Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/e852b6-76e2-40ef-a7be-53d3b9874edd/1/jNtFdj7woZYpOzOAyIj4Oox803c.mft
File:                     jNtFdj7woZYpOzOAyIj4Oox803c.mft (raw, json)
Hash identifier:          Rq6zZFfdsW9RjymfsGEte/NCMMFaAKcTJv1HT1xyebs=
Subject key identifier:   D9:89:03:91:80:D2:07:16:51:4B:7B:52:F3:67:48:5B:8F:83:FD:DA
Authority key identifier: 8C:DB:45:76:3E:F0:A1:96:29:3B:33:80:C8:88:F8:3A:8C:7C:D3:77
Certificate issuer:       /CN=8cdb45763ef0a196293b3380c888f83a8c7cd377
Certificate serial:       019655A58C7BEEFCA335724B467A088867D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNtFdj7woZYpOzOAyIj4Oox803c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/e852b6-76e2-40ef-a7be-53d3b9874edd/1/jNtFdj7woZYpOzOAyIj4Oox803c.mft
Manifest number:          03D1
Signing time:             Mon 21 Apr 2025 00:00:34 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:34 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:34 +0000
Files and hashes:         1: jNtFdj7woZYpOzOAyIj4Oox803c.crl (hash: TZw0RTJOyBIINLxaBIjsGkqV9oDuwBBpJSHWrYWF/+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/e852b6-76e2-40ef-a7be-53d3b9874edd/1/jNtFdj7woZYpOzOAyIj4Oox803c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/e852b6-76e2-40ef-a7be-53d3b9874edd/1/jNtFdj7woZYpOzOAyIj4Oox803c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNtFdj7woZYpOzOAyIj4Oox803c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:8c:7b:ee:fc:a3:35:72:4b:46:7a:08:88:67:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb45763ef0a196293b3380c888f83a8c7cd377
        Validity
            Not Before: Apr 21 00:00:34 2025 GMT
            Not After : Apr 22 00:00:34 2025 GMT
        Subject: CN=d989039180d20716514b7b52f367485b8f83fdda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:55:9f:cf:58:13:a1:0d:f7:6c:92:3f:7c:f5:
                    10:65:b0:24:21:48:8b:ee:f0:20:2d:9e:67:97:58:
                    9b:b7:97:f4:f2:72:be:27:3f:ab:f2:e6:a5:bd:7d:
                    c5:53:32:3e:fd:ff:98:7d:36:8f:92:08:45:90:84:
                    3c:e5:f1:03:b6:11:23:15:51:9c:f9:b9:a6:5b:03:
                    85:45:eb:94:79:c0:48:22:38:52:0f:97:15:9d:09:
                    d2:04:c5:ab:b5:e5:0d:e3:17:83:5a:3b:9c:1b:08:
                    70:0f:3d:e6:3e:75:b8:82:71:52:bb:bc:96:d6:b3:
                    d5:6e:56:b8:5b:28:d7:92:ee:51:5d:8e:99:89:25:
                    40:9b:01:13:09:79:d1:87:16:7e:32:4e:c5:6c:0f:
                    52:76:72:9e:87:0c:fd:6e:63:93:a3:ba:f8:c5:d8:
                    5d:0f:a8:a3:e7:02:b1:a1:41:d8:98:e2:92:59:60:
                    a2:e8:1d:ac:37:a9:c4:77:14:ea:df:50:09:75:96:
                    b7:f4:c1:50:65:a7:15:98:d3:03:11:eb:df:8e:42:
                    42:fe:26:a4:40:a5:a3:47:dc:3c:57:20:f3:f8:94:
                    51:00:23:16:8d:5f:ef:3d:17:54:0a:f8:8c:0f:db:
                    8f:9b:78:c0:82:df:ac:d6:68:99:e5:eb:df:b2:af:
                    81:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:89:03:91:80:D2:07:16:51:4B:7B:52:F3:67:48:5B:8F:83:FD:DA
            X509v3 Authority Key Identifier:
                keyid:8C:DB:45:76:3E:F0:A1:96:29:3B:33:80:C8:88:F8:3A:8C:7C:D3:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNtFdj7woZYpOzOAyIj4Oox803c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e852b6-76e2-40ef-a7be-53d3b9874edd/1/jNtFdj7woZYpOzOAyIj4Oox803c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e852b6-76e2-40ef-a7be-53d3b9874edd/1/jNtFdj7woZYpOzOAyIj4Oox803c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:2b:22:ec:51:f7:18:f7:a3:bc:3a:c8:67:ff:3f:59:57:16:
         c9:07:c6:c5:50:b2:7c:9d:6c:5d:e4:b6:5b:e3:c1:42:c2:2f:
         16:76:0b:ef:8c:d1:02:6b:20:23:6c:22:cc:63:30:5f:8a:a5:
         76:2b:e4:d2:d0:56:03:60:f4:64:e2:5d:b0:3e:62:2d:72:a0:
         95:af:8b:b1:d6:4a:a2:5d:43:8d:df:d8:80:5d:a0:8b:f2:8f:
         e1:89:c9:67:60:82:10:00:c9:45:e8:fe:a5:51:4f:3b:3b:3e:
         89:3e:1c:c2:89:31:43:50:fe:28:10:3a:15:24:6b:a8:ff:e4:
         6d:a7:bd:58:e0:70:90:9d:31:cb:7a:87:70:f1:c3:03:82:47:
         b2:93:fc:72:95:87:74:b1:60:27:c9:00:dc:c4:34:aa:26:9e:
         1f:e1:52:f9:4a:db:d9:8f:46:7e:37:4c:80:1f:01:0d:b1:eb:
         72:4b:44:07:cc:0a:05:89:90:d0:68:96:f1:5d:04:06:38:5b:
         4b:ed:97:ba:97:95:82:22:18:22:78:49:64:4f:62:7a:f8:8e:
         8f:9a:58:5d:0c:1c:97:b1:34:e7:d1:31:4a:34:09:67:d7:7d:
         ee:f5:55:03:3e:23:d2:c0:43:b6:e3:ba:d2:20:e0:32:1e:38:
         bd:b9:da:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpYx77vyjNXJLRnoIiGfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGI0NTc2M2VmMGExOTYyOTNiMzM4MGM4ODhmODNhOGM3
Y2QzNzcwHhcNMjUwNDIxMDAwMDM0WhcNMjUwNDIyMDAwMDM0WjAzMTEwLwYDVQQD
EyhkOTg5MDM5MTgwZDIwNzE2NTE0YjdiNTJmMzY3NDg1YjhmODNmZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlWfz1gToQ33bJI/fPUQZbAkIUiL
7vAgLZ5nl1ibt5f08nK+Jz+r8ualvX3FUzI+/f+YfTaPkghFkIQ85fEDthEjFVGc
+bmmWwOFReuUecBIIjhSD5cVnQnSBMWrteUN4xeDWjucGwhwDz3mPnW4gnFSu7yW
1rPVbla4WyjXku5RXY6ZiSVAmwETCXnRhxZ+Mk7FbA9SdnKehwz9bmOTo7r4xdhd
D6ij5wKxoUHYmOKSWWCi6B2sN6nEdxTq31AJdZa39MFQZacVmNMDEevfjkJC/iak
QKWjR9w8VyDz+JRRACMWjV/vPRdUCviMD9uPm3jAgt+s1miZ5evfsq+B2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmJA5GA0gcWUUt7UvNnSFuPg/3aMB8GA1UdIwQY
MBaAFIzbRXY+8KGWKTszgMiI+DqMfNN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak50RmRqN3dvWllwT3pPQXlJajRPb3g4MDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9lODUyYjYtNzZlMi00MGVmLWE3YmUt
NTNkM2I5ODc0ZWRkLzEvak50RmRqN3dvWllwT3pPQXlJajRPb3g4MDNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9lODUyYjYtNzZlMi00MGVmLWE3YmUtNTNkM2I5ODc0ZWRk
LzEvak50RmRqN3dvWllwT3pPQXlJajRPb3g4MDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfisi7FH3
GPejvDrIZ/8/WVcWyQfGxVCyfJ1sXeS2W+PBQsIvFnYL74zRAmsgI2wizGMwX4ql
divk0tBWA2D0ZOJdsD5iLXKgla+LsdZKol1Djd/YgF2gi/KP4YnJZ2CCEADJRej+
pVFPOzs+iT4cwokxQ1D+KBA6FSRrqP/kbae9WOBwkJ0xy3qHcPHDA4JHspP8cpWH
dLFgJ8kA3MQ0qiaeH+FS+Urb2Y9GfjdMgB8BDbHrcktEB8wKBYmQ0GiW8V0EBjhb
S+2XupeVgiIYInhJZE9ieviOj5pYXQwcl7E059ExSjQJZ9d97vVVAz4j0sBDtuO6
0iDgMh44vbna+w==
-----END CERTIFICATE-----