Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          QdzsV3EDavXv5YJ5B180AdpFK6j+dS3Jxa8NMjNYLGg=
Subject key identifier:   F2:41:02:B5:A2:45:BD:D7:04:9F:C3:89:49:E3:DE:19:98:F4:6F:4D
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       01976396AAF6631BD69D7CDF29641A01BD80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          12C9
Signing time:             Thu 12 Jun 2025 10:01:47 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:47 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:47 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: l0aZO4+QOfAdXx2atNfahfvXjjGJdlfMWd34tDamybQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:aa:f6:63:1b:d6:9d:7c:df:29:64:1a:01:bd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Jun 12 10:01:47 2025 GMT
            Not After : Jun 13 10:01:47 2025 GMT
        Subject: CN=f24102b5a245bdd7049fc38949e3de1998f46f4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:29:5c:fb:30:7c:e3:b0:87:5c:5c:17:ac:14:
                    8d:a2:39:db:00:22:51:ca:89:14:6d:f2:73:27:27:
                    b1:95:48:9e:78:c0:5f:06:08:66:4a:48:b9:99:a2:
                    55:eb:01:55:4f:15:4f:d8:35:75:03:f1:f8:ab:04:
                    4c:1e:80:2d:71:f4:6a:f7:f2:d5:9f:ad:ae:f9:9a:
                    95:7f:60:30:b2:b4:f6:b4:c8:13:97:9d:16:6c:0c:
                    b5:ac:0c:a6:b1:ff:12:fc:79:ee:82:ba:6e:1e:88:
                    b8:29:35:79:5a:cc:54:66:d3:5d:13:a4:f6:4d:d2:
                    0e:31:1f:32:3d:f7:a5:6b:3f:4a:16:b6:78:c0:ec:
                    36:79:3c:21:6e:98:b7:0c:6e:32:83:b7:d9:2c:4d:
                    13:d0:cd:98:8c:41:d5:77:62:25:d0:a7:3a:ab:4c:
                    c7:3c:ce:7c:c3:ef:62:0b:8a:5e:34:f9:2c:c7:4d:
                    54:2c:9d:62:c5:c1:03:94:b9:2c:88:b0:b3:3a:e3:
                    17:92:b4:44:0a:df:5a:68:fe:ca:25:30:3a:75:9d:
                    6b:bf:ea:e7:76:56:a6:77:ef:b2:a2:92:f8:d5:e7:
                    85:6a:e0:ce:b8:48:89:a2:ca:4f:ad:84:72:21:16:
                    91:ef:bd:2f:7f:98:d2:9e:f8:9a:c2:c6:5a:86:c7:
                    f0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:41:02:B5:A2:45:BD:D7:04:9F:C3:89:49:E3:DE:19:98:F4:6F:4D
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:fd:01:fe:c0:b4:54:06:90:cf:ea:53:99:a6:a5:c5:f1:16:
         ff:d2:40:74:25:df:ff:fa:6e:de:b4:87:86:78:f7:4e:25:b5:
         2c:4f:de:9a:58:0a:46:8b:f6:0f:14:9d:05:8f:94:32:20:ea:
         f5:83:df:ad:77:e8:12:e9:fa:4c:cc:a8:a4:fd:8a:13:72:ba:
         65:4a:26:e6:e0:36:b9:a9:b0:ef:7d:0d:fe:ce:e0:9f:ae:f8:
         38:f0:58:19:96:dc:c0:91:72:48:8e:3e:40:a1:8c:fa:41:35:
         95:e2:ce:22:f0:0c:69:fc:2a:aa:20:1f:18:37:81:34:d1:d4:
         76:3c:57:75:f9:b7:99:ad:2b:22:27:4e:ae:4b:55:c5:ab:7d:
         66:2a:ed:f6:35:00:f0:d6:12:cc:d4:a3:c8:5f:bc:21:3e:c0:
         9e:de:a9:e0:6e:b0:1c:79:f5:48:b1:da:7e:46:49:f8:dc:a5:
         74:bd:fe:31:64:73:17:ff:6d:af:d4:09:29:0e:3f:b5:b1:a2:
         74:65:54:f0:9e:54:3d:05:4b:92:55:e1:d0:78:5e:67:78:14:
         a9:bf:ea:34:7b:df:a5:e0:5a:3e:6c:d2:47:e6:bf:8f:04:08:
         cd:36:91:fe:de:5d:9e:0a:99:d9:3e:1e:76:f7:d7:fd:3b:01:
         d2:31:53:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlqr2YxvWnXzfKWQaAb2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjUwNjEyMTAwMTQ3WhcNMjUwNjEzMTAwMTQ3WjAzMTEwLwYDVQQD
EyhmMjQxMDJiNWEyNDViZGQ3MDQ5ZmMzODk0OWUzZGUxOTk4ZjQ2ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoilc+zB847CHXFwXrBSNojnbACJR
yokUbfJzJyexlUieeMBfBghmSki5maJV6wFVTxVP2DV1A/H4qwRMHoAtcfRq9/LV
n62u+ZqVf2AwsrT2tMgTl50WbAy1rAymsf8S/HnugrpuHoi4KTV5WsxUZtNdE6T2
TdIOMR8yPfelaz9KFrZ4wOw2eTwhbpi3DG4yg7fZLE0T0M2YjEHVd2Il0Kc6q0zH
PM58w+9iC4peNPksx01ULJ1ixcEDlLksiLCzOuMXkrRECt9aaP7KJTA6dZ1rv+rn
dlamd++yopL41eeFauDOuEiJospPrYRyIRaR770vf5jSnviawsZahsfwTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJBArWiRb3XBJ/DiUnj3hmY9G9NMB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWP0B/sC0
VAaQz+pTmaalxfEW/9JAdCXf//pu3rSHhnj3TiW1LE/emlgKRov2DxSdBY+UMiDq
9YPfrXfoEun6TMyopP2KE3K6ZUom5uA2uamw730N/s7gn674OPBYGZbcwJFySI4+
QKGM+kE1leLOIvAMafwqqiAfGDeBNNHUdjxXdfm3ma0rIidOrktVxat9Zirt9jUA
8NYSzNSjyF+8IT7Ant6p4G6wHHn1SLHafkZJ+NyldL3+MWRzF/9tr9QJKQ4/tbGi
dGVU8J5UPQVLklXh0HheZ3gUqb/qNHvfpeBaPmzSR+a/jwQIzTaR/t5dngqZ2T4e
dvfX/TsB0jFT8A==
-----END CERTIFICATE-----