Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
File:                     JNuhs13nN_cbfFUN9fS0ToNka40.mft (raw, json)
Hash identifier:          K21f0iq052zRk8QHnT7eWEzE3GeKkPadS5QapHaDSvk=
Subject key identifier:   EF:24:FE:EF:F6:63:54:A7:12:1B:37:EC:90:B5:8E:89:AF:1F:ED:AB
Authority key identifier: 24:DB:A1:B3:5D:E7:37:F7:1B:7C:55:0D:F5:F4:B4:4E:83:64:6B:8D
Certificate issuer:       /CN=24dba1b35de737f71b7c550df5f4b44e83646b8d
Certificate serial:       01974967C498BB0955B0060F8DBA7C321AAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
Manifest number:          0874
Signing time:             Sat 07 Jun 2025 08:00:26 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:26 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:26 +0000
Files and hashes:         1: JNuhs13nN_cbfFUN9fS0ToNka40.crl (hash: jrTWUFRpebiXtmG8pbUgxyA4B4p5K4C14wozGpqHSV8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:c4:98:bb:09:55:b0:06:0f:8d:ba:7c:32:1a:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24dba1b35de737f71b7c550df5f4b44e83646b8d
        Validity
            Not Before: Jun  7 08:00:26 2025 GMT
            Not After : Jun  8 08:00:26 2025 GMT
        Subject: CN=ef24feeff66354a7121b37ec90b58e89af1fedab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b3:59:b2:88:d5:fd:4d:6d:fd:18:64:27:cc:
                    18:95:bf:c3:ee:b5:83:45:de:9e:ba:2f:ae:79:52:
                    74:dc:03:c4:2d:29:70:0d:98:5d:9a:e5:98:04:9f:
                    f4:2c:06:a6:23:0a:21:7b:63:67:32:bf:b1:fa:72:
                    ab:15:f5:83:a8:b9:2b:54:c5:e2:4b:16:21:39:1d:
                    15:41:95:e1:f5:e9:1f:21:89:de:fb:5f:ba:f7:60:
                    d2:d0:a0:cd:0b:a0:16:d6:af:06:17:45:0c:6c:43:
                    bd:cf:a0:62:d7:4f:39:7c:43:11:45:d1:69:e2:ed:
                    43:d8:eb:26:f2:94:da:7b:58:3e:75:2a:6f:90:b7:
                    04:be:00:93:79:81:90:25:7e:c2:5f:9e:1d:51:6e:
                    23:4e:85:4c:4c:10:7f:59:d0:d8:39:ed:25:1a:47:
                    6c:f5:a7:e5:0b:b0:1c:9a:3d:ae:8f:aa:1d:6a:1b:
                    53:16:c5:cc:a2:55:ef:78:32:5a:7c:59:c8:e6:08:
                    1d:63:e1:79:09:4e:b3:86:dc:fe:45:68:1f:d8:c3:
                    28:46:ca:68:7a:a2:6b:47:6e:7d:2c:41:7c:3d:42:
                    6e:f6:8c:93:1e:18:91:46:22:61:21:0c:02:cf:e2:
                    f0:aa:4d:9e:f0:61:1a:8b:63:cc:c4:32:04:16:de:
                    4b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:24:FE:EF:F6:63:54:A7:12:1B:37:EC:90:B5:8E:89:AF:1F:ED:AB
