Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
File:                     j7phV8tS0RaPUIRsXlB5IkDt8-A.mft (raw, json)
Hash identifier:          VwpgIkjqQZdtK5mIX+hm90K53JkisWC0FQct94OM4Pg=
Subject key identifier:   85:04:83:0C:23:DA:36:EC:38:4F:1B:D2:2B:1F:57:00:11:DB:82:54
Authority key identifier: 8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0
Certificate issuer:       /CN=8fba6157cb52d1168f50846c5e50792240edf3e0
Certificate serial:       01963C8A5EF0A0139AA71FF60536EC21A58F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
Manifest number:          0821
Signing time:             Wed 16 Apr 2025 03:00:23 +0000
Manifest this update:     Wed 16 Apr 2025 03:00:23 +0000
Manifest next update:     Thu 17 Apr 2025 03:00:23 +0000
Files and hashes:         1: j7phV8tS0RaPUIRsXlB5IkDt8-A.crl (hash: sZAWFXSytjVHzz8zvgBcPieQSSQEtsREw1smlGN9I2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3c:8a:5e:f0:a0:13:9a:a7:1f:f6:05:36:ec:21:a5:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fba6157cb52d1168f50846c5e50792240edf3e0
        Validity
            Not Before: Apr 16 03:00:23 2025 GMT
            Not After : Apr 17 03:00:23 2025 GMT
        Subject: CN=8504830c23da36ec384f1bd22b1f570011db8254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d0:95:69:54:6b:48:c8:1d:67:86:a9:87:c2:
                    0c:0a:af:58:15:8e:a8:72:07:6e:9c:de:a6:38:69:
                    fe:89:ba:94:97:e5:46:d8:90:32:e1:ad:1d:f8:7e:
                    a7:45:31:78:bb:37:f3:8b:8e:08:0e:a8:a5:2a:4c:
                    01:66:a5:8e:3f:65:84:66:eb:5f:95:3e:c3:e0:9f:
                    57:e3:84:01:c6:8d:fc:e3:b6:34:9f:ee:14:93:a4:
                    07:40:67:45:6d:1f:35:8d:b2:7d:5f:be:4d:a6:07:
                    39:a2:83:21:e1:f0:d2:2f:6e:83:68:7b:b3:a6:9a:
                    1c:ae:6c:8c:61:9a:32:ff:4a:01:6d:78:e3:d4:e9:
                    a8:3e:77:56:f8:94:09:19:b9:89:bf:0c:22:51:72:
                    c0:3f:e6:ad:11:a0:e0:0c:e8:54:7c:f1:c8:6f:99:
                    93:52:76:c9:ee:f2:ba:c8:d9:db:63:b7:cc:ae:e8:
                    5b:d7:5a:63:da:cf:b0:f3:0d:6a:ca:e4:a9:2d:db:
                    10:8c:72:bc:9c:d7:72:af:f8:45:b9:44:7e:63:13:
                    cf:61:5e:e1:a8:bb:b1:88:f6:d0:00:9b:41:03:2c:
                    70:15:69:1c:d1:a0:8c:21:6d:49:6b:42:87:76:69:
                    4f:5a:06:cd:71:c0:4b:95:cb:e5:89:a1:ad:3c:79:
                    db:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:04:83:0C:23:DA:36:EC:38:4F:1B:D2:2B:1F:57:00:11:DB:82:54
            X509v3 Authority Key Identifier:
                keyid:8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:04:2d:fd:b8:b2:0a:f7:a3:a2:d7:77:4b:28:a7:f6:ad:7a:
         8e:e5:69:cc:04:e8:46:2a:99:2a:85:fc:78:b7:86:ae:0b:9b:
         d0:9f:24:ae:e2:23:8d:10:f3:5b:ad:b0:ed:d4:51:d7:b9:0d:
         49:1f:7f:6d:ed:4c:27:53:d6:e2:4c:9f:07:94:01:74:55:b8:
         73:38:85:f8:e2:69:cc:31:1f:a9:05:95:28:a1:6a:73:b9:d0:
         38:ae:fa:06:c4:aa:d0:f9:55:08:fb:30:14:24:90:f3:c8:49:
         99:83:bd:88:42:2d:b2:72:71:fc:d6:4e:db:e9:f4:d4:2f:30:
         11:16:be:68:64:c4:73:f5:69:ac:fb:e7:50:04:63:72:6b:7e:
         db:26:7c:6b:a1:a5:9b:06:9a:92:8b:b6:cd:12:01:fa:c7:ed:
         85:ce:7e:16:63:e6:3a:33:b4:21:85:b9:50:03:ea:1e:c7:26:
         ed:25:0a:8d:0a:47:9f:e1:b2:85:2f:67:75:0e:34:33:97:18:
         9d:51:0b:21:9d:21:82:42:b6:e8:89:21:ec:45:14:b2:ae:38:
         c7:b8:1b:e7:62:f4:26:50:27:5c:7b:1e:ac:e3:af:f7:b0:f7:
         60:6f:f5:65:bc:09:a9:59:00:17:bc:84:52:6e:5d:94:8b:b3:
         17:e7:9d:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY8il7woBOapx/2BTbsIaWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmE2MTU3Y2I1MmQxMTY4ZjUwODQ2YzVlNTA3OTIyNDBl
ZGYzZTAwHhcNMjUwNDE2MDMwMDIzWhcNMjUwNDE3MDMwMDIzWjAzMTEwLwYDVQQD
Eyg4NTA0ODMwYzIzZGEzNmVjMzg0ZjFiZDIyYjFmNTcwMDExZGI4MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntCVaVRrSMgdZ4aph8IMCq9YFY6o
cgdunN6mOGn+ibqUl+VG2JAy4a0d+H6nRTF4uzfzi44IDqilKkwBZqWOP2WEZutf
lT7D4J9X44QBxo3847Y0n+4Uk6QHQGdFbR81jbJ9X75Npgc5ooMh4fDSL26DaHuz
ppocrmyMYZoy/0oBbXjj1OmoPndW+JQJGbmJvwwiUXLAP+atEaDgDOhUfPHIb5mT
UnbJ7vK6yNnbY7fMruhb11pj2s+w8w1qyuSpLdsQjHK8nNdyr/hFuUR+YxPPYV7h
qLuxiPbQAJtBAyxwFWkc0aCMIW1Ja0KHdmlPWgbNccBLlcvliaGtPHnbkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUEgwwj2jbsOE8b0isfVwAR24JUMB8GA1UdIwQY
MBaAFI+6YVfLUtEWj1CEbF5QeSJA7fPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUt
MjBmYWQ5NGNhYjE0LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUtMjBmYWQ5NGNhYjE0
LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbwQt/biy
Cvejotd3Syin9q16juVpzAToRiqZKoX8eLeGrgub0J8kruIjjRDzW62w7dRR17kN
SR9/be1MJ1PW4kyfB5QBdFW4cziF+OJpzDEfqQWVKKFqc7nQOK76BsSq0PlVCPsw
FCSQ88hJmYO9iEItsnJx/NZO2+n01C8wERa+aGTEc/VprPvnUARjcmt+2yZ8a6Gl
mwaakou2zRIB+sfthc5+FmPmOjO0IYW5UAPqHscm7SUKjQpHn+GyhS9ndQ40M5cY
nVELIZ0hgkK26Ikh7EUUsq44x7gb52L0JlAnXHserOOv97D3YG/1ZbwJqVkAF7yE
Um5dlIuzF+edbw==
-----END CERTIFICATE-----