Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
File:                     jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft (raw, json)
Hash identifier:          AsMDiIzrCBKIaeAqtbv1iN1JnklA8vZBDnN28XylZGg=
Subject key identifier:   FB:53:7B:9B:65:A2:F3:24:CC:B1:A8:F0:22:F1:42:DE:3E:DE:FC:FE
Authority key identifier: 8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F
Certificate issuer:       /CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
Certificate serial:       0197488C70E718E037F44353A666E5D50E46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
Manifest number:          096D
Signing time:             Sat 07 Jun 2025 04:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:52 +0000
Files and hashes:         1: jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl (hash: LoxqXov0h0SgUMFe7VkGGcpGqOoAX03aEOiKs2UA78I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:70:e7:18:e0:37:f4:43:53:a6:66:e5:d5:0e:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
        Validity
            Not Before: Jun  7 04:00:52 2025 GMT
            Not After : Jun  8 04:00:52 2025 GMT
        Subject: CN=fb537b9b65a2f324ccb1a8f022f142de3edefcfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:dd:2e:b4:8a:c7:e3:f0:ed:6b:06:1f:5c:c2:
                    03:92:97:b8:ac:89:b2:5d:df:71:6b:6f:14:25:55:
                    b6:e0:81:8d:ef:2b:ae:08:e0:12:36:62:ec:8d:5e:
                    63:3e:1b:be:01:8a:d6:df:07:cd:54:3f:d6:3c:ad:
                    9b:8a:96:40:9d:74:e1:dc:dc:ac:48:fa:2f:30:87:
                    ca:9d:70:41:ce:ae:41:c3:98:1c:96:97:12:06:56:
                    71:f7:46:83:6d:a8:25:ec:d4:e7:c1:16:34:1f:f2:
                    4e:39:2d:82:31:28:08:9a:2c:09:44:4f:a2:ab:7d:
                    cd:69:ac:13:47:1c:c2:f3:84:c1:90:d0:6a:84:c9:
                    30:30:0f:20:69:ba:36:a3:41:21:b9:7d:61:32:36:
                    ec:b3:83:fc:e4:bd:89:e7:c7:02:7e:2f:4b:d1:09:
                    2e:39:72:ca:ff:ea:c9:62:e4:d4:3c:4b:af:ca:2d:
                    47:31:a7:a6:9e:4b:91:36:fc:32:f4:18:08:b2:52:
                    c0:63:c0:04:af:cb:43:cb:c4:92:5f:5c:73:8e:a5:
                    9c:b0:d9:d1:6a:38:18:dd:ff:95:eb:4b:90:63:ee:
                    be:e9:1a:6d:d8:51:b3:a1:57:a9:ce:48:11:26:3d:
                    54:ef:87:1d:c9:6f:ff:d9:31:c8:52:55:a4:54:da:
                    5f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:53:7B:9B:65:A2:F3:24:CC:B1:A8:F0:22:F1:42:DE:3E:DE:FC:FE
            X509v3 Authority Key Identifier:
                keyid:8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:75:c4:60:67:12:cf:06:f7:10:97:b9:78:09:fe:30:f6:e3:
         88:a2:c8:14:11:8d:75:5a:61:73:88:5b:10:b1:c8:3b:64:9d:
         33:be:4d:d2:fe:53:47:c5:2f:75:7f:85:d9:a7:15:29:f9:5e:
         86:b9:b4:91:f2:c0:5f:c2:ec:f0:5b:ed:f8:16:ba:e9:03:53:
         ee:a4:7f:08:ce:d7:2a:43:e1:57:88:6f:c1:22:cf:04:79:c2:
         ec:0d:59:ec:0d:56:e9:8a:23:40:4c:cb:0f:fc:24:cd:a8:39:
         c6:47:05:9f:39:14:33:cd:e5:98:17:70:0c:12:e9:03:4b:65:
         a2:c0:ac:8b:89:cf:a6:d3:34:02:fd:ce:1f:c7:2e:82:45:9e:
         5f:a4:18:7a:d8:c9:32:1e:10:6a:c0:77:6a:41:3b:cf:a5:39:
         bc:f4:a3:10:ba:ca:c4:95:8f:94:b1:c2:df:8d:f9:39:64:4e:
         04:c3:f6:32:aa:4d:d9:da:7e:9b:25:a6:46:8a:5f:ae:33:1d:
         35:e7:8a:7e:fe:87:65:1c:21:71:aa:0c:7f:3e:e6:74:4c:4f:
         cf:5e:e9:25:2e:e3:8c:3d:3b:f2:b5:a2:cb:f3:ed:81:20:a6:
         49:af:de:f3:2d:d8:98:91:9c:f7:9c:96:e2:d1:52:00:de:78:
         4c:0a:8e:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjHDnGOA39ENTpmbl1Q5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMWU3MjBmZDc1ZGQ2MDEzNDViOTg3NmFlYTdmOTFhYjQ0
NmQ0N2YwHhcNMjUwNjA3MDQwMDUyWhcNMjUwNjA4MDQwMDUyWjAzMTEwLwYDVQQD
EyhmYjUzN2I5YjY1YTJmMzI0Y2NiMWE4ZjAyMmYxNDJkZTNlZGVmY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt0utIrH4/DtawYfXMIDkpe4rImy
Xd9xa28UJVW24IGN7yuuCOASNmLsjV5jPhu+AYrW3wfNVD/WPK2bipZAnXTh3Nys
SPovMIfKnXBBzq5Bw5gclpcSBlZx90aDbagl7NTnwRY0H/JOOS2CMSgImiwJRE+i
q33NaawTRxzC84TBkNBqhMkwMA8gabo2o0EhuX1hMjbss4P85L2J58cCfi9L0Qku
OXLK/+rJYuTUPEuvyi1HMaemnkuRNvwy9BgIslLAY8AEr8tDy8SSX1xzjqWcsNnR
ajgY3f+V60uQY+6+6Rpt2FGzoVepzkgRJj1U74cdyW//2THIUlWkVNpfHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtTe5tlovMkzLGo8CLxQt4+3vz+MB8GA1UdIwQY
MBaAFIwecg/XXdYBNFuYdq6n+Rq0RtR/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYt
NDkxZmU3YWNjMWE5LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYtNDkxZmU3YWNjMWE5
LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn3XEYGcS
zwb3EJe5eAn+MPbjiKLIFBGNdVphc4hbELHIO2SdM75N0v5TR8UvdX+F2acVKfle
hrm0kfLAX8Ls8Fvt+Ba66QNT7qR/CM7XKkPhV4hvwSLPBHnC7A1Z7A1W6YojQEzL
D/wkzag5xkcFnzkUM83lmBdwDBLpA0tlosCsi4nPptM0Av3OH8cugkWeX6QYetjJ
Mh4QasB3akE7z6U5vPSjELrKxJWPlLHC3435OWROBMP2MqpN2dp+myWmRopfrjMd
NeeKfv6HZRwhcaoMfz7mdExPz17pJS7jjD078rWiy/PtgSCmSa/e8y3YmJGc95yW
4tFSAN54TAqOKQ==
-----END CERTIFICATE-----