            X509v3 Authority Key Identifier:
                keyid:24:DB:A1:B3:5D:E7:37:F7:1B:7C:55:0D:F5:F4:B4:4E:83:64:6B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:0d:9d:e2:7c:7d:60:ea:13:ed:9e:1b:ab:61:22:ef:4f:cf:
         d9:b7:63:62:db:e1:28:30:43:78:b7:2f:7f:9d:d4:d8:03:62:
         6f:bf:73:48:dc:c2:9f:ef:00:c5:b8:ec:19:fc:fc:c8:2d:d0:
         ce:66:47:d8:06:62:46:62:57:b4:0d:db:cf:44:31:e0:54:ee:
         33:22:d9:20:21:93:42:72:0b:60:23:21:5c:46:0b:1d:1a:b3:
         f1:75:a5:f3:9b:68:5d:f0:e4:6d:71:b5:a1:5c:b3:fe:54:75:
         9b:ed:fa:57:7c:0b:63:8a:49:68:9d:8b:7e:91:dc:90:e7:b7:
         ae:ba:40:81:b3:69:19:a8:4d:aa:6d:a6:5f:99:4c:4a:f6:a2:
         01:bc:60:82:a7:56:f9:8e:b7:97:f8:d3:e3:5d:f6:04:37:21:
         a3:78:e4:be:fe:18:de:8a:4f:d9:e4:74:9c:48:cb:f0:a3:29:
         b6:c0:82:bf:6d:6b:8f:d8:b4:9b:98:5d:6f:ad:86:c1:9a:2f:
         46:aa:a8:cf:16:47:1a:b1:eb:62:85:c6:d1:7e:5c:55:9a:1c:
         74:b4:51:4d:0b:41:17:de:aa:03:70:59:c3:66:ea:b1:91:d4:
         d2:af:5e:37:2a:a1:58:8c:75:39:68:26:ec:72:fe:40:08:6a:
         fe:06:b7:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ8SYuwlVsAYPjbp8MhqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZGJhMWIzNWRlNzM3ZjcxYjdjNTUwZGY1ZjRiNDRlODM2
NDZiOGQwHhcNMjUwNjA3MDgwMDI2WhcNMjUwNjA4MDgwMDI2WjAzMTEwLwYDVQQD
EyhlZjI0ZmVlZmY2NjM1NGE3MTIxYjM3ZWM5MGI1OGU4OWFmMWZlZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLNZsojV/U1t/RhkJ8wYlb/D7rWD
Rd6eui+ueVJ03APELSlwDZhdmuWYBJ/0LAamIwohe2NnMr+x+nKrFfWDqLkrVMXi
SxYhOR0VQZXh9ekfIYne+1+692DS0KDNC6AW1q8GF0UMbEO9z6Bi1085fEMRRdFp
4u1D2Osm8pTae1g+dSpvkLcEvgCTeYGQJX7CX54dUW4jToVMTBB/WdDYOe0lGkds
9aflC7Acmj2uj6odahtTFsXMolXveDJafFnI5ggdY+F5CU6zhtz+RWgf2MMoRspo
eqJrR259LEF8PUJu9oyTHhiRRiJhIQwCz+Lwqk2e8GEai2PMxDIEFt5LOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8k/u/2Y1SnEhs37JC1jomvH+2rMB8GA1UdIwQY
MBaAFCTbobNd5zf3G3xVDfX0tE6DZGuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTVlOWYtZDU0MS00NTY0LTk5NDct
ZGEwNGUyZjM5Yjg4LzEvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTVlOWYtZDU0MS00NTY0LTk5NDctZGEwNGUyZjM5Yjg4
LzEvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALw2d4nx9
YOoT7Z4bq2Ei70/P2bdjYtvhKDBDeLcvf53U2ANib79zSNzCn+8AxbjsGfz8yC3Q
zmZH2AZiRmJXtA3bz0Qx4FTuMyLZICGTQnILYCMhXEYLHRqz8XWl85toXfDkbXG1
oVyz/lR1m+36V3wLY4pJaJ2LfpHckOe3rrpAgbNpGahNqm2mX5lMSvaiAbxggqdW
+Y63l/jT4132BDcho3jkvv4Y3opP2eR0nEjL8KMptsCCv21rj9i0m5hdb62GwZov
RqqozxZHGrHrYoXG0X5cVZocdLRRTQtBF96qA3BZw2bqsZHU0q9eNyqhWIx1OWgm
7HL+QAhq/ga3nA==
-----END CERTIFICATE-----