Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
File:                     jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft (raw, json)
Hash identifier:          owshMUS1CTw2988/f9cpExJmtGxHjkR+OlZKPejAA5M=
Subject key identifier:   A3:A4:2A:9A:AA:2E:07:79:D5:64:74:3A:25:36:A6:15:F6:2C:29:12
Authority key identifier: 8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F
Certificate issuer:       /CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
Certificate serial:       0196572618909EC487C45A3B6218DD1A22FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
Manifest number:          08F0
Signing time:             Mon 21 Apr 2025 07:00:36 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:36 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:36 +0000
Files and hashes:         1: jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl (hash: 7crqAUNvCefpDIVXCAknEmVKJ0r09E72fPioqFn/gEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:18:90:9e:c4:87:c4:5a:3b:62:18:dd:1a:22:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
        Validity
            Not Before: Apr 21 07:00:36 2025 GMT
            Not After : Apr 22 07:00:36 2025 GMT
        Subject: CN=a3a42a9aaa2e0779d564743a2536a615f62c2912
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ce:a2:f9:cf:56:40:8f:ec:97:bf:6f:6d:03:
                    4c:b4:01:d3:c9:eb:3c:42:63:f1:44:d9:1d:20:96:
                    dc:8b:12:cb:cc:81:54:1c:d1:52:77:3e:ad:81:87:
                    e1:2b:f7:04:e4:a2:97:19:8d:b8:ee:f3:f4:be:2f:
                    02:43:c4:88:82:f3:e9:d8:0c:e6:54:9e:42:42:1f:
                    da:7e:18:e4:17:26:01:26:33:59:e8:56:b4:fc:df:
                    33:00:1d:1a:9c:c6:cf:89:bb:a6:64:f9:fe:a5:d4:
                    ce:fc:8b:d0:d4:ef:89:c4:e9:4c:e7:79:06:a1:85:
                    b6:e3:b4:0b:49:5a:28:f6:4c:d5:29:c0:46:19:84:
                    5c:31:85:14:0b:74:1e:4c:c6:e1:70:ed:7c:a7:8f:
                    54:fb:38:f3:cf:57:6e:35:74:e3:6b:a8:14:df:7f:
                    59:28:38:97:ce:56:bf:38:4a:ee:29:08:54:8a:35:
                    54:09:d3:07:bc:07:92:8f:7d:0e:16:43:26:51:42:
                    e0:dd:7b:ab:98:89:6c:1a:79:d3:39:65:21:b8:d7:
                    8b:5a:01:64:f1:d2:63:c1:05:e7:09:d8:37:0e:b8:
                    78:2b:10:7c:e5:ec:e5:45:5c:af:7f:0b:42:c0:3e:
                    41:d6:99:aa:d2:2b:ed:97:18:7b:aa:07:25:63:41:
                    d1:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:A4:2A:9A:AA:2E:07:79:D5:64:74:3A:25:36:A6:15:F6:2C:29:12
            X509v3 Authority Key Identifier:
                keyid:8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:50:de:d9:a7:e4:29:01:96:13:ad:6f:ec:02:ef:02:d9:62:
         33:df:b3:e8:c7:86:a5:a2:3d:54:a4:ba:ca:6e:02:bd:0d:38:
         1b:4d:af:92:e1:8a:1a:b5:ca:30:fb:3c:8b:43:22:26:4b:5e:
         49:f1:bf:eb:df:96:74:2b:d3:9a:3e:1d:2e:fa:e3:46:32:4e:
         45:b4:23:f0:24:d3:8f:c7:30:ab:51:7d:b7:db:71:85:88:f8:
         2c:c5:c3:b8:7c:95:44:99:29:e1:63:b9:60:a9:80:c6:a8:3c:
         9e:0d:82:81:3c:ee:dc:93:1e:1f:d6:cc:43:ae:70:b9:93:32:
         dc:30:1e:51:27:fe:bb:ce:7b:4c:37:0f:52:b2:20:7f:ed:cb:
         ef:af:00:d7:e5:f9:3b:fa:a6:85:9b:44:9f:b2:2a:ed:77:ad:
         91:08:cd:5e:b0:69:50:c0:da:8d:4d:6d:34:ea:a6:53:d3:ed:
         e6:23:9f:b7:e1:05:15:a6:05:65:3d:40:70:9a:75:4a:24:66:
         5d:01:8e:5c:95:a3:ca:50:4c:be:be:2a:e3:fe:b5:62:ca:52:
         a6:a5:ea:31:c6:09:a1:e6:ef:b4:b7:34:8a:dc:d1:24:3b:e0:
         91:dc:4b:57:a6:cc:38:78:cc:cd:c7:4c:38:e5:5e:cc:b0:ca:
         0c:1b:3d:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJhiQnsSHxFo7YhjdGiL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMWU3MjBmZDc1ZGQ2MDEzNDViOTg3NmFlYTdmOTFhYjQ0
NmQ0N2YwHhcNMjUwNDIxMDcwMDM2WhcNMjUwNDIyMDcwMDM2WjAzMTEwLwYDVQQD
EyhhM2E0MmE5YWFhMmUwNzc5ZDU2NDc0M2EyNTM2YTYxNWY2MmMyOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj86i+c9WQI/sl79vbQNMtAHTyes8
QmPxRNkdIJbcixLLzIFUHNFSdz6tgYfhK/cE5KKXGY247vP0vi8CQ8SIgvPp2Azm
VJ5CQh/afhjkFyYBJjNZ6Fa0/N8zAB0anMbPibumZPn+pdTO/IvQ1O+JxOlM53kG
oYW247QLSVoo9kzVKcBGGYRcMYUUC3QeTMbhcO18p49U+zjzz1duNXTja6gU339Z
KDiXzla/OEruKQhUijVUCdMHvAeSj30OFkMmUULg3XurmIlsGnnTOWUhuNeLWgFk
8dJjwQXnCdg3Drh4KxB85ezlRVyvfwtCwD5B1pmq0ivtlxh7qgclY0HRLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOkKpqqLgd51WR0OiU2phX2LCkSMB8GA1UdIwQY
MBaAFIwecg/XXdYBNFuYdq6n+Rq0RtR/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYt
NDkxZmU3YWNjMWE5LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYtNDkxZmU3YWNjMWE5
LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVDe2afk
KQGWE61v7ALvAtliM9+z6MeGpaI9VKS6ym4CvQ04G02vkuGKGrXKMPs8i0MiJkte
SfG/69+WdCvTmj4dLvrjRjJORbQj8CTTj8cwq1F9t9txhYj4LMXDuHyVRJkp4WO5
YKmAxqg8ng2CgTzu3JMeH9bMQ65wuZMy3DAeUSf+u857TDcPUrIgf+3L768A1+X5
O/qmhZtEn7Iq7XetkQjNXrBpUMDajU1tNOqmU9Pt5iOft+EFFaYFZT1AcJp1SiRm
XQGOXJWjylBMvr4q4/61YspSpqXqMcYJoebvtLc0itzRJDvgkdxLV6bMOHjMzcdM
OOVezLDKDBs9zQ==
-----END CERTIFICATE-----