Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft
File:                     jDzPk_fIB93gQgrVSGrinrXcdfk.mft (raw, json)
Hash identifier:          0iaMKa+g6OBBxkAYHFQryMvDRXz9avNSfWiOjTQLjhY=
Subject key identifier:   9A:FD:C6:69:EB:A1:11:45:75:DC:52:B5:EB:B6:76:7F:82:33:50:38
Authority key identifier: 8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
Certificate issuer:       /CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Certificate serial:       01984A09CB6CB4DD59D66D662907EE25CF6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft
Manifest number:          1604
Signing time:             Sun 27 Jul 2025 04:00:12 +0000
Manifest this update:     Sun 27 Jul 2025 04:00:12 +0000
Manifest next update:     Mon 28 Jul 2025 04:00:12 +0000
Files and hashes:         1: jDzPk_fIB93gQgrVSGrinrXcdfk.crl (hash: Y5Nh+opCxyhNkxTbM/Duz+u/d8NrIm+zwMo8qTd4VGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:09:cb:6c:b4:dd:59:d6:6d:66:29:07:ee:25:cf:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
        Validity
            Not Before: Jul 27 04:00:12 2025 GMT
            Not After : Jul 28 04:00:12 2025 GMT
        Subject: CN=9afdc669eba1114575dc52b5ebb6767f82335038
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:00:64:ad:fa:a3:0c:51:94:18:c3:2d:ce:35:
                    dc:6c:de:5f:fd:6e:b2:26:53:4d:8d:1b:87:91:d8:
                    36:ef:00:0c:f3:74:c6:46:de:23:ef:b5:84:9d:fa:
                    17:52:42:4d:3e:d5:0a:c0:43:6e:67:1d:fc:3a:2d:
                    45:72:67:3e:39:77:65:50:94:72:0b:29:e8:2c:0e:
                    eb:f3:61:1c:14:55:2f:71:36:67:33:29:97:3a:eb:
                    ff:58:a7:7e:c4:86:3f:59:98:37:11:00:28:01:3d:
                    96:aa:1a:cb:94:c3:84:39:72:ad:76:8e:bc:36:9e:
                    c8:b5:77:64:cd:ca:52:0f:12:3c:5a:74:28:be:18:
                    11:d6:60:06:68:55:cd:76:f9:8e:91:b7:f0:3e:df:
                    49:f2:57:20:a1:b4:1c:d1:4f:d9:9c:6c:12:f2:5f:
                    fd:8c:3c:ba:66:17:5b:fe:97:33:34:0d:e0:8c:8d:
                    73:39:87:32:cd:8f:04:81:6b:fa:a2:ac:f5:71:0d:
                    26:65:5a:da:b3:7b:11:f5:1a:38:c5:5d:6a:55:15:
                    9e:36:a9:9e:b3:4a:cf:75:5b:db:72:83:4a:78:bc:
                    de:35:ad:97:cb:d9:51:32:d8:cf:d7:5b:21:31:82:
                    de:d4:71:17:b1:1c:4e:39:66:e7:1e:fa:4a:4c:19:
                    d1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:FD:C6:69:EB:A1:11:45:75:DC:52:B5:EB:B6:76:7F:82:33:50:38
            X509v3 Authority Key Identifier:
                keyid:8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:cf:79:4d:ca:b0:2e:d4:ee:ba:d1:ad:a2:bc:a1:53:53:bf:
         1c:fd:30:c8:5f:78:ed:0a:04:cb:c1:eb:8f:0b:16:c9:3f:2c:
         2c:6f:d7:73:49:3b:93:ac:ff:ff:b1:b5:ed:b1:11:14:2f:45:
         18:a1:1a:78:44:1f:26:b4:cb:8e:c1:ca:15:37:ef:93:75:6d:
         22:0b:13:78:ae:76:49:36:5a:51:d2:ac:f6:15:f4:ca:e1:cf:
         af:c1:64:fb:f7:c6:2b:2f:bb:e6:ac:77:de:5a:ed:cc:47:65:
         d8:bc:45:ec:cd:73:cb:f2:85:36:f1:0e:bb:46:1c:a4:46:2f:
         f3:a7:1a:1d:29:bb:9b:50:35:2a:4c:f6:2d:97:75:a7:95:f6:
         1b:a8:19:b0:74:e8:41:21:4b:82:d8:27:5b:b1:d9:aa:96:e3:
         d4:af:99:f8:1e:e7:14:1c:a7:bf:77:83:44:dd:c1:9c:26:18:
         b5:52:70:2c:5d:21:5a:c9:31:1b:2a:69:fd:f5:86:f6:d7:c2:
         da:70:d8:63:b5:d2:28:bd:d7:8c:5b:cb:d4:91:5c:9c:f0:cd:
         bf:7f:72:9f:63:ca:9c:1c:89:51:df:12:ac:fa:66:01:d1:2f:
         c5:a9:c1:94:f9:c6:c2:25:1b:14:40:79:99:1c:8f:bb:be:a7:
         1e:8c:11:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKCctstN1Z1m1mKQfuJc9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjM2NjZjkzZjdjODA3ZGRlMDQyMGFkNTQ4NmFlMjllYjVk
Yzc1ZjkwHhcNMjUwNzI3MDQwMDEyWhcNMjUwNzI4MDQwMDEyWjAzMTEwLwYDVQQD
Eyg5YWZkYzY2OWViYTExMTQ1NzVkYzUyYjVlYmI2NzY3ZjgyMzM1MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwBkrfqjDFGUGMMtzjXcbN5f/W6y
JlNNjRuHkdg27wAM83TGRt4j77WEnfoXUkJNPtUKwENuZx38Oi1Fcmc+OXdlUJRy
CynoLA7r82EcFFUvcTZnMymXOuv/WKd+xIY/WZg3EQAoAT2WqhrLlMOEOXKtdo68
Np7ItXdkzcpSDxI8WnQovhgR1mAGaFXNdvmOkbfwPt9J8lcgobQc0U/ZnGwS8l/9
jDy6Zhdb/pczNA3gjI1zOYcyzY8EgWv6oqz1cQ0mZVras3sR9Ro4xV1qVRWeNqme
s0rPdVvbcoNKeLzeNa2Xy9lRMtjP11shMYLe1HEXsRxOOWbnHvpKTBnROQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJr9xmnroRFFddxSteu2dn+CM1A4MB8GA1UdIwQY
MBaAFIw8z5P3yAfd4EIK1Uhq4p613HX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xODM0YWMtMjAzMC00NDFmLTgyZTIt
NjgxZGJmZjg1MTVlLzEvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xODM0YWMtMjAzMC00NDFmLTgyZTItNjgxZGJmZjg1MTVl
LzEvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIc95Tcqw
LtTuutGtoryhU1O/HP0wyF947QoEy8HrjwsWyT8sLG/Xc0k7k6z//7G17bERFC9F
GKEaeEQfJrTLjsHKFTfvk3VtIgsTeK52STZaUdKs9hX0yuHPr8Fk+/fGKy+75qx3
3lrtzEdl2LxF7M1zy/KFNvEOu0YcpEYv86caHSm7m1A1Kkz2LZd1p5X2G6gZsHTo
QSFLgtgnW7HZqpbj1K+Z+B7nFBynv3eDRN3BnCYYtVJwLF0hWskxGypp/fWG9tfC
2nDYY7XSKL3XjFvL1JFcnPDNv39yn2PKnByJUd8SrPpmAdEvxanBlPnGwiUbFEB5
mRyPu76nHowRSA==
-----END CERTIFICATE-----