Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          +gZYnNizT7VWwnS9fJVNWKfzJl2dy7aCThN97n29HiM=
Subject key identifier:   94:3F:97:9F:1E:57:0D:6D:F6:C2:9C:67:86:B5:4E:83:31:9E:38:81
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       01965E3A903F3DBD312F3B69609A0D7A7850
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          0CEC
Signing time:             Tue 22 Apr 2025 16:00:18 +0000
Manifest this update:     Tue 22 Apr 2025 16:00:18 +0000
Manifest next update:     Wed 23 Apr 2025 16:00:18 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: qJYsmbET0pQVSVvIVrH1eO4MRxdgCiaP4DjH4KYaXSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 14:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5e:3a:90:3f:3d:bd:31:2f:3b:69:60:9a:0d:7a:78:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Apr 22 16:00:18 2025 GMT
            Not After : Apr 23 16:00:18 2025 GMT
        Subject: CN=943f979f1e570d6df6c29c6786b54e83319e3881
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:af:9f:49:b7:ce:48:0a:5e:d5:1c:20:5d:00:
                    50:79:32:4f:1a:e8:62:96:8f:88:3d:ee:75:d5:02:
                    98:41:e5:30:d0:23:6a:3d:0f:08:a8:37:33:2b:cd:
                    89:65:72:ae:8f:ce:62:83:87:a8:3f:4e:e7:02:c8:
                    1c:cd:05:ac:fd:fe:85:20:55:b7:ea:d8:03:cf:26:
                    67:19:dd:19:9c:fe:e7:c4:e9:48:07:50:57:73:e1:
                    d1:70:cd:e8:23:74:98:31:2b:76:f8:44:98:64:3e:
                    79:15:2c:5a:72:ae:fe:20:bf:32:cf:1e:5c:82:24:
                    17:ef:c8:e5:9a:07:bd:c7:66:5b:f5:c7:e6:3d:ee:
                    cd:3b:e1:29:90:06:bf:23:22:aa:91:d6:d6:b5:e9:
                    83:bf:dd:c8:0e:ef:b5:4f:47:8e:3f:93:e7:f9:f6:
                    43:bf:22:8c:57:67:95:8d:4f:1e:61:4d:5c:37:59:
                    aa:72:9d:7a:9b:2f:f2:b7:6c:bf:88:e4:31:64:a2:
                    d3:6a:64:d7:25:32:fb:a5:2c:2d:cb:1e:cf:0f:7f:
                    9e:9c:0e:7a:17:25:fb:1f:dc:b7:59:51:ea:6f:36:
                    0d:ae:52:93:51:b3:4b:82:0b:34:c5:31:5d:cc:78:
                    20:1e:f6:14:ee:8b:4c:7c:04:3f:da:83:60:e4:65:
                    3d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:3F:97:9F:1E:57:0D:6D:F6:C2:9C:67:86:B5:4E:83:31:9E:38:81
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:18:f0:56:72:4f:c8:4f:2f:12:f2:1c:36:c2:bd:43:60:0e:
         c9:3b:1b:e9:71:24:51:a6:0b:5c:f7:c2:93:74:75:36:4b:46:
         af:5c:a8:f9:43:7c:a9:5b:5c:29:99:9f:06:8f:f1:a3:8f:5c:
         b5:b4:0e:fd:dc:17:6d:d4:20:fd:35:36:e9:c2:3a:ac:75:fa:
         4e:03:a0:ae:b9:9c:fe:a9:3d:22:55:66:d0:12:17:27:2f:f0:
         d1:ca:76:71:a6:24:70:b3:9c:b8:69:6f:f5:b4:db:bb:c5:85:
         0f:03:1e:25:eb:85:a6:a6:11:76:09:2c:59:90:e6:30:f1:19:
         09:e3:91:0e:ed:4a:0c:b9:e7:ae:b8:26:50:04:1a:a3:a7:35:
         90:d8:8c:d2:40:a6:cb:93:c7:77:dd:1e:bf:d0:bc:89:22:d2:
         b7:fb:c2:15:24:f0:9a:78:81:0d:79:a5:88:a2:f0:2d:37:a1:
         74:85:52:8d:80:fc:33:44:3e:20:50:ba:69:b3:d4:90:27:fa:
         0b:e8:1d:97:ed:1f:6e:45:5a:73:81:17:d2:2f:bc:90:62:dc:
         24:35:53:33:8e:a8:b6:ee:1f:20:52:10:1b:82:0b:18:13:11:
         3b:9b:4b:12:4e:2d:2e:b0:03:b4:db:b8:61:c1:0a:6e:7c:ad:
         0d:06:5c:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZeOpA/Pb0xLztpYJoNenhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjUwNDIyMTYwMDE4WhcNMjUwNDIzMTYwMDE4WjAzMTEwLwYDVQQD
Eyg5NDNmOTc5ZjFlNTcwZDZkZjZjMjljNjc4NmI1NGU4MzMxOWUzODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6q+fSbfOSApe1RwgXQBQeTJPGuhi
lo+IPe511QKYQeUw0CNqPQ8IqDczK82JZXKuj85ig4eoP07nAsgczQWs/f6FIFW3
6tgDzyZnGd0ZnP7nxOlIB1BXc+HRcM3oI3SYMSt2+ESYZD55FSxacq7+IL8yzx5c
giQX78jlmge9x2Zb9cfmPe7NO+EpkAa/IyKqkdbWtemDv93IDu+1T0eOP5Pn+fZD
vyKMV2eVjU8eYU1cN1mqcp16my/yt2y/iOQxZKLTamTXJTL7pSwtyx7PD3+enA56
FyX7H9y3WVHqbzYNrlKTUbNLggs0xTFdzHggHvYU7otMfAQ/2oNg5GU9iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQ/l58eVw1t9sKcZ4a1ToMxnjiBMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRjwVnJP
yE8vEvIcNsK9Q2AOyTsb6XEkUaYLXPfCk3R1NktGr1yo+UN8qVtcKZmfBo/xo49c
tbQO/dwXbdQg/TU26cI6rHX6TgOgrrmc/qk9IlVm0BIXJy/w0cp2caYkcLOcuGlv
9bTbu8WFDwMeJeuFpqYRdgksWZDmMPEZCeORDu1KDLnnrrgmUAQao6c1kNiM0kCm
y5PHd90ev9C8iSLSt/vCFSTwmniBDXmliKLwLTehdIVSjYD8M0Q+IFC6abPUkCf6
C+gdl+0fbkVac4EX0i+8kGLcJDVTM46otu4fIFIQG4ILGBMRO5tLEk4tLrADtNu4
YcEKbnytDQZcng==
-----END CERTIFICATE-----