Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          Z7KpI2d17thcq0pyLbCcslQujcjHC97nhhNoRE9FLqQ=
Subject key identifier:   D5:7E:6B:11:DF:1B:D5:9A:FA:54:CE:B0:8E:C5:27:22:2F:01:16:34
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       0196A8427FB7AAD5E243B32E295973E03B19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          078B
Signing time:             Wed 07 May 2025 01:00:52 +0000
Manifest this update:     Wed 07 May 2025 01:00:52 +0000
Manifest next update:     Thu 08 May 2025 01:00:52 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: Pm3NaKSwPlhYGkEFW4PE6x4WDgd0GEoZQRZ4RL6OQR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:42:7f:b7:aa:d5:e2:43:b3:2e:29:59:73:e0:3b:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: May  7 01:00:52 2025 GMT
            Not After : May  8 01:00:52 2025 GMT
        Subject: CN=d57e6b11df1bd59afa54ceb08ec527222f011634
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:00:81:eb:56:4f:f1:64:0e:2c:c4:77:9d:67:
                    af:21:15:09:6d:f2:99:db:e2:a4:27:0a:3f:29:81:
                    95:0c:d5:cf:bb:fd:fc:74:04:35:e1:db:cb:e1:f8:
                    55:12:db:24:36:48:ad:19:3a:7c:f7:93:ca:fb:7d:
                    cb:fb:5a:b0:22:3d:40:59:29:88:eb:41:ab:9a:a7:
                    28:1d:82:53:d2:a9:f7:02:85:23:07:1b:01:1c:7d:
                    d6:41:17:29:62:ee:14:d3:a5:09:77:c7:60:83:9b:
                    2e:31:73:b1:7e:4a:4f:1e:48:75:af:55:03:7a:d5:
                    e1:d7:3d:e1:62:2b:12:7e:a7:a3:aa:dd:ea:7c:6f:
                    f0:5b:96:f5:e6:63:39:7a:cd:e8:3e:c3:d2:f4:1b:
                    59:80:e6:cd:b6:0a:1e:8c:aa:8c:25:b3:89:05:de:
                    b5:ea:b4:bb:57:60:c8:54:da:e0:9f:33:e3:79:d7:
                    88:d9:73:d0:fe:9a:cd:e6:ef:d9:0a:5e:97:70:17:
                    6a:01:db:8e:91:e1:09:20:42:f6:bc:83:d1:e4:42:
                    69:21:a8:f5:18:06:a8:8e:42:7d:bd:3b:04:d2:d2:
                    43:d5:49:f4:67:1a:f0:d8:c2:04:03:a8:3c:0c:c9:
                    bf:46:23:2c:6d:e9:b6:8b:12:b6:da:81:a9:c5:05:
                    b5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:7E:6B:11:DF:1B:D5:9A:FA:54:CE:B0:8E:C5:27:22:2F:01:16:34
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:5e:cb:f2:00:cf:15:eb:0c:51:69:db:8e:b5:e4:35:32:ca:
         55:c7:59:23:b3:c2:20:29:fa:16:90:fc:45:28:5c:50:3d:39:
         c2:8e:e4:5e:06:ba:01:7a:4c:ba:c1:6f:4d:7e:26:b3:45:13:
         da:d2:ed:3e:4f:e2:a5:cf:68:ad:38:b8:63:b0:b2:e2:60:31:
         91:2d:57:f6:12:26:fe:49:07:61:98:7e:7b:9f:a2:0a:fc:2b:
         6b:60:aa:2b:30:92:1f:33:48:d3:26:56:03:eb:87:35:8a:7d:
         9e:9d:a3:78:1f:7d:68:d8:93:a0:9b:1c:30:3f:06:e0:81:99:
         fb:4f:89:7a:b0:7a:5e:f0:68:fa:d2:75:ec:43:ae:da:15:61:
         f5:bc:4d:f7:ad:35:11:80:5b:27:48:be:94:a6:b3:9a:f2:13:
         6f:a6:12:5b:21:a0:c3:63:83:e9:72:91:8c:b3:fe:8b:d9:09:
         cd:4f:e5:92:56:b0:e7:4e:3e:bf:46:8a:3c:23:ab:99:19:1c:
         7f:56:41:de:3a:9f:52:54:48:8f:ef:a4:02:aa:28:f5:ea:e2:
         b5:14:b6:ce:e2:a2:14:2f:f6:6c:9d:69:60:66:51:c6:50:1a:
         bd:7d:d4:c8:eb:d3:d8:42:27:90:23:37:21:23:7a:4a:9c:4b:
         97:be:70:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaoQn+3qtXiQ7MuKVlz4DsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjUwNTA3MDEwMDUyWhcNMjUwNTA4MDEwMDUyWjAzMTEwLwYDVQQD
EyhkNTdlNmIxMWRmMWJkNTlhZmE1NGNlYjA4ZWM1MjcyMjJmMDExNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QCB61ZP8WQOLMR3nWevIRUJbfKZ
2+KkJwo/KYGVDNXPu/38dAQ14dvL4fhVEtskNkitGTp895PK+33L+1qwIj1AWSmI
60GrmqcoHYJT0qn3AoUjBxsBHH3WQRcpYu4U06UJd8dgg5suMXOxfkpPHkh1r1UD
etXh1z3hYisSfqejqt3qfG/wW5b15mM5es3oPsPS9BtZgObNtgoejKqMJbOJBd61
6rS7V2DIVNrgnzPjedeI2XPQ/prN5u/ZCl6XcBdqAduOkeEJIEL2vIPR5EJpIaj1
GAaojkJ9vTsE0tJD1Un0Zxrw2MIEA6g8DMm/RiMsbem2ixK22oGpxQW1OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNV+axHfG9Wa+lTOsI7FJyIvARY0MB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQl7L8gDP
FesMUWnbjrXkNTLKVcdZI7PCICn6FpD8RShcUD05wo7kXga6AXpMusFvTX4ms0UT
2tLtPk/ipc9orTi4Y7Cy4mAxkS1X9hIm/kkHYZh+e5+iCvwra2CqKzCSHzNI0yZW
A+uHNYp9np2jeB99aNiToJscMD8G4IGZ+0+JerB6XvBo+tJ17EOu2hVh9bxN9601
EYBbJ0i+lKazmvITb6YSWyGgw2OD6XKRjLP+i9kJzU/lklaw504+v0aKPCOrmRkc
f1ZB3jqfUlRIj++kAqoo9eritRS2zuKiFC/2bJ1pYGZRxlAavX3UyOvT2EInkCM3
ISN6SpxLl75wGg==
-----END CERTIFICATE-----