Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
File:                     j_QxWS3s8oXDMtMGJTHA589hAsA.mft (raw, json)
Hash identifier:          Q/AAZsLpDAOZyV3/HgPiLpSMAh+NVDFVIZM3g4LvkU8=
Subject key identifier:   0E:03:79:9B:53:2C:0E:D9:33:94:06:32:F4:63:C3:B0:89:7E:98:8D
Authority key identifier: 8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0
Certificate issuer:       /CN=8ff431592decf285c332d3062531c0e7cf6102c0
Certificate serial:       01965A271886FE92C566E68465C7D8520FFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
Manifest number:          14FF
Signing time:             Mon 21 Apr 2025 21:00:33 +0000
Manifest this update:     Mon 21 Apr 2025 21:00:33 +0000
Manifest next update:     Tue 22 Apr 2025 21:00:33 +0000
Files and hashes:         1: j_QxWS3s8oXDMtMGJTHA589hAsA.crl (hash: f2Xtr6Ny3xZL3cc3yPdJQWEoz8lZaOrsfvX31boePbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:27:18:86:fe:92:c5:66:e6:84:65:c7:d8:52:0f:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ff431592decf285c332d3062531c0e7cf6102c0
        Validity
            Not Before: Apr 21 21:00:33 2025 GMT
            Not After : Apr 22 21:00:33 2025 GMT
        Subject: CN=0e03799b532c0ed933940632f463c3b0897e988d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:60:78:b7:92:e9:61:ea:78:6f:f6:f3:0e:6b:
                    43:44:8e:99:fa:24:50:4d:7c:c4:cd:ab:b8:58:74:
                    14:82:d6:60:52:e1:7c:d0:ae:44:28:96:73:fb:42:
                    58:49:c6:40:41:f6:fa:4a:51:cd:98:f8:c5:f3:5e:
                    15:53:ce:f9:a1:6e:52:16:a1:f8:c7:c0:6f:27:aa:
                    47:88:f2:79:78:0c:6c:2b:a4:87:82:9f:b2:a4:04:
                    9f:06:bd:10:07:37:ed:a0:8b:48:cb:25:6e:d1:e0:
                    53:d3:60:cb:32:7f:b1:67:5a:0e:e3:99:5f:5b:dc:
                    ce:83:41:91:59:72:a2:60:86:5e:cf:4c:7f:87:b6:
                    10:d0:d9:8a:e6:6f:26:52:cc:86:98:85:bc:d0:6b:
                    c2:37:35:82:e6:6b:fb:ac:c6:98:7d:93:8b:c3:80:
                    65:a9:8c:63:04:e2:55:f3:58:cd:98:23:49:54:76:
                    16:4b:8b:fc:02:ad:60:3d:81:c2:00:4c:98:58:b9:
                    45:83:19:2b:e2:e7:fb:21:12:95:11:f4:1a:d5:80:
                    e7:36:71:53:ea:de:ec:05:4d:87:98:10:2e:12:47:
                    2b:e6:78:e0:9e:fd:ec:f8:8e:b9:e2:ac:c7:5b:b7:
                    6e:f3:9b:ff:15:17:b3:54:1f:c5:81:0d:b0:37:2a:
                    7e:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:03:79:9B:53:2C:0E:D9:33:94:06:32:F4:63:C3:B0:89:7E:98:8D
            X509v3 Authority Key Identifier:
                keyid:8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:ef:74:1c:43:42:48:31:ce:60:00:d1:25:dd:84:e7:1c:71:
         73:0f:6a:a6:92:7c:5c:00:fd:06:45:f5:50:5f:1c:5e:f8:b2:
         aa:4f:1f:f0:1c:44:92:aa:f5:19:c2:da:1d:81:bb:a9:69:78:
         ee:25:3c:db:db:8a:10:f1:4f:7e:fc:3b:1d:57:f7:94:0d:c3:
         f6:7c:80:98:86:69:f8:98:9f:85:f1:9f:eb:44:0f:55:2b:2a:
         8f:aa:89:fa:67:30:5b:68:d6:9f:f9:e6:db:86:cf:3a:74:6e:
         af:c5:1e:48:4b:f0:4e:cf:76:40:b7:a1:0a:7b:4a:59:4b:97:
         08:f0:d5:5d:09:c0:2b:f2:bf:fe:14:6c:68:0a:b3:52:25:c8:
         dd:08:20:37:21:0f:a0:0f:70:a0:60:8c:20:a2:45:7a:fe:95:
         16:43:1a:c6:92:fa:58:be:f2:14:9f:fb:86:b2:68:de:27:18:
         07:7b:0a:fe:d7:c8:3c:a0:d8:ff:24:fe:8e:bf:c6:10:36:9d:
         d9:04:a9:8f:a7:4f:80:35:d5:a2:82:14:a4:b0:23:f1:d0:f3:
         80:0f:f8:20:34:1c:b7:87:e0:b4:81:a3:af:0c:75:43:c3:16:
         9d:3b:ff:c1:08:2a:49:25:24:15:d1:e3:ab:00:cd:cb:7e:18:
         a7:df:4b:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaJxiG/pLFZuaEZcfYUg/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZjQzMTU5MmRlY2YyODVjMzMyZDMwNjI1MzFjMGU3Y2Y2
MTAyYzAwHhcNMjUwNDIxMjEwMDMzWhcNMjUwNDIyMjEwMDMzWjAzMTEwLwYDVQQD
EygwZTAzNzk5YjUzMmMwZWQ5MzM5NDA2MzJmNDYzYzNiMDg5N2U5ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymB4t5LpYep4b/bzDmtDRI6Z+iRQ
TXzEzau4WHQUgtZgUuF80K5EKJZz+0JYScZAQfb6SlHNmPjF814VU875oW5SFqH4
x8BvJ6pHiPJ5eAxsK6SHgp+ypASfBr0QBzftoItIyyVu0eBT02DLMn+xZ1oO45lf
W9zOg0GRWXKiYIZez0x/h7YQ0NmK5m8mUsyGmIW80GvCNzWC5mv7rMaYfZOLw4Bl
qYxjBOJV81jNmCNJVHYWS4v8Aq1gPYHCAEyYWLlFgxkr4uf7IRKVEfQa1YDnNnFT
6t7sBU2HmBAuEkcr5njgnv3s+I654qzHW7du85v/FRezVB/FgQ2wNyp+fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4DeZtTLA7ZM5QGMvRjw7CJfpiNMB8GA1UdIwQY
MBaAFI/0MVkt7PKFwzLTBiUxwOfPYQLAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjct
NDRiNzhlNzg4ZGViLzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjctNDRiNzhlNzg4ZGVi
LzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPu90HENC
SDHOYADRJd2E5xxxcw9qppJ8XAD9BkX1UF8cXviyqk8f8BxEkqr1GcLaHYG7qWl4
7iU829uKEPFPfvw7HVf3lA3D9nyAmIZp+JifhfGf60QPVSsqj6qJ+mcwW2jWn/nm
24bPOnRur8UeSEvwTs92QLehCntKWUuXCPDVXQnAK/K//hRsaAqzUiXI3QggNyEP
oA9woGCMIKJFev6VFkMaxpL6WL7yFJ/7hrJo3icYB3sK/tfIPKDY/yT+jr/GEDad
2QSpj6dPgDXVooIUpLAj8dDzgA/4IDQct4fgtIGjrwx1Q8MWnTv/wQgqSSUkFdHj
qwDNy34Yp99L/A==
-----END CERTIFICATE-----