Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          Q9ymP6Gt8pBhE91CTHS5eGQ6PxhOES1oQLBwqTnZ4Y4=
Subject key identifier:   1B:DB:E1:EE:AC:D3:16:1E:D7:3B:DC:56:38:34:F3:C2:34:49:A6:13
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019657CB0B60DDA4F355A0FCC4793472D781
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          01CC
Signing time:             Mon 21 Apr 2025 10:00:46 +0000
Manifest this update:     Mon 21 Apr 2025 10:00:46 +0000
Manifest next update:     Tue 22 Apr 2025 10:00:46 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: MEv8MG0yffptGDLr2QyP9/rrMfL4QbCy3RMau8jmhmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:cb:0b:60:dd:a4:f3:55:a0:fc:c4:79:34:72:d7:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Apr 21 10:00:46 2025 GMT
            Not After : Apr 22 10:00:46 2025 GMT
        Subject: CN=1bdbe1eeacd3161ed73bdc563834f3c23449a613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:79:46:3f:a2:2a:da:00:93:ad:cf:2c:6a:c3:
                    e7:1a:47:63:af:b3:b7:79:09:7e:23:65:97:c8:07:
                    1b:d3:d9:29:af:78:3d:dd:b3:9a:14:dd:81:bd:e9:
                    43:97:9a:6d:12:0e:72:bd:91:b7:b5:c2:8e:dc:b5:
                    19:6e:76:10:ee:84:98:24:b4:05:2e:b3:25:63:2d:
                    40:f7:94:c9:75:84:35:50:f9:2f:36:62:8d:6b:51:
                    14:22:89:db:8f:c2:71:71:93:98:c7:36:1f:d6:eb:
                    bf:38:21:a7:de:bc:39:8e:83:50:4c:00:54:79:a7:
                    48:23:f2:48:a1:e2:ec:12:98:c3:2c:aa:b3:7b:d6:
                    a4:fc:27:9a:0f:c0:24:03:0e:93:6d:fa:47:26:73:
                    25:9e:1e:f1:ec:de:84:29:2e:84:71:fc:fa:ea:83:
                    3b:59:f1:dd:66:b3:da:a5:24:51:bd:29:b3:af:4a:
                    af:5e:f9:84:42:7b:f5:16:f6:21:1e:e1:9e:3f:c5:
                    fb:13:44:c6:f4:08:18:0b:e7:b4:46:e0:58:9d:df:
                    45:38:b4:cf:2d:ab:ba:e0:92:ec:b8:70:25:15:bc:
                    c7:ed:f4:9f:5f:b9:8d:b5:a8:b7:19:67:a0:e1:a5:
                    e9:d8:4f:87:9f:f4:c6:b4:9c:ec:53:3d:b8:f3:f3:
                    56:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:DB:E1:EE:AC:D3:16:1E:D7:3B:DC:56:38:34:F3:C2:34:49:A6:13
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:56:65:d8:be:96:2a:fb:4f:29:ee:e1:cf:0e:47:73:66:9f:
         5c:8d:70:ca:c0:37:85:64:d0:78:f0:6e:2b:4b:15:b3:d0:43:
         9d:9f:56:6c:5c:52:fe:15:17:44:53:d5:8d:a0:7a:b5:bd:18:
         6c:22:c6:62:2b:eb:b2:d0:1a:fd:d9:4c:ef:f0:58:b9:48:16:
         ae:f3:9b:26:46:3a:29:99:9d:ba:10:1f:5a:08:07:90:0c:8a:
         76:3b:40:05:2a:96:56:c9:79:1e:65:1c:2e:53:81:6e:ea:7a:
         26:06:6e:3c:67:52:8f:ad:ea:e2:0a:1c:1d:0f:a0:6e:9f:03:
         5a:ac:cc:03:c9:46:dd:2e:7f:c6:aa:f3:57:93:e5:30:ac:3f:
         0e:83:13:f7:5d:52:32:ef:31:b2:12:13:19:e1:f9:76:10:92:
         9b:9f:e6:50:9d:ca:c2:5a:e8:bc:c0:cc:84:f1:5e:83:4d:93:
         5f:29:0e:12:f3:91:a1:bf:98:2d:0f:f3:2d:2b:a4:20:c6:21:
         6a:ba:22:62:74:2c:f2:fa:b7:4a:cd:ee:d9:ac:92:db:24:05:
         b3:62:91:a3:d9:3a:e8:f9:3f:8b:a6:49:53:55:c2:2c:47:4b:
         88:5f:51:f2:e9:1f:d7:e3:b1:85:49:2a:9c:3d:60:ee:23:63:
         ad:9f:bf:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXywtg3aTzVaD8xHk0cteBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUwNDIxMTAwMDQ2WhcNMjUwNDIyMTAwMDQ2WjAzMTEwLwYDVQQD
EygxYmRiZTFlZWFjZDMxNjFlZDczYmRjNTYzODM0ZjNjMjM0NDlhNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33lGP6Iq2gCTrc8sasPnGkdjr7O3
eQl+I2WXyAcb09kpr3g93bOaFN2BvelDl5ptEg5yvZG3tcKO3LUZbnYQ7oSYJLQF
LrMlYy1A95TJdYQ1UPkvNmKNa1EUIonbj8JxcZOYxzYf1uu/OCGn3rw5joNQTABU
eadII/JIoeLsEpjDLKqze9ak/CeaD8AkAw6TbfpHJnMlnh7x7N6EKS6Ecfz66oM7
WfHdZrPapSRRvSmzr0qvXvmEQnv1FvYhHuGeP8X7E0TG9AgYC+e0RuBYnd9FOLTP
Lau64JLsuHAlFbzH7fSfX7mNtai3GWeg4aXp2E+Hn/TGtJzsUz248/NWLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvb4e6s0xYe1zvcVjg088I0SaYTMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX1Zl2L6W
KvtPKe7hzw5Hc2afXI1wysA3hWTQePBuK0sVs9BDnZ9WbFxS/hUXRFPVjaB6tb0Y
bCLGYivrstAa/dlM7/BYuUgWrvObJkY6KZmduhAfWggHkAyKdjtABSqWVsl5HmUc
LlOBbup6JgZuPGdSj63q4gocHQ+gbp8DWqzMA8lG3S5/xqrzV5PlMKw/DoMT911S
Mu8xshITGeH5dhCSm5/mUJ3KwlrovMDMhPFeg02TXykOEvORob+YLQ/zLSukIMYh
aroiYnQs8vq3Ss3u2ayS2yQFs2KRo9k66Pk/i6ZJU1XCLEdLiF9R8ukf1+OxhUkq
nD1g7iNjrZ+/PA==
-----END CERTIFICATE-----