Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          m1IGXmkIObKTU6hlNCyPsCyjGxooSKAJhNuQA/Z1Q0Q=
Subject key identifier:   C8:AF:C2:35:1D:58:25:53:5A:E7:35:8F:6B:2A:D8:5B:4A:24:9C:90
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       01964C34845092F616EBADB16F39AC8BF9AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0788
Signing time:             Sat 19 Apr 2025 04:00:32 +0000
Manifest this update:     Sat 19 Apr 2025 04:00:32 +0000
Manifest next update:     Sun 20 Apr 2025 04:00:32 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: Pbr4iTPfYH4tGxnU2ODwlK8t8hJJFWUr53rVkQ3AAv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:34:84:50:92:f6:16:eb:ad:b1:6f:39:ac:8b:f9:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Apr 19 04:00:32 2025 GMT
            Not After : Apr 20 04:00:32 2025 GMT
        Subject: CN=c8afc2351d5825535ae7358f6b2ad85b4a249c90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b9:77:87:a7:fd:57:1a:b4:61:93:e0:e2:c2:
                    8e:81:1f:16:d0:27:3c:b8:ea:dc:b1:99:b6:1a:20:
                    cd:a9:aa:59:a0:bd:67:a2:09:b8:de:ea:3d:e7:e4:
                    fe:a3:e7:ef:b2:ca:39:af:18:50:80:8b:4f:5c:2a:
                    61:53:94:a9:d1:19:a4:6b:00:7d:53:cf:ba:56:14:
                    f2:cd:a5:a1:73:15:db:9f:5c:6c:65:c1:ce:f8:26:
                    e3:b0:38:04:89:74:ef:58:3c:99:b2:37:08:fa:76:
                    1d:64:e9:5f:e6:bb:fe:8e:94:14:a4:36:fd:36:aa:
                    48:1b:22:de:d5:2b:d3:ae:ed:61:8f:bb:0d:00:07:
                    4e:6f:71:38:d8:6b:9d:d3:18:d4:fd:71:d7:73:e7:
                    22:95:f9:24:c7:34:27:e4:ee:76:b7:27:aa:af:ac:
                    ad:cd:62:09:7d:1b:d7:57:10:9c:84:fe:a0:95:eb:
                    80:8e:ba:bc:45:39:88:f9:58:db:6e:3b:2a:59:63:
                    06:e3:84:0b:be:2f:b4:28:58:27:58:ae:dc:5e:20:
                    56:ba:ab:fd:4f:a9:3d:65:e4:26:8d:e8:31:39:b2:
                    9e:ef:db:6c:cd:16:99:10:e6:42:16:92:c8:5e:51:
                    e7:06:f7:b0:74:9d:db:69:bd:f9:46:11:a8:ea:24:
                    14:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:AF:C2:35:1D:58:25:53:5A:E7:35:8F:6B:2A:D8:5B:4A:24:9C:90
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:88:b9:53:8d:73:6d:d4:74:24:f6:af:5e:f3:68:f1:57:85:
         f6:15:0d:a4:0b:d4:a7:cb:8a:bd:71:24:ad:d4:3d:1b:20:34:
         8e:ea:71:04:3a:a7:a7:6c:e8:82:f4:8a:d1:7e:f8:8f:a4:30:
         45:c7:a1:6d:22:53:68:dd:4f:de:a1:41:09:f1:33:ae:94:c3:
         45:6b:50:25:bf:f0:81:9d:19:6d:2e:98:b2:34:1f:39:1b:c1:
         f4:f0:35:e3:8b:a8:4e:36:ca:9e:23:47:59:c7:2c:e3:81:a2:
         c6:35:22:26:85:79:dc:d1:0b:9f:a4:5f:dd:57:8e:b9:f8:62:
         5d:c4:2a:ba:3f:cc:a3:9e:64:43:f6:da:16:a3:9b:b1:19:b4:
         b5:16:c6:87:54:51:f1:78:17:04:f9:88:3e:f9:28:9f:b3:24:
         c6:7e:e5:7a:2e:21:1a:d6:54:06:01:28:eb:d1:92:23:c7:63:
         fb:f7:91:bf:cd:48:bb:14:d7:67:95:cb:79:8e:e8:96:3e:ca:
         94:16:11:1e:60:7b:97:ce:f9:76:1f:14:c6:ec:be:3c:01:52:
         f2:02:16:c7:78:85:d2:22:f4:a9:8a:7b:a6:eb:8d:e7:11:24:
         94:9e:29:c0:ce:24:3a:c8:39:da:f6:3f:57:20:8d:60:43:4a:
         08:51:f9:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMNIRQkvYW662xbzmsi/mrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjUwNDE5MDQwMDMyWhcNMjUwNDIwMDQwMDMyWjAzMTEwLwYDVQQD
EyhjOGFmYzIzNTFkNTgyNTUzNWFlNzM1OGY2YjJhZDg1YjRhMjQ5YzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7l3h6f9Vxq0YZPg4sKOgR8W0Cc8
uOrcsZm2GiDNqapZoL1nogm43uo95+T+o+fvsso5rxhQgItPXCphU5Sp0RmkawB9
U8+6VhTyzaWhcxXbn1xsZcHO+CbjsDgEiXTvWDyZsjcI+nYdZOlf5rv+jpQUpDb9
NqpIGyLe1SvTru1hj7sNAAdOb3E42Gud0xjU/XHXc+cilfkkxzQn5O52tyeqr6yt
zWIJfRvXVxCchP6gleuAjrq8RTmI+VjbbjsqWWMG44QLvi+0KFgnWK7cXiBWuqv9
T6k9ZeQmjegxObKe79tszRaZEOZCFpLIXlHnBvewdJ3bab35RhGo6iQUvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMivwjUdWCVTWuc1j2sq2FtKJJyQMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaoi5U41z
bdR0JPavXvNo8VeF9hUNpAvUp8uKvXEkrdQ9GyA0jupxBDqnp2zogvSK0X74j6Qw
RcehbSJTaN1P3qFBCfEzrpTDRWtQJb/wgZ0ZbS6YsjQfORvB9PA144uoTjbKniNH
Wccs44GixjUiJoV53NELn6Rf3VeOufhiXcQquj/Mo55kQ/baFqObsRm0tRbGh1RR
8XgXBPmIPvkon7Mkxn7lei4hGtZUBgEo69GSI8dj+/eRv81IuxTXZ5XLeY7olj7K
lBYRHmB7l875dh8Uxuy+PAFS8gIWx3iF0iL0qYp7puuN5xEklJ4pwM4kOsg52vY/
VyCNYENKCFH5ew==
-----END CERTIFICATE-----