Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          9TEQGPrd0Vxrv+Rzrg16qEV8y/wUUYP4PWKJRZeZj5s=
Subject key identifier:   AF:62:EA:5B:40:50:86:89:E2:C8:9D:B2:C5:F5:3A:BE:0C:9D:3A:A0
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       01965349FAFC94E660054ABBEA4BE04CC0AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          075F
Signing time:             Sun 20 Apr 2025 13:01:19 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:19 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:19 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: McdBgJO626FESpZmZYfWYnSZXJ5IK1UqoFzFa7ABbb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:fa:fc:94:e6:60:05:4a:bb:ea:4b:e0:4c:c0:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Apr 20 13:01:19 2025 GMT
            Not After : Apr 21 13:01:19 2025 GMT
        Subject: CN=af62ea5b40508689e2c89db2c5f53abe0c9d3aa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:25:1b:7b:e8:32:ad:6d:ec:d7:65:69:d5:e5:
                    ee:01:49:29:65:7e:31:cf:43:3a:b1:c3:ce:1c:d9:
                    33:66:81:11:ab:a4:09:67:73:8c:7f:06:98:72:21:
                    63:45:af:59:60:9a:c6:94:db:5c:fd:b0:b6:bb:d2:
                    ab:c2:e6:b1:f7:a2:8d:04:40:2c:66:ae:dd:b2:f8:
                    25:8c:ad:7c:96:6f:8c:04:9e:0b:3c:3b:d2:80:4e:
                    41:94:e5:b2:58:d3:1a:9b:b2:0b:3f:21:3e:2d:3a:
                    f2:41:c9:4a:1b:81:97:44:02:bd:77:e1:b4:7f:f7:
                    7a:eb:64:27:0a:a8:cb:49:1f:58:b2:3b:7b:c4:33:
                    9d:d5:23:ae:0a:33:a1:b4:83:1c:fa:0a:d1:72:b3:
                    54:c9:ca:d9:83:85:ac:e0:89:cd:21:8a:47:7f:11:
                    b4:46:fa:a5:9d:b8:24:80:c9:6c:67:c3:2c:f0:c9:
                    c4:50:b4:8d:9a:85:e3:87:01:ad:b1:82:87:b0:3c:
                    1a:e7:e6:91:3d:29:ed:b6:af:00:f7:32:2f:d6:da:
                    ca:df:a6:06:a4:90:01:00:ea:fd:dc:c4:a8:f1:8f:
                    33:a1:66:fa:37:33:b3:40:4f:6e:1f:78:43:d3:d7:
                    58:f9:b6:1b:5e:d1:6b:a2:59:7c:d0:f7:81:7b:95:
                    a3:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:62:EA:5B:40:50:86:89:E2:C8:9D:B2:C5:F5:3A:BE:0C:9D:3A:A0
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:2d:f0:d5:22:f4:9c:83:30:c5:dc:3d:2e:6e:c8:e7:22:4c:
         5e:d1:49:14:fc:4b:2e:1a:6c:88:bb:13:09:76:09:c4:15:65:
         f3:20:ae:07:90:b9:ed:55:3d:ce:4d:80:16:9a:cd:9c:fe:d3:
         6f:56:28:04:7d:72:ff:cf:42:b2:c7:76:97:78:e9:df:ae:a5:
         c7:bc:d2:73:1b:73:a3:5d:36:09:ea:4d:e3:ca:a1:6b:f4:3d:
         2c:63:0f:ce:f2:59:53:57:18:bd:e2:8e:2e:5b:c9:be:2b:fb:
         64:41:7d:cf:84:23:35:df:58:a5:b2:bb:db:7f:66:17:db:60:
         4b:7a:ed:20:6b:ed:5b:f7:ed:67:08:aa:22:41:64:66:75:e8:
         cb:c5:9f:bb:67:20:dd:07:be:5c:21:3f:4b:d9:dc:0e:a6:38:
         c4:29:c7:da:25:a8:f1:f5:de:e5:2b:8c:65:6d:34:3b:39:0a:
         ae:60:58:8b:65:27:2b:f7:fe:4c:cb:7b:eb:d1:d2:b0:c3:5e:
         ab:8b:21:7c:34:83:ac:4d:a2:b4:ca:02:32:fd:87:57:15:45:
         09:e3:ae:ec:2d:28:a9:46:14:29:6b:f5:16:d0:68:d0:8c:a8:
         2e:ff:01:be:24:34:6d:5b:ac:e5:55:84:c3:20:02:7c:26:b1:
         ad:ab:fe:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSfr8lOZgBUq76kvgTMCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjUwNDIwMTMwMTE5WhcNMjUwNDIxMTMwMTE5WjAzMTEwLwYDVQQD
EyhhZjYyZWE1YjQwNTA4Njg5ZTJjODlkYjJjNWY1M2FiZTBjOWQzYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CUbe+gyrW3s12Vp1eXuAUkpZX4x
z0M6scPOHNkzZoERq6QJZ3OMfwaYciFjRa9ZYJrGlNtc/bC2u9Krwuax96KNBEAs
Zq7dsvgljK18lm+MBJ4LPDvSgE5BlOWyWNMam7ILPyE+LTryQclKG4GXRAK9d+G0
f/d662QnCqjLSR9Ysjt7xDOd1SOuCjOhtIMc+grRcrNUycrZg4Ws4InNIYpHfxG0
RvqlnbgkgMlsZ8Ms8MnEULSNmoXjhwGtsYKHsDwa5+aRPSnttq8A9zIv1trK36YG
pJABAOr93MSo8Y8zoWb6NzOzQE9uH3hD09dY+bYbXtFroll80PeBe5WjmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9i6ltAUIaJ4sidssX1Or4MnTqgMB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADS3w1SL0
nIMwxdw9Lm7I5yJMXtFJFPxLLhpsiLsTCXYJxBVl8yCuB5C57VU9zk2AFprNnP7T
b1YoBH1y/89Cssd2l3jp366lx7zScxtzo102CepN48qha/Q9LGMPzvJZU1cYveKO
LlvJviv7ZEF9z4QjNd9YpbK7239mF9tgS3rtIGvtW/ftZwiqIkFkZnXoy8Wfu2cg
3Qe+XCE/S9ncDqY4xCnH2iWo8fXe5SuMZW00OzkKrmBYi2UnK/f+TMt769HSsMNe
q4shfDSDrE2itMoCMv2HVxVFCeOu7C0oqUYUKWv1FtBo0IyoLv8BviQ0bVus5VWE
wyACfCaxrav+vQ==
-----END CERTIFICATE-----