Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          HzF2Q/ShvBRAcB279DldF6Xs2zxsm8o86tDqSZNt5u4=
Subject key identifier:   5D:C7:6E:68:B9:52:E2:49:8E:8A:47:26:20:52:11:F7:00:6B:43:23
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       0196598249125542A5A43E1048A88D2CDAEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          049A
Signing time:             Mon 21 Apr 2025 18:00:32 +0000
Manifest this update:     Mon 21 Apr 2025 18:00:32 +0000
Manifest next update:     Tue 22 Apr 2025 18:00:32 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: d6cBoOgAOg2TPz8kadzP8HclxCCsUWhgkk+POdVK0/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:82:49:12:55:42:a5:a4:3e:10:48:a8:8d:2c:da:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Apr 21 18:00:32 2025 GMT
            Not After : Apr 22 18:00:32 2025 GMT
        Subject: CN=5dc76e68b952e2498e8a4726205211f7006b4323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7c:8f:8f:be:2d:6f:d7:cb:fb:24:85:02:f2:
                    d8:19:0d:fa:9e:7a:01:36:1a:1f:bd:2c:dc:5c:81:
                    04:ac:6f:be:f1:e5:a4:99:99:2e:69:aa:a3:26:03:
                    71:ac:82:0e:b6:e8:24:fe:0b:60:bc:d2:43:5e:82:
                    95:ee:45:99:48:14:96:fc:da:62:07:c9:11:98:5f:
                    86:b5:a7:14:dd:c5:86:e0:fe:be:31:45:bd:a1:5b:
                    b8:2e:32:a8:c5:8d:49:f7:f8:08:91:96:46:df:26:
                    8b:ac:c1:59:b5:87:54:94:e2:91:d1:c1:80:d7:f4:
                    f1:d5:6e:7a:ac:04:e3:41:80:28:46:6b:08:4a:a0:
                    9d:6b:ed:0c:cf:b1:56:ef:ce:22:68:d1:a8:81:6e:
                    16:ba:73:83:18:c6:83:e8:43:2e:b2:11:e1:07:2a:
                    1a:a6:94:49:57:f1:fe:2a:03:c5:e3:c2:9d:ec:11:
                    71:c4:07:2f:90:53:16:f9:07:a7:38:e1:64:f9:c3:
                    90:73:34:fc:fc:5d:7b:80:ee:be:84:97:5c:51:00:
                    b0:90:bb:68:06:cd:e0:96:16:3e:dc:c8:df:62:ac:
                    fc:15:f9:60:fc:e5:5a:90:09:57:4f:37:0f:f6:bf:
                    14:c9:9d:3f:32:dd:d6:de:a3:c7:31:4c:ff:35:b0:
                    f6:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:C7:6E:68:B9:52:E2:49:8E:8A:47:26:20:52:11:F7:00:6B:43:23
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:c1:e0:a0:52:09:e2:8d:22:7e:54:85:0d:7f:df:0b:b8:77:
         f4:11:8d:bc:a2:3c:50:39:c6:8e:e2:7c:1f:9d:af:f1:a0:8c:
         b6:12:bc:96:26:ad:b0:e8:ac:75:12:cb:ce:d0:dc:02:c9:09:
         14:77:be:23:a5:fe:fe:94:36:0f:ab:d6:e7:8f:44:15:fc:0f:
         a0:b9:ea:64:d4:74:3e:46:39:a7:69:d3:20:e8:e6:6d:e9:ee:
         8e:e7:0d:81:7b:8d:9d:06:93:9f:0b:e6:ab:f6:42:41:34:04:
         fb:b4:82:01:09:6e:9b:b4:7c:eb:dc:e5:63:50:3a:a6:4a:d4:
         d6:74:50:74:34:0f:e8:49:a5:63:b3:2a:45:e0:78:be:54:79:
         a8:03:e7:e6:fa:5d:5f:d0:89:47:32:af:96:3f:65:30:fc:f9:
         51:0a:5e:27:0a:ee:3e:71:35:ba:18:d4:2a:4b:ea:0d:9e:37:
         27:7d:d0:f2:7e:22:5f:80:11:87:f8:b9:cb:b5:51:27:44:ef:
         1b:2d:b0:54:6f:70:cb:76:df:4f:1b:f0:60:af:11:5a:3e:f3:
         15:6e:5e:0d:0c:6a:02:a0:5c:87:05:75:87:64:0e:99:35:a6:
         c6:54:c9:ac:fa:00:dd:1a:ab:29:65:9f:85:27:69:cd:cd:7d:
         69:a3:8f:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgkkSVUKlpD4QSKiNLNrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUwNDIxMTgwMDMyWhcNMjUwNDIyMTgwMDMyWjAzMTEwLwYDVQQD
Eyg1ZGM3NmU2OGI5NTJlMjQ5OGU4YTQ3MjYyMDUyMTFmNzAwNmI0MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXyPj74tb9fL+ySFAvLYGQ36nnoB
NhofvSzcXIEErG++8eWkmZkuaaqjJgNxrIIOtugk/gtgvNJDXoKV7kWZSBSW/Npi
B8kRmF+GtacU3cWG4P6+MUW9oVu4LjKoxY1J9/gIkZZG3yaLrMFZtYdUlOKR0cGA
1/Tx1W56rATjQYAoRmsISqCda+0Mz7FW784iaNGogW4WunODGMaD6EMushHhByoa
ppRJV/H+KgPF48Kd7BFxxAcvkFMW+QenOOFk+cOQczT8/F17gO6+hJdcUQCwkLto
Bs3glhY+3MjfYqz8Fflg/OVakAlXTzcP9r8UyZ0/Mt3W3qPHMUz/NbD2kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3Hbmi5UuJJjopHJiBSEfcAa0MjMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcHgoFIJ
4o0iflSFDX/fC7h39BGNvKI8UDnGjuJ8H52v8aCMthK8liatsOisdRLLztDcAskJ
FHe+I6X+/pQ2D6vW549EFfwPoLnqZNR0PkY5p2nTIOjmbenujucNgXuNnQaTnwvm
q/ZCQTQE+7SCAQlum7R869zlY1A6pkrU1nRQdDQP6EmlY7MqReB4vlR5qAPn5vpd
X9CJRzKvlj9lMPz5UQpeJwruPnE1uhjUKkvqDZ43J33Q8n4iX4ARh/i5y7VRJ0Tv
Gy2wVG9wy3bfTxvwYK8RWj7zFW5eDQxqAqBchwV1h2QOmTWmxlTJrPoA3RqrKWWf
hSdpzc19aaOPLQ==
-----END CERTIFICATE-----