Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          9JYiYjmthO7SUa4+dRZH/7srg/etabHuqVpV8q8ODp8=
Subject key identifier:   0C:9B:F6:A1:96:13:EB:67:53:5A:77:DA:FF:72:5A:69:99:11:F5:82
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       0195121050775992E69CD8A4DEA48938647C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          0C40
Signing time:             Mon 17 Feb 2025 04:00:13 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:13 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:13 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: GMmGJmcM50GfGjohfdOB57YSCv5uKrZ/V1noHqe0Az0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:50:77:59:92:e6:9c:d8:a4:de:a4:89:38:64:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Feb 17 04:00:13 2025 GMT
            Not After : Feb 18 04:00:13 2025 GMT
        Subject: CN=0c9bf6a19613eb67535a77daff725a699911f582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b3:63:f7:c8:37:a3:8a:d8:3b:75:0d:8c:d2:
                    cc:6d:46:4b:67:0a:d3:90:9d:7d:2f:19:a0:31:10:
                    10:6b:2d:1b:b8:db:0d:fa:62:d1:83:e7:d1:db:e5:
                    5a:d6:f2:b6:d8:82:e0:f9:4f:ca:26:1f:76:23:ca:
                    d2:66:f8:f0:e9:46:9d:0f:00:ba:e1:de:ca:b8:5b:
                    b6:e6:71:c2:69:d0:a7:c2:57:5c:68:2f:17:a0:c8:
                    9f:52:6b:df:86:d2:6b:a6:43:23:0e:19:5c:54:5d:
                    4a:b0:34:a6:bf:e9:54:39:7c:d5:1a:65:ab:70:c7:
                    21:54:78:03:d1:c4:c8:be:81:ce:e1:a1:b1:79:21:
                    87:71:a6:6a:e5:1f:ff:a9:2d:ac:93:40:e5:84:c3:
                    c7:7b:8b:a6:02:99:97:aa:b4:13:9c:ee:94:71:61:
                    56:1c:24:1c:fa:d2:35:02:e4:16:f1:25:2c:6f:11:
                    ad:08:e0:00:de:6e:7c:ed:8d:8a:51:98:0f:cd:c0:
                    1c:c2:f5:84:9e:dc:dd:c4:a9:90:62:24:f2:62:90:
                    8f:92:29:74:1d:a0:84:7d:95:90:08:13:7e:42:bc:
                    77:32:ab:69:b8:e5:a0:c6:2d:d7:04:ce:ab:d6:19:
                    4c:4b:c6:a2:76:a1:11:9f:0f:cb:76:39:03:13:3b:
                    26:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9B:F6:A1:96:13:EB:67:53:5A:77:DA:FF:72:5A:69:99:11:F5:82
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:dd:88:57:21:c0:7c:8f:b3:e9:a0:29:ef:2f:a6:38:25:1d:
         dc:69:ca:ab:32:ec:90:e5:8e:5f:36:15:24:f9:68:58:ac:ae:
         5f:e3:f7:ad:77:ca:57:04:4d:03:25:48:4f:f7:2f:2c:a0:6a:
         25:d7:2d:75:e1:91:58:be:ac:9e:08:77:9d:c5:9e:bb:ff:62:
         f1:1f:60:06:2d:15:39:ad:27:d1:e0:69:53:33:24:73:7c:9b:
         41:96:5f:56:16:03:70:3a:4a:e2:fc:a6:a9:37:bc:a3:23:d7:
         4d:29:32:02:f4:0e:16:c3:69:d9:f8:c8:3b:5c:1e:7e:76:b0:
         64:37:3a:05:65:8f:85:b5:46:9f:37:b4:cd:f2:2c:92:78:98:
         c6:52:ee:e1:20:e0:09:01:a5:ac:39:08:c4:a4:6d:2d:d6:00:
         61:e1:81:10:a9:ff:7c:04:40:71:3f:5c:46:ab:21:50:ae:c1:
         ee:0a:0b:0d:db:7e:a0:7f:b4:85:7b:b3:c9:ca:16:65:11:8e:
         16:20:a8:83:d4:6c:07:03:e7:12:30:5c:fb:22:7b:4d:57:9d:
         a4:3f:9c:f9:45:47:b7:39:81:9b:fb:eb:db:c1:e8:36:15:56:
         4e:77:5d:d6:99:64:b9:3f:8c:32:6f:a4:e8:f0:1e:cc:1d:d4:
         9c:6c:aa:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEFB3WZLmnNik3qSJOGR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjUwMjE3MDQwMDEzWhcNMjUwMjE4MDQwMDEzWjAzMