Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
File:                     j3phc572fsR6X9EOVvx6NNy3PHA.mft (raw, json)
Hash identifier:          y7uhOI5HjeIi8vbgKeNbug2YH6wN3T78/8xNm+0hXWk=
Subject key identifier:   AD:A0:D5:53:1A:91:B5:53:25:E5:89:9E:8C:22:22:83:2B:C3:E4:23
Authority key identifier: 8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70
Certificate issuer:       /CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
Certificate serial:       019659B94208537EE8A505B5F1038FD18E90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
Manifest number:          0D53
Signing time:             Mon 21 Apr 2025 19:00:35 +0000
Manifest this update:     Mon 21 Apr 2025 19:00:35 +0000
Manifest next update:     Tue 22 Apr 2025 19:00:35 +0000
Files and hashes:         1: j3phc572fsR6X9EOVvx6NNy3PHA.crl (hash: iayfcqRJotGOXcm2yVuZUw2VbLL1fH2NkTW8LF1iECg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:b9:42:08:53:7e:e8:a5:05:b5:f1:03:8f:d1:8e:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
        Validity
            Not Before: Apr 21 19:00:35 2025 GMT
            Not After : Apr 22 19:00:35 2025 GMT
        Subject: CN=ada0d5531a91b55325e5899e8c2222832bc3e423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9c:43:95:d5:56:30:fe:be:1f:9b:e2:10:76:
                    4f:ed:c4:64:73:48:5e:f3:a8:0e:00:cd:0f:44:fc:
                    94:84:d0:c2:c8:d6:84:31:db:a8:b7:9e:eb:28:5b:
                    3c:f3:e5:5b:f4:a5:03:b7:32:83:6e:d7:ab:7e:1b:
                    67:6d:42:54:cd:d9:33:98:2b:37:14:78:2e:4b:f8:
                    f0:7d:87:fd:e4:82:e7:b5:35:71:0f:23:e8:04:67:
                    90:4b:a8:ad:83:f0:ec:0e:69:b7:af:d7:d4:8a:83:
                    18:9f:26:eb:4e:1c:45:aa:5a:ff:66:ce:e5:9f:a8:
                    66:d5:5f:9a:34:b5:c0:05:e3:d9:4d:3d:e7:4f:80:
                    45:f8:ac:af:72:62:fe:94:23:91:ec:79:73:db:bd:
                    7e:23:0f:ef:07:64:0a:97:bd:2c:10:e7:06:c4:6a:
                    1d:45:9d:78:47:bc:ff:05:41:ea:87:e0:e2:7d:7c:
                    ce:50:2e:0d:04:48:30:d0:5f:da:ee:26:15:5e:97:
                    ba:02:2a:3a:ed:de:0d:5b:c6:36:39:74:6e:ee:30:
                    49:cd:f8:ae:df:df:bf:45:62:15:c2:f8:ee:48:31:
                    9d:ab:2b:3f:c0:70:87:b9:b8:94:d8:78:93:98:46:
                    c6:9d:57:91:a2:c4:e9:78:5b:3a:4e:cf:a5:5f:16:
                    37:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:A0:D5:53:1A:91:B5:53:25:E5:89:9E:8C:22:22:83:2B:C3:E4:23
            X509v3 Authority Key Identifier:
                keyid:8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:ac:21:f4:40:e4:e2:1b:03:2b:aa:b5:f7:62:c1:e2:a5:45:
         70:57:ab:c8:0d:46:20:d7:d7:b8:51:c4:5f:a6:49:7c:8f:1c:
         25:19:69:2c:41:80:f5:ea:21:2c:11:b6:35:6a:6f:92:a6:fd:
         9c:d9:f9:ca:5f:a9:a3:47:b0:18:51:f6:70:d5:06:7d:55:5a:
         04:de:7d:46:cc:52:cb:f0:e2:57:5d:d9:7c:a5:84:86:ed:f3:
         c0:ea:e5:49:e7:6d:a0:c7:90:d0:1d:f6:ac:b5:79:3e:6a:09:
         1e:b9:6e:c2:9f:13:1f:76:47:65:90:50:9f:cc:19:f6:e0:68:
         66:7a:63:54:8f:ed:67:6a:45:a9:7b:39:d3:7b:2e:79:6a:a9:
         49:f2:ee:cd:4c:b1:42:4e:58:ce:ca:32:da:bf:2e:ec:41:5a:
         c0:43:fc:cb:24:cc:0d:0a:9b:50:87:6d:76:5f:84:e6:9c:9a:
         b4:8b:57:63:d5:7d:2f:d7:bc:a6:7c:9b:a3:e4:39:70:be:61:
         3e:90:95:f5:24:06:4a:16:0d:29:1e:75:fb:84:24:98:f9:14:
         b0:29:1f:8f:b9:d0:59:e0:4d:4c:31:5d:b5:bc:29:82:4b:b1:
         9b:c1:f2:14:a9:f7:74:09:b5:a8:8b:9a:c6:71:fb:31:3c:f5:
         39:23:33:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZuUIIU37opQW18QOP0Y6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2E2MTczOWVmNjdlYzQ3YTVmZDEwZTU2ZmM3YTM0ZGNi
NzNjNzAwHhcNMjUwNDIxMTkwMDM1WhcNMjUwNDIyMTkwMDM1WjAzMTEwLwYDVQQD
EyhhZGEwZDU1MzFhOTFiNTUzMjVlNTg5OWU4YzIyMjI4MzJiYzNlNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZxDldVWMP6+H5viEHZP7cRkc0he
86gOAM0PRPyUhNDCyNaEMduot57rKFs88+Vb9KUDtzKDbterfhtnbUJUzdkzmCs3
FHguS/jwfYf95ILntTVxDyPoBGeQS6itg/DsDmm3r9fUioMYnybrThxFqlr/Zs7l
n6hm1V+aNLXABePZTT3nT4BF+KyvcmL+lCOR7Hlz271+Iw/vB2QKl70sEOcGxGod
RZ14R7z/BUHqh+DifXzOUC4NBEgw0F/a7iYVXpe6Aio67d4NW8Y2OXRu7jBJzfiu
39+/RWIVwvjuSDGdqys/wHCHubiU2HiTmEbGnVeRosTpeFs6Ts+lXxY37QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2g1VMakbVTJeWJnowiIoMrw+QjMB8GA1UdIwQY
MBaAFI96YXOe9n7Eel/RDlb8ejTctzxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUt
NzM4OTQwODEwYWRmLzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUtNzM4OTQwODEwYWRm
LzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeawh9EDk
4hsDK6q192LB4qVFcFeryA1GINfXuFHEX6ZJfI8cJRlpLEGA9eohLBG2NWpvkqb9
nNn5yl+po0ewGFH2cNUGfVVaBN59RsxSy/DiV13ZfKWEhu3zwOrlSedtoMeQ0B32
rLV5PmoJHrluwp8TH3ZHZZBQn8wZ9uBoZnpjVI/tZ2pFqXs503sueWqpSfLuzUyx
Qk5Yzsoy2r8u7EFawEP8yyTMDQqbUIdtdl+E5pyatItXY9V9L9e8pnybo+Q5cL5h
PpCV9SQGShYNKR51+4QkmPkUsCkfj7nQWeBNTDFdtbwpgkuxm8HyFKn3dAm1qIua
xnH7MTz1OSMzgQ==
-----END CERTIFICATE-----