Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
File:                     jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft (raw, json)
Hash identifier:          DMka5F7TVY1IQ/X3qtdqLEz4rHoB7n/NSOSs47ZCSVs=
Subject key identifier:   4C:67:DB:39:95:22:F8:D6:A6:23:BE:AE:DD:F9:C4:DE:AE:09:39:C5
Authority key identifier: 8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F
Certificate issuer:       /CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
Certificate serial:       019510C70DD3C1EB49E6DD346D67AD0E5541
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
Manifest number:          0847
Signing time:             Sun 16 Feb 2025 22:00:35 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:35 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:35 +0000
Files and hashes:         1: jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl (hash: lE4uUFKFmxUmknsvT3tn0HwyKvYyo2GzVl4I9FcDGCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:0d:d3:c1:eb:49:e6:dd:34:6d:67:ad:0e:55:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
        Validity
            Not Before: Feb 16 22:00:35 2025 GMT
            Not After : Feb 17 22:00:35 2025 GMT
        Subject: CN=4c67db399522f8d6a623beaeddf9c4deae0939c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a0:54:24:0f:5f:df:3d:ab:63:b1:7b:21:87:
                    07:06:33:f6:84:75:b5:a6:3d:eb:3c:0a:81:92:57:
                    21:28:13:96:a4:94:fb:0a:20:cf:93:d4:66:1e:cc:
                    86:97:50:07:c9:3a:08:e2:28:73:b7:c7:fb:ac:2c:
                    f6:32:11:24:79:45:f9:25:9e:91:9e:30:48:99:1e:
                    e5:03:a6:d5:34:af:d1:e1:e7:73:12:3b:72:44:e8:
                    a1:f4:f8:91:7d:24:95:c3:ce:eb:9d:ed:ab:76:a2:
                    11:ad:e6:49:b8:2e:40:c6:5b:ef:d3:fa:52:28:0d:
                    c3:f7:2a:fd:d3:0a:eb:07:d7:6a:ed:f8:e9:d5:2d:
                    46:46:45:54:50:ab:f6:a7:50:a3:cb:2b:9c:d1:0f:
                    77:eb:be:05:77:5b:0c:c1:4d:c6:6b:bc:bf:d8:d3:
                    ee:64:63:63:21:82:77:42:98:53:21:99:40:81:6d:
                    3a:40:4d:eb:01:d3:0f:b5:e5:40:6c:38:10:b9:bd:
                    71:45:e8:58:53:a1:7f:e3:94:57:a8:8f:26:67:73:
                    5f:43:a1:15:ce:43:0f:a4:b4:ff:84:fa:15:4e:c9:
                    89:c4:56:d3:e9:be:17:8f:c8:8f:a5:4d:c9:0e:83:
                    56:be:4c:23:45:9b:d0:45:79:61:1c:ba:78:ed:f0:
                    e6:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:67:DB:39:95:22:F8:D6:A6:23:BE:AE:DD:F9:C4:DE:AE:09:39:C5
            X509v3 Authority Key Identifier:
                keyid:8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:87:6a:09:b9:4e:0d:b3:37:bb:70:6f:39:8e:ce:ea:94:de:
         54:62:54:30:2e:f2:89:0c:fe:32:f5:d9:af:c8:8b:f5:5c:d0:
         b7:26:63:51:07:65:1a:b2:95:e2:89:6d:7d:98:1b:9f:f4:3e:
         0d:72:b7:d5:50:4e:3b:48:d1:d0:3e:b3:63:bb:c2:22:ab:55:
         8f:d1:73:35:f0:b8:00:3b:18:5c:ba:68:13:38:66:27:e6:21:
         92:43:66:57:76:a0:f2:34:dd:34:8e:2e:4b:85:db:c4:98:09:
         0d:b9:4e:ea:b5:51:ca:ea:b5:84:14:be:22:81:d3:82:2f:63:
         b2:0f:0d:84:65:86:5a:c2:ed:f0:d9:50:da:a9:a4:8f:26:9c:
         5d:b6:26:16:21:56:22:72:03:98:6f:10:14:85:36:fa:f5:33:
         e5:5c:e1:f4:d8:5c:1a:70:39:63:0f:e0:60:34:8f:90:bc:27:
         04:f1:30:89:be:30:4f:03:7c:58:23:3c:60:89:58:b0:22:35:
         b3:50:3d:3a:48:f8:c6:b0:20:45:89:d4:c1:cb:2d:41:c6:db:
         a0:70:ec:bb:af:75:6f:eb:70:a1:08:c2:0d:9b:23:ef:b0:de:
         c8:8f:27:03:85:6b:ac:c1:c5:19:43:7e:bc:72:c0:51:70:8a:
         3c:01:2b:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxw3TwetJ5t00bWetDlVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMWU3MjBmZDc1ZGQ2MDEzNDViOTg3NmFlYTdmOTFhYjQ0
NmQ0N2YwHhcNMjUwMjE2MjIwMDM1WhcNMjUwMjE3MjIwMDM1WjAzMTEwLwYDVQQD
Eyg0YzY3ZGIzOTk1MjJmOGQ2YTYyM2JlYWVkZGY5YzRkZWFlMDkzOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaBUJA9f3z2rY7F7IYcHBjP2hHW1
pj3rPAqBklchKBOWpJT7CiDPk9RmHsyGl1AHyToI4ihzt8f7rCz2MhEkeUX5JZ6R
njBImR7lA6bVNK/R4edzEjtyROih9PiRfSSVw87rne2rdqIRreZJuC5Axlvv0/pS
KA3D9yr90wrrB9dq7fjp1S1GRkVUUKv2p1Cjyyuc0Q93674Fd1sMwU3Ga7y/2NPu
ZGNjIYJ3QphTIZlAgW06QE3rAdMPteVAbDgQub1xRehYU6F/45RXqI8mZ3NfQ6EV
zkMPpLT/hPoVTsmJxFbT6b4Xj8iPpU3JDoNWvkwjRZvQRXlhHLp47fDmMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExn2zmVIvjWpiO+rt35xN6uCTnFMB8GA1UdIwQY
MBaAFIwecg/XXdYBNFuYdq6n+Rq0RtR/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYt
NDkxZmU3YWNjMWE5LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYtNDkxZmU3YWNjMWE5
LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFodqCblO
DbM3u3BvOY7O6pTeVGJUMC7yiQz+MvXZr8iL9VzQtyZjUQdlGrKV4oltfZgbn/Q+
DXK31VBOO0jR0D6zY7vCIqtVj9FzNfC4ADsYXLpoEzhmJ+YhkkNmV3ag8jTdNI4u
S4XbxJgJDblO6rVRyuq1hBS+IoHTgi9jsg8NhGWGWsLt8NlQ2qmkjyacXbYmFiFW
InIDmG8QFIU2+vUz5Vzh9NhcGnA5Yw/gYDSPkLwnBPEwib4wTwN8WCM8YIlYsCI1
s1A9Okj4xrAgRYnUwcstQcbboHDsu691b+twoQjCDZsj77DeyI8nA4VrrMHFGUN+
vHLAUXCKPAEriA==
-----END CERTIFICATE-----