Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft
File:                     jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft (raw, json)
Hash identifier:          uKl29x0yoU799gLRG/8krLLVzbH9BnZrOgk8IO/Myvg=
Subject key identifier:   8E:9D:E2:2E:46:63:91:7D:71:D7:5F:6E:0C:4A:58:64:66:E6:B0:2A
Authority key identifier: 8C:43:78:B5:71:68:2D:34:77:3B:46:37:52:70:1C:94:05:FB:ED:78
Certificate issuer:       /CN=8c4378b571682d34773b463752701c9405fbed78
Certificate serial:       019630507826FA07DB022EF98293AE9FBEF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jEN4tXFoLTR3O0Y3UnAclAX77Xg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft
Manifest number:          03E1
Signing time:             Sun 13 Apr 2025 18:01:42 +0000
Manifest this update:     Sun 13 Apr 2025 18:01:42 +0000
Manifest next update:     Mon 14 Apr 2025 18:01:42 +0000
Files and hashes:         1: jEN4tXFoLTR3O0Y3UnAclAX77Xg.crl (hash: z2kBLMIj6VuEQgtyYzvkoVCzm6+UG8f6tobmALysJUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jEN4tXFoLTR3O0Y3UnAclAX77Xg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 14 Apr 2025 17:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:30:50:78:26:fa:07:db:02:2e:f9:82:93:ae:9f:be:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c4378b571682d34773b463752701c9405fbed78
        Validity
            Not Before: Apr 13 18:01:42 2025 GMT
            Not After : Apr 14 18:01:42 2025 GMT
        Subject: CN=8e9de22e4663917d71d75f6e0c4a586466e6b02a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:51:61:57:54:7c:f0:45:8d:9f:e3:6c:79:f7:
                    2d:8f:2b:c6:c1:b8:dc:a6:cd:f6:c9:45:46:e6:a7:
                    d3:87:67:03:11:18:b2:35:3c:f8:2a:76:a6:85:b0:
                    61:76:d5:3f:78:ea:dd:cb:5c:94:1b:65:a5:1a:28:
                    52:23:53:f4:51:a3:fe:57:72:5b:09:3b:3b:d9:05:
                    3d:af:30:35:79:74:50:30:41:b3:05:62:d0:2c:bd:
                    f8:d1:c5:3e:67:37:71:ba:7a:79:0c:f2:16:d1:e7:
                    2a:a0:ec:45:87:5c:ff:c2:40:11:b9:7a:87:ab:a0:
                    8d:11:0a:49:1d:18:c7:b5:5f:23:14:bf:94:6e:7e:
                    f7:92:cc:e7:85:b6:63:c4:f2:4a:24:24:3a:60:bd:
                    c9:bb:4c:af:18:81:91:38:a2:06:0f:b6:95:42:c5:
                    99:07:d6:4f:9c:ed:0d:e4:93:36:62:f8:c4:64:a6:
                    ce:8c:72:5a:03:ff:b3:d4:8d:e7:b5:8b:6a:b8:5b:
                    10:3f:85:ff:7e:c5:b4:12:1b:69:17:ac:58:f2:27:
                    58:ab:a8:b6:9f:9d:f5:ff:1b:14:30:41:f1:31:c7:
                    c2:46:f4:29:52:01:c4:50:04:fb:84:4a:5f:ae:b8:
                    ea:ab:f0:a4:42:41:c0:32:92:ef:65:da:e9:6b:5b:
                    69:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:9D:E2:2E:46:63:91:7D:71:D7:5F:6E:0C:4A:58:64:66:E6:B0:2A
