Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
File:                     j7phV8tS0RaPUIRsXlB5IkDt8-A.mft (raw, json)
Hash identifier:          j56GZmE0y7DVsG4B5OVBNz9EVlPlEWrO52i2TC3U4rg=
Subject key identifier:   1B:20:B7:32:C9:F2:3C:09:21:2F:D6:31:1A:C4:CC:32:CA:0C:C0:8B
Authority key identifier: 8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0
Certificate issuer:       /CN=8fba6157cb52d1168f50846c5e50792240edf3e0
Certificate serial:       01976F99D52DE173D5B6BD04206E4C147C2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
Manifest number:          08C0
Signing time:             Sat 14 Jun 2025 18:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:41 +0000
Files and hashes:         1: j7phV8tS0RaPUIRsXlB5IkDt8-A.crl (hash: jJmjOTBpaEokZvwzA8go9W0spO7jCegqn8MwrbVw4r8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:d5:2d:e1:73:d5:b6:bd:04:20:6e:4c:14:7c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fba6157cb52d1168f50846c5e50792240edf3e0
        Validity
            Not Before: Jun 14 18:00:41 2025 GMT
            Not After : Jun 15 18:00:41 2025 GMT
        Subject: CN=1b20b732c9f23c09212fd6311ac4cc32ca0cc08b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8f:fa:dd:33:1c:f7:6e:8c:12:ae:1d:b5:96:
                    14:57:1d:f1:cd:96:b7:f7:d9:a3:4e:0b:98:86:26:
                    2f:40:a1:c8:30:1c:3e:12:a2:f7:19:fb:21:ba:fb:
                    01:6d:7c:57:ed:26:15:43:87:72:87:39:ec:f0:6e:
                    17:fc:18:d1:21:88:41:a9:67:75:ae:11:18:93:8c:
                    fb:ac:12:55:a6:53:26:e4:93:0a:8c:d1:33:a4:cd:
                    ac:97:48:fd:b5:0d:14:45:a1:90:5d:11:e7:ab:49:
                    53:d0:95:a3:9b:b9:bf:25:c8:3d:bd:b1:26:b2:d9:
                    86:7b:e6:72:16:d5:5a:86:37:11:4d:97:49:43:42:
                    c9:8d:79:a8:31:25:e1:6e:26:e0:9c:22:aa:8f:e0:
                    cb:2e:c3:58:90:11:08:1b:35:48:d2:90:60:15:48:
                    88:31:af:65:ee:49:9b:a7:7e:fc:f3:40:fa:53:91:
                    49:59:6c:4a:66:c7:c2:d6:e5:64:3b:ff:93:f0:09:
                    d4:bd:75:b7:ed:84:54:77:f0:1f:23:71:cd:0d:bc:
                    0c:23:fa:c6:7e:99:cc:c0:24:cb:3b:18:14:7a:2d:
                    5c:f7:9c:3d:0e:a4:62:9a:bf:5b:66:41:a1:9a:f0:
                    d3:0d:ba:8c:e6:07:6c:d1:63:07:67:1b:c7:9b:c5:
                    b7:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:20:B7:32:C9:F2:3C:09:21:2F:D6:31:1A:C4:CC:32:CA:0C:C0:8B
            X509v3 Authority Key Identifier:
                keyid:8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:a3:88:69:75:49:35:85:14:aa:4c:eb:0d:a5:aa:5d:69:29:
         b7:24:1f:8b:32:bf:3c:35:cf:d8:ff:2d:00:98:fb:07:3b:dd:
         b3:d7:b2:a8:d1:44:9e:89:50:27:26:36:a5:ae:39:36:0d:c4:
         af:23:de:02:fe:d0:42:65:d6:78:ec:26:63:55:7f:61:16:98:
         65:41:96:95:86:69:46:d6:40:bb:55:dc:ec:78:45:a1:32:3a:
         cc:fd:cb:b2:d8:86:8e:cf:0e:55:cb:07:ac:22:ca:6f:05:09:
         49:2d:3f:10:dc:73:9b:02:97:e0:ca:d4:ae:ec:05:14:bb:21:
         ac:ee:3a:9f:c6:d4:90:cb:bb:1a:a9:29:58:81:20:43:fb:aa:
         2c:04:a6:5f:33:05:16:50:cf:4c:81:b6:a0:ea:58:fe:98:f6:
         80:c7:d3:f5:03:d9:93:65:54:3a:89:49:36:71:aa:63:91:a3:
         3b:05:c4:a0:27:4e:19:60:6f:1f:4f:a5:67:41:ca:db:8d:2a:
         3b:3b:be:3b:ce:c5:37:f7:e7:61:59:75:c3:ef:dc:6f:e0:b5:
         7a:d3:45:56:6a:da:59:d4:0a:f8:79:78:f3:bd:91:85:a3:09:
         3a:6c:13:16:ae:81:54:52:ad:ae:11:ec:5e:3f:a1:78:b5:6a:
         db:a7:a8:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmdUt4XPVtr0EIG5MFHwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmE2MTU3Y2I1MmQxMTY4ZjUwODQ2YzVlNTA3OTIyNDBl
ZGYzZTAwHhcNMjUwNjE0MTgwMDQxWhcNMjUwNjE1MTgwMDQxWjAzMTEwLwYDVQQD
EygxYjIwYjczMmM5ZjIzYzA5MjEyZmQ2MzExYWM0Y2MzMmNhMGNjMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY/63TMc926MEq4dtZYUVx3xzZa3
99mjTguYhiYvQKHIMBw+EqL3GfshuvsBbXxX7SYVQ4dyhzns8G4X/BjRIYhBqWd1
rhEYk4z7rBJVplMm5JMKjNEzpM2sl0j9tQ0URaGQXRHnq0lT0JWjm7m/Jcg9vbEm
stmGe+ZyFtVahjcRTZdJQ0LJjXmoMSXhbibgnCKqj+DLLsNYkBEIGzVI0pBgFUiI
Ma9l7kmbp37880D6U5FJWWxKZsfC1uVkO/+T8AnUvXW37YRUd/AfI3HNDbwMI/rG
fpnMwCTLOxgUei1c95w9DqRimr9bZkGhmvDTDbqM5gds0WMHZxvHm8W3JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsgtzLJ8jwJIS/WMRrEzDLKDMCLMB8GA1UdIwQY
MBaAFI+6YVfLUtEWj1CEbF5QeSJA7fPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUt
MjBmYWQ5NGNhYjE0LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUtMjBmYWQ5NGNhYjE0
LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqOIaXVJ
NYUUqkzrDaWqXWkptyQfizK/PDXP2P8tAJj7Bzvds9eyqNFEnolQJyY2pa45Ng3E
ryPeAv7QQmXWeOwmY1V/YRaYZUGWlYZpRtZAu1Xc7HhFoTI6zP3LstiGjs8OVcsH
rCLKbwUJSS0/ENxzmwKX4MrUruwFFLshrO46n8bUkMu7GqkpWIEgQ/uqLASmXzMF
FlDPTIG2oOpY/pj2gMfT9QPZk2VUOolJNnGqY5GjOwXEoCdOGWBvH0+lZ0HK240q
Ozu+O87FN/fnYVl1w+/cb+C1etNFVmraWdQK+Hl4872RhaMJOmwTFq6BVFKtrhHs
Xj+heLVq26eoeQ==
-----END CERTIFICATE-----