS3akNrveTzpF2ZpidcasVdMB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKnkBLfyQ
5lHawbGXhjfD1UbB0rSiOEkyUpHB0hNF5Hg/t0G2v1Vmb02eaJz80aohafyryW34
O9JjYAO04cAoC1D9iXgLZRyKMDRIgnBx1crMgTxh1bK4YpZvAhDstW+grzVYnYjq
Bt5HkHU1DPCTTCXrozeE58b3xw+wC0ckZFl11JIRpUB9uN3FHGs3udT67IKnXBD9
sOYh5HTLCNESOmGI1gYlJ/6kjlE1sRNz7cf19x+OK13fbAQFumeqIfW9wy8Pl0z1
kAd+mFpcaPQ18zAUj2YYZwXKEp4JgPkyjLUI5BooQF8xe3aU1oE91a8myrFRYMyL
/8F+mfY9YvlTvw==
-----END CERTIFICATE-----