            X509v3 Authority Key Identifier:
                keyid:8C:43:78:B5:71:68:2D:34:77:3B:46:37:52:70:1C:94:05:FB:ED:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jEN4tXFoLTR3O0Y3UnAclAX77Xg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:29:17:b7:4d:fd:d2:4d:d5:79:b4:6e:ba:38:e8:19:48:2d:
         5b:7c:78:97:4b:76:75:59:b0:a2:35:76:ef:57:4a:49:21:10:
         82:44:88:b0:f9:67:28:ba:ee:d8:bb:4b:10:d4:01:20:62:05:
         be:9f:5e:e0:a4:4b:54:a8:16:54:c4:cc:75:08:65:ee:67:47:
         22:31:85:f3:43:3a:30:d3:b3:3b:f7:4d:08:0f:49:d6:3a:d8:
         05:34:56:3e:38:15:4d:c8:07:76:1e:3d:0f:75:f5:97:7f:25:
         44:48:5b:e8:fb:4d:a1:fa:f4:e9:3b:45:f0:ec:69:7f:fa:f9:
         e0:a9:24:00:15:96:43:b2:77:68:fa:eb:3f:bd:36:be:8f:92:
         8c:67:18:c8:0f:bc:24:24:77:96:a1:26:ac:fe:4e:f3:1e:45:
         fa:d0:24:19:85:49:ee:5e:51:01:41:30:a2:a6:a9:ce:7c:d6:
         46:c3:eb:3c:07:20:63:13:f6:01:0f:d0:3f:40:21:1e:6d:5e:
         74:2e:d5:58:e9:3f:47:a9:1a:5b:41:a4:1a:3b:aa:84:e4:df:
         cc:d4:01:b3:e5:78:68:30:93:0f:a9:87:94:dd:56:68:a5:c2:
         ed:77:7d:a4:c0:dd:12:8d:c8:fc:60:0d:05:40:82:59:e9:33:
         e0:d5:54:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYwUHgm+gfbAi75gpOun775MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNDM3OGI1NzE2ODJkMzQ3NzNiNDYzNzUyNzAxYzk0MDVm
YmVkNzgwHhcNMjUwNDEzMTgwMTQyWhcNMjUwNDE0MTgwMTQyWjAzMTEwLwYDVQQD
Eyg4ZTlkZTIyZTQ2NjM5MTdkNzFkNzVmNmUwYzRhNTg2NDY2ZTZiMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lFhV1R88EWNn+NsefctjyvGwbjc
ps32yUVG5qfTh2cDERiyNTz4KnamhbBhdtU/eOrdy1yUG2WlGihSI1P0UaP+V3Jb
CTs72QU9rzA1eXRQMEGzBWLQLL340cU+Zzdxunp5DPIW0ecqoOxFh1z/wkARuXqH
q6CNEQpJHRjHtV8jFL+Ubn73ksznhbZjxPJKJCQ6YL3Ju0yvGIGROKIGD7aVQsWZ
B9ZPnO0N5JM2YvjEZKbOjHJaA/+z1I3ntYtquFsQP4X/fsW0EhtpF6xY8idYq6i2
n531/xsUMEHxMcfCRvQpUgHEUAT7hEpfrrjqq/CkQkHAMpLvZdrpa1tpSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6d4i5GY5F9cddfbgxKWGRm5rAqMB8GA1UdIwQY
MBaAFIxDeLVxaC00dztGN1JwHJQF++14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakVONHRYRm9MVFIzTzBZM1VuQWNsQVg3N1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83NmI0NDUtMzQ2MS00ZjRmLTliNDIt
NzRmMDFiMjU4NmY1LzEvakVONHRYRm9MVFIzTzBZM1VuQWNsQVg3N1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83NmI0NDUtMzQ2MS00ZjRmLTliNDItNzRmMDFiMjU4NmY1
LzEvakVONHRYRm9MVFIzTzBZM1VuQWNsQVg3N1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSkXt039
0k3VebRuujjoGUgtW3x4l0t2dVmwojV271dKSSEQgkSIsPlnKLru2LtLENQBIGIF
vp9e4KRLVKgWVMTMdQhl7mdHIjGF80M6MNOzO/dNCA9J1jrYBTRWPjgVTcgHdh49
D3X1l38lREhb6PtNofr06TtF8Oxpf/r54KkkABWWQ7J3aPrrP702vo+SjGcYyA+8
JCR3lqEmrP5O8x5F+tAkGYVJ7l5RAUEwoqapznzWRsPrPAcgYxP2AQ/QP0AhHm1e
dC7VWOk/R6kaW0GkGjuqhOTfzNQBs+V4aDCTD6mHlN1WaKXC7Xd9pMDdEo3I/GAN
BUCCWekz4NVUlQ==
-----END CERTIFICATE-----