Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
File:                     jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft (raw, json)
Hash identifier:          eTI3FDbwWNiDDXw+zZ4FMQm4UtrayLZjWyl0SKvFGV8=
Subject key identifier:   70:14:3E:D9:C9:2E:F7:FC:59:A1:AB:AC:E7:AF:69:C8:F7:EC:43:5B
Authority key identifier: 8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91
Certificate issuer:       /CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
Certificate serial:       0196553766FC109E3A9E529C885009181B35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
Manifest number:          0718
Signing time:             Sun 20 Apr 2025 22:00:16 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:16 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:16 +0000
Files and hashes:         1: jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl (hash: iThyHylXBngBvkvTE33MmdjPiWJNCVN+Eh9AtyveqrQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:66:fc:10:9e:3a:9e:52:9c:88:50:09:18:1b:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
        Validity
            Not Before: Apr 20 22:00:16 2025 GMT
            Not After : Apr 21 22:00:16 2025 GMT
        Subject: CN=70143ed9c92ef7fc59a1abace7af69c8f7ec435b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ca:62:0a:0a:08:4f:a8:4f:ab:03:7f:42:ee:
                    23:98:ab:26:94:25:b5:3b:30:c0:44:16:25:01:72:
                    1c:09:a3:9b:02:5e:2a:80:e6:9e:4b:d9:2b:50:f9:
                    1d:19:5d:2d:5d:93:1b:3d:04:76:06:ae:6b:cd:11:
                    c7:1f:0f:3e:93:0a:e5:69:19:07:02:85:b8:cf:36:
                    68:0b:cb:7f:7f:1a:7d:6e:7c:96:ab:3a:d8:d2:4d:
                    1e:39:cd:46:1a:0f:8a:a6:50:e9:ec:6c:3a:9d:fb:
                    9f:83:3f:81:8d:d9:4a:b1:78:a6:96:e6:df:29:93:
                    af:ff:1e:7a:19:e7:54:7b:86:2d:fe:23:87:1a:ec:
                    25:51:2d:c3:b9:2a:13:22:47:85:10:8b:52:d6:d3:
                    9e:05:7d:8f:42:51:6a:de:d5:a2:b8:46:89:ef:78:
                    f1:df:6b:09:26:8f:21:15:c8:bd:4f:5a:67:a0:54:
                    21:67:d2:22:ad:45:44:b9:74:e3:06:12:dc:e0:9b:
                    0a:58:1e:0d:8f:f4:87:80:5f:b0:d2:97:01:a7:87:
                    e8:71:e3:09:15:7c:df:d5:3e:dd:61:27:3f:91:02:
                    90:3c:ec:7f:3b:11:b0:39:bb:35:ef:d5:e1:1a:bb:
                    38:d9:bc:c6:e5:2d:4a:f9:25:da:f1:41:11:b5:d7:
                    71:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:14:3E:D9:C9:2E:F7:FC:59:A1:AB:AC:E7:AF:69:C8:F7:EC:43:5B
            X509v3 Authority Key Identifier:
                keyid:8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:74:1d:1c:de:80:0d:d9:94:55:a3:06:23:d4:81:98:20:4d:
         4f:41:68:3b:17:89:95:3f:0a:89:07:03:b5:72:f6:00:07:2c:
         c9:e1:12:34:e1:9c:9f:45:6b:bc:31:df:c5:4b:dc:0e:0b:67:
         5d:da:e9:e0:fe:67:5b:f1:b5:19:ad:c9:0b:5b:9d:88:7a:ee:
         a3:b8:ca:99:ce:a6:f6:ed:86:84:79:23:60:df:41:2e:3e:05:
         98:b4:60:79:6e:e2:db:8d:19:5b:55:3a:9f:62:5d:6e:96:1e:
         6b:7e:25:0b:8d:08:26:c3:9b:49:3b:21:e0:f7:7e:ad:81:ec:
         64:e3:e7:f4:83:27:0c:9a:c2:15:ed:1c:3e:a0:69:29:2c:0a:
         60:93:36:11:f6:50:88:48:87:95:1a:d6:60:ae:3c:af:5e:14:
         e2:ec:59:a9:3d:b3:d4:45:f7:d0:80:40:de:64:a6:22:c7:b0:
         7f:0e:8e:c6:84:e9:b1:2a:27:25:46:95:4c:a7:73:05:16:d8:
         cd:44:31:85:f8:1a:64:2d:25:b4:9f:59:d9:11:55:87:0f:03:
         e4:71:07:53:c6:18:73:99:4c:4a:00:28:6f:1d:f4:7a:b3:19:
         a8:7f:3d:f1:03:38:ca:48:1e:66:19:58:eb:ae:b8:5d:93:40:
         86:71:33:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN2b8EJ46nlKciFAJGBs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTdkY2M3ZTUyZjU4YjM0MmI3MGM4M2RhYTIxYTEwNmFj
NTkyOTEwHhcNMjUwNDIwMjIwMDE2WhcNMjUwNDIxMjIwMDE2WjAzMTEwLwYDVQQD
Eyg3MDE0M2VkOWM5MmVmN2ZjNTlhMWFiYWNlN2FmNjljOGY3ZWM0MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcpiCgoIT6hPqwN/Qu4jmKsmlCW1
OzDARBYlAXIcCaObAl4qgOaeS9krUPkdGV0tXZMbPQR2Bq5rzRHHHw8+kwrlaRkH
AoW4zzZoC8t/fxp9bnyWqzrY0k0eOc1GGg+KplDp7Gw6nfufgz+BjdlKsXimlubf
KZOv/x56GedUe4Yt/iOHGuwlUS3DuSoTIkeFEItS1tOeBX2PQlFq3tWiuEaJ73jx
32sJJo8hFci9T1pnoFQhZ9IirUVEuXTjBhLc4JsKWB4Nj/SHgF+w0pcBp4foceMJ
FXzf1T7dYSc/kQKQPOx/OxGwObs179XhGrs42bzG5S1K+SXa8UERtddxgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAUPtnJLvf8WaGrrOevacj37ENbMB8GA1UdIwQY
MBaAFIxX3MflL1izQrcMg9qiGhBqxZKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYt
NDEzMDZjMjdkNmYwLzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYtNDEzMDZjMjdkNmYw
LzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU3QdHN6A
DdmUVaMGI9SBmCBNT0FoOxeJlT8KiQcDtXL2AAcsyeESNOGcn0VrvDHfxUvcDgtn
Xdrp4P5nW/G1Ga3JC1udiHruo7jKmc6m9u2GhHkjYN9BLj4FmLRgeW7i240ZW1U6
n2JdbpYea34lC40IJsObSTsh4Pd+rYHsZOPn9IMnDJrCFe0cPqBpKSwKYJM2EfZQ
iEiHlRrWYK48r14U4uxZqT2z1EX30IBA3mSmIsewfw6OxoTpsSonJUaVTKdzBRbY
zUQxhfgaZC0ltJ9Z2RFVhw8D5HEHU8YYc5lMSgAobx30erMZqH898QM4ykgeZhlY
6664XZNAhnEz/Q==
-----END CERTIFICATE-----