Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
File:                     L8tesBINBwkLEmJWxFo1KC1awKw.mft (raw, json)
Hash identifier:          +UvghMiJgRAbSLThrDStuj1sNZBHE50xY009VEkWkQQ=
Subject key identifier:   FF:96:E9:5A:D8:89:03:6C:16:70:8E:8B:7E:C8:A7:8A:34:95:ED:0B
Authority key identifier: 2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC
Certificate issuer:       /CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
Certificate serial:       01974855427AB6E18FDF5B16D428C006971F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
Manifest number:          30
Signing time:             Sat 07 Jun 2025 03:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 03:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 03:00:36 +0000
Files and hashes:         1: L8tesBINBwkLEmJWxFo1KC1awKw.crl (hash: MHhAyO2teqEeKeDvv92iw6HCA8/bC2uPWpD3cD24SU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:55:42:7a:b6:e1:8f:df:5b:16:d4:28:c0:06:97:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
        Validity
            Not Before: Jun  7 03:00:36 2025 GMT
            Not After : Jun  8 03:00:36 2025 GMT
        Subject: CN=ff96e95ad889036c16708e8b7ec8a78a3495ed0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:de:0f:f6:5f:d2:d3:b3:ea:50:21:89:86:d4:
                    d5:a8:8e:0d:74:2b:25:ca:8b:cd:09:0f:78:46:21:
                    66:b7:fa:20:94:88:92:1e:90:35:ca:34:83:91:99:
                    4c:f5:80:f6:35:65:cc:54:db:e3:3e:0f:0a:be:01:
                    72:79:48:4c:e9:ee:40:e7:ba:65:72:1f:99:57:5f:
                    91:b7:f3:fa:6f:60:88:8c:2d:b1:0c:48:ed:5b:bc:
                    71:9d:31:42:2c:21:00:f7:08:f0:08:21:39:a4:98:
                    88:bd:e0:67:dc:3d:9a:29:14:61:25:8d:67:b0:af:
                    2e:c9:83:6d:74:56:1f:c9:12:93:9a:4b:27:c7:70:
                    33:8b:5a:a3:14:a5:de:c7:45:cc:58:72:10:e8:4b:
                    19:6a:db:36:64:89:83:78:0d:7a:10:02:bf:5a:01:
                    c3:60:b4:ef:f3:9f:f4:72:c8:6d:7e:f6:b3:2c:6f:
                    82:59:ab:0c:a2:b5:63:09:78:5c:ce:59:50:5a:33:
                    41:49:fa:d1:bf:9a:78:55:fd:4a:1a:f9:c4:08:15:
                    e8:8c:97:76:0b:96:a1:98:f6:ee:72:45:3d:53:f5:
                    ba:b4:39:1b:0c:ab:5d:97:31:a9:35:bc:dc:34:34:
                    7d:34:73:f0:88:08:a7:01:e3:c4:22:f1:a4:2c:19:
                    99:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:96:E9:5A:D8:89:03:6C:16:70:8E:8B:7E:C8:A7:8A:34:95:ED:0B
            X509v3 Authority Key Identifier:
                keyid:2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:e0:ef:fc:79:22:9f:8b:4c:8d:80:ba:61:04:f0:91:37:05:
         df:cc:00:48:71:50:7b:fb:f0:3b:19:ef:1b:6d:9b:bd:ca:21:
         75:e6:13:ee:95:9f:fe:0e:ad:fe:a6:bb:3e:bf:66:69:04:f8:
         57:c0:b7:77:74:a9:a6:b7:d5:08:1f:58:fd:6a:35:3f:a6:b3:
         ee:77:33:26:a6:0f:80:81:85:dd:2a:9b:b4:51:3d:c6:a5:b6:
         11:4e:91:89:b6:1e:09:1e:4d:48:2d:28:5e:de:8a:44:35:16:
         09:47:1c:8b:3d:93:c8:df:bf:f6:4c:d8:d6:68:9b:b2:f9:af:
         87:b9:22:8f:36:31:d9:9c:a3:69:61:17:33:72:ca:87:e5:48:
         63:c1:51:21:68:ce:9b:f2:33:a5:22:70:81:be:be:7a:ef:6b:
         f3:a9:56:f6:05:f9:99:13:4e:87:25:52:2c:52:b9:14:b5:f3:
         0a:eb:4a:70:43:7f:74:da:57:98:65:20:0d:76:b3:03:e7:27:
         73:f6:ba:82:3e:9f:cc:5c:46:0d:e0:dd:ec:92:24:6a:82:8a:
         21:aa:f6:00:21:e5:b6:1f:86:9b:de:7d:80:1a:cd:4a:4e:13:
         85:59:55:0e:43:e5:cd:b2:d8:aa:94:10:71:22:65:0f:cf:5c:
         89:18:e2:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVUJ6tuGP31sW1CjABpcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2I1ZWIwMTIwZDA3MDkwYjEyNjI1NmM0NWEzNTI4MmQ1
YWMwYWMwHhcNMjUwNjA3MDMwMDM2WhcNMjUwNjA4MDMwMDM2WjAzMTEwLwYDVQQD
EyhmZjk2ZTk1YWQ4ODkwMzZjMTY3MDhlOGI3ZWM4YTc4YTM0OTVlZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt4P9l/S07PqUCGJhtTVqI4NdCsl
yovNCQ94RiFmt/oglIiSHpA1yjSDkZlM9YD2NWXMVNvjPg8KvgFyeUhM6e5A57pl
ch+ZV1+Rt/P6b2CIjC2xDEjtW7xxnTFCLCEA9wjwCCE5pJiIveBn3D2aKRRhJY1n
sK8uyYNtdFYfyRKTmksnx3Azi1qjFKXex0XMWHIQ6EsZats2ZImDeA16EAK/WgHD
YLTv85/0cshtfvazLG+CWasMorVjCXhczllQWjNBSfrRv5p4Vf1KGvnECBXojJd2
C5ahmPbuckU9U/W6tDkbDKtdlzGpNbzcNDR9NHPwiAinAePEIvGkLBmZmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+W6VrYiQNsFnCOi37Ip4o0le0LMB8GA1UdIwQY
MBaAFC/LXrASDQcJCxJiVsRaNSgtWsCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzIt
ZTIxNTJlZGY5ZjljLzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzItZTIxNTJlZGY5Zjlj
LzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALODv/Hki
n4tMjYC6YQTwkTcF38wASHFQe/vwOxnvG22bvcohdeYT7pWf/g6t/qa7Pr9maQT4
V8C3d3SpprfVCB9Y/Wo1P6az7nczJqYPgIGF3SqbtFE9xqW2EU6RibYeCR5NSC0o
Xt6KRDUWCUcciz2TyN+/9kzY1mibsvmvh7kijzYx2ZyjaWEXM3LKh+VIY8FRIWjO
m/IzpSJwgb6+eu9r86lW9gX5mRNOhyVSLFK5FLXzCutKcEN/dNpXmGUgDXazA+cn
c/a6gj6fzFxGDeDd7JIkaoKKIar2ACHlth+Gm959gBrNSk4ThVlVDkPlzbLYqpQQ
cSJlD89ciRjiog==
-----END CERTIFICATE-----