Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          MMoMt9THTlJO0GcdP1UdrucqeReDBXuE3pvTrxkvkiM=
Subject key identifier:   B2:03:16:B3:57:EE:7C:39:AA:71:C6:A2:69:81:3C:16:99:FD:32:AF
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       019655DC92CD865EF31920964A93791445FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          0577
Signing time:             Mon 21 Apr 2025 01:00:40 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:40 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:40 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: 6VYNYQ5MuBgAAUJM93NCtAHAS+4hAvdSnQWpR3C8M94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:92:cd:86:5e:f3:19:20:96:4a:93:79:14:45:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: Apr 21 01:00:40 2025 GMT
            Not After : Apr 22 01:00:40 2025 GMT
        Subject: CN=b20316b357ee7c39aa71c6a269813c1699fd32af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:90:8a:66:ca:93:35:83:fd:8e:ac:32:1a:d9:
                    92:7f:44:21:c8:03:70:73:3b:ac:07:95:ec:07:7b:
                    16:72:8a:af:5b:1d:c0:b8:e2:05:67:25:47:c9:4e:
                    7e:19:af:88:7a:90:e1:4a:79:35:92:ce:88:d9:f8:
                    c2:e4:12:00:3b:17:97:36:c3:db:e4:c8:60:ca:56:
                    09:a0:c2:a4:c3:24:e8:84:bc:2a:57:d7:a8:83:a7:
                    f9:d2:82:01:6a:83:13:33:1a:08:34:a9:86:0f:6e:
                    20:17:af:c7:ec:02:ae:c8:8d:2d:9f:fa:cd:ae:d3:
                    dd:7a:09:4d:4b:fb:91:9c:17:6e:15:44:eb:ee:24:
                    b0:a5:28:3b:29:4d:d3:06:54:33:1e:7f:a9:19:35:
                    73:07:56:e6:c3:43:7f:80:38:42:23:ea:a7:f5:c1:
                    0c:ed:c3:07:46:e3:c9:02:4c:0a:43:e1:32:26:d9:
                    95:bd:71:22:e9:60:5c:e1:66:ef:2b:b9:37:20:2b:
                    2a:61:a4:aa:c1:9a:d8:7a:2f:b7:20:9c:e7:ca:07:
                    5a:7d:14:e8:98:ae:f3:c7:5f:b1:06:fe:45:f3:4a:
                    98:7b:e7:ac:4b:49:a6:c1:f1:88:ec:28:6f:d8:be:
                    e3:d4:52:41:b3:78:84:9a:11:f7:c4:00:16:41:06:
                    25:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:03:16:B3:57:EE:7C:39:AA:71:C6:A2:69:81:3C:16:99:FD:32:AF
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:53:c4:e5:28:55:b2:b9:aa:6a:1e:04:97:49:cf:a4:e9:a6:
         51:c5:52:a4:da:23:86:3b:b4:06:7a:c3:c4:5b:0c:49:e4:c2:
         0c:a7:25:b0:c9:91:3b:40:73:6a:ac:03:48:16:2c:3a:fb:52:
         bf:e7:98:0d:fd:00:e4:1a:ba:21:0c:31:d0:44:b9:0e:16:1c:
         5b:a3:13:e2:a6:0a:0d:fe:f4:d2:a4:5f:37:74:1c:71:23:47:
         a7:a2:db:e2:6e:d5:1a:4c:39:38:ab:2b:2b:0a:d5:ec:f0:b7:
         1b:34:57:8f:ca:43:db:9d:47:7a:92:70:59:29:da:d0:16:51:
         63:5a:a2:c8:42:1b:71:44:0d:4c:5e:55:17:58:1a:cd:39:54:
         fb:59:20:bd:09:63:b4:33:3e:57:f6:24:8d:18:fd:af:64:f4:
         61:4c:cd:e9:ed:f6:34:a4:9f:64:e6:82:09:7b:92:44:57:85:
         ca:46:c9:b8:20:cb:c6:b9:a3:e2:45:15:e9:39:a5:05:4a:ca:
         d3:59:86:5a:12:d6:7b:09:10:9e:8d:1e:bc:24:ce:6f:7d:04:
         df:28:ca:ec:a5:73:8e:75:39:f4:77:39:03:21:8f:d1:f8:65:
         56:e6:89:25:6a:74:50:1f:73:1f:ef:24:ec:09:10:70:5d:65:
         1a:09:d5:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3JLNhl7zGSCWSpN5FEX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjUwNDIxMDEwMDQwWhcNMjUwNDIyMDEwMDQwWjAzMTEwLwYDVQQD
EyhiMjAzMTZiMzU3ZWU3YzM5YWE3MWM2YTI2OTgxM2MxNjk5ZmQzMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JCKZsqTNYP9jqwyGtmSf0QhyANw
czusB5XsB3sWcoqvWx3AuOIFZyVHyU5+Ga+IepDhSnk1ks6I2fjC5BIAOxeXNsPb
5MhgylYJoMKkwyTohLwqV9eog6f50oIBaoMTMxoINKmGD24gF6/H7AKuyI0tn/rN
rtPdeglNS/uRnBduFUTr7iSwpSg7KU3TBlQzHn+pGTVzB1bmw0N/gDhCI+qn9cEM
7cMHRuPJAkwKQ+EyJtmVvXEi6WBc4WbvK7k3ICsqYaSqwZrYei+3IJznygdafRTo
mK7zx1+xBv5F80qYe+esS0mmwfGI7Chv2L7j1FJBs3iEmhH3xAAWQQYl0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIDFrNX7nw5qnHGommBPBaZ/TKvMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1PE5ShV
srmqah4El0nPpOmmUcVSpNojhju0BnrDxFsMSeTCDKclsMmRO0BzaqwDSBYsOvtS
v+eYDf0A5Bq6IQwx0ES5DhYcW6MT4qYKDf700qRfN3QccSNHp6Lb4m7VGkw5OKsr
KwrV7PC3GzRXj8pD251HepJwWSna0BZRY1qiyEIbcUQNTF5VF1gazTlU+1kgvQlj
tDM+V/YkjRj9r2T0YUzN6e32NKSfZOaCCXuSRFeFykbJuCDLxrmj4kUV6TmlBUrK
01mGWhLWewkQno0evCTOb30E3yjK7KVzjnU59Hc5AyGP0fhlVuaJJWp0UB9zH+8k
7AkQcF1lGgnVcA==
-----END CERTIFICATE-----