Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
File:                     MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft (raw, json)
Hash identifier:          AeezY2NoqbW09dFpli3rq1HaEt7IFWF3Qz1DPAyftec=
Subject key identifier:   47:11:9D:66:23:21:35:FE:C0:97:ED:B5:1A:99:BE:2C:6C:F3:B1:34
Authority key identifier: 30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F
Certificate issuer:       /CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
Certificate serial:       0196591550D8ABC1C33249AF855538A919B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
Manifest number:          0887
Signing time:             Mon 21 Apr 2025 16:01:31 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:31 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:31 +0000
Files and hashes:         1: MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl (hash: 0uYZOXnGt8953gvFTV1VlNf+3w8431V/ZZAxUgkLHmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:50:d8:ab:c1:c3:32:49:af:85:55:38:a9:19:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
        Validity
            Not Before: Apr 21 16:01:31 2025 GMT
            Not After : Apr 22 16:01:31 2025 GMT
        Subject: CN=47119d66232135fec097edb51a99be2c6cf3b134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:4e:e6:93:da:5c:8f:57:36:be:10:b1:17:70:
                    95:5f:a8:1f:c9:60:50:64:93:21:17:5e:16:20:05:
                    0c:81:09:3d:22:fe:a1:c4:c8:66:86:49:ff:e1:c2:
                    44:f0:91:22:b5:6a:48:13:db:b0:75:ef:e5:af:c5:
                    0b:33:be:d1:94:f1:04:70:67:d5:26:b8:a9:68:cd:
                    95:b7:36:36:47:86:42:94:bf:51:45:12:fa:d5:43:
                    9a:1b:59:6e:5c:b1:ed:06:6d:d3:0b:91:42:df:dd:
                    02:72:be:84:34:c3:7a:d5:ae:22:e3:42:5c:b7:c3:
                    5a:1f:05:f0:c5:19:40:d3:30:f6:c6:5b:90:56:96:
                    64:b9:4c:ee:d2:c8:0e:36:8b:38:38:6a:26:39:ea:
                    c6:9a:12:f8:89:5e:38:1b:66:c5:6b:87:5d:0b:15:
                    7a:69:de:7c:e8:23:09:1d:66:ae:d4:7e:89:46:7b:
                    f8:cc:69:81:d2:4f:f1:39:e9:dc:bb:30:92:58:9e:
                    f9:26:dd:73:4c:9e:59:41:8e:ad:e7:a5:0a:41:40:
                    74:f1:df:15:f4:09:a8:20:81:b9:9b:96:28:6b:40:
                    52:60:ae:c4:43:0c:2c:28:c3:d6:19:b8:2c:2f:83:
                    11:43:1b:e2:f7:a2:8f:69:83:06:a4:d9:22:80:78:
                    81:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:11:9D:66:23:21:35:FE:C0:97:ED:B5:1A:99:BE:2C:6C:F3:B1:34
            X509v3 Authority Key Identifier:
                keyid:30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:a7:18:e3:1b:15:8f:51:9d:e6:8d:1f:16:5e:a6:77:e6:ac:
         59:1e:63:96:57:e6:af:fc:f0:f4:96:e4:03:95:ad:9d:c6:47:
         bd:88:b4:68:e9:41:4d:ce:c6:ca:aa:08:b1:34:d2:54:b6:3d:
         8c:70:6b:73:97:f3:f7:65:98:9e:00:43:d5:36:08:35:5d:b4:
         69:b3:65:90:2f:9a:18:79:bd:7a:85:41:cc:6f:26:b1:50:c3:
         8c:98:a0:2a:d3:76:a6:1c:1c:0e:54:ea:00:c2:d8:50:35:ec:
         33:a8:42:1d:49:7d:cd:3f:9e:55:6f:56:37:09:03:fe:1e:5b:
         b3:b1:4b:ce:3f:39:4a:3b:fe:6e:96:62:16:89:eb:a4:14:6d:
         2a:04:98:20:c5:48:64:1f:cf:a6:b3:ec:32:38:af:bf:3f:67:
         73:71:e9:f0:0a:ce:81:0a:1b:93:2e:7d:fb:9e:16:a0:ee:fd:
         f4:fb:52:98:22:a1:2f:77:c4:c9:8f:1b:07:a2:a6:43:3b:ba:
         5d:b6:00:a2:23:55:e7:ed:84:c1:b1:c0:ab:7d:c4:62:3c:94:
         ab:2e:2d:0a:ea:b8:09:40:b1:59:5b:53:c4:60:02:90:a7:74:
         1a:0f:f7:b0:98:2f:07:1a:55:ca:12:6f:f5:2e:47:9d:4e:97:
         87:7d:b3:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFVDYq8HDMkmvhVU4qRm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTI0MmNmNmMxNTI5YWFhMDY5MzM2N2U0NGM4NGEwN2Q4
YjBjOWYwHhcNMjUwNDIxMTYwMTMxWhcNMjUwNDIyMTYwMTMxWjAzMTEwLwYDVQQD
Eyg0NzExOWQ2NjIzMjEzNWZlYzA5N2VkYjUxYTk5YmUyYzZjZjNiMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy07mk9pcj1c2vhCxF3CVX6gfyWBQ
ZJMhF14WIAUMgQk9Iv6hxMhmhkn/4cJE8JEitWpIE9uwde/lr8ULM77RlPEEcGfV
JripaM2VtzY2R4ZClL9RRRL61UOaG1luXLHtBm3TC5FC390Ccr6ENMN61a4i40Jc
t8NaHwXwxRlA0zD2xluQVpZkuUzu0sgONos4OGomOerGmhL4iV44G2bFa4ddCxV6
ad586CMJHWau1H6JRnv4zGmB0k/xOencuzCSWJ75Jt1zTJ5ZQY6t56UKQUB08d8V
9AmoIIG5m5Yoa0BSYK7EQwwsKMPWGbgsL4MRQxvi96KPaYMGpNkigHiBnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcRnWYjITX+wJfttRqZvixs87E0MB8GA1UdIwQY
MBaAFDCiQs9sFSmqoGkzZ+RMhKB9iwyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMt
ZmEyNjc2ZmUzOGZkLzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMtZmEyNjc2ZmUzOGZk
LzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKcY4xsV
j1Gd5o0fFl6md+asWR5jllfmr/zw9JbkA5WtncZHvYi0aOlBTc7GyqoIsTTSVLY9
jHBrc5fz92WYngBD1TYINV20abNlkC+aGHm9eoVBzG8msVDDjJigKtN2phwcDlTq
AMLYUDXsM6hCHUl9zT+eVW9WNwkD/h5bs7FLzj85Sjv+bpZiFonrpBRtKgSYIMVI
ZB/PprPsMjivvz9nc3Hp8ArOgQobky59+54WoO799PtSmCKhL3fEyY8bB6KmQzu6
XbYAoiNV5+2EwbHAq33EYjyUqy4tCuq4CUCxWVtTxGACkKd0Gg/3sJgvBxpVyhJv
9S5HnU6Xh32z1g==
-----END CERTIFICATE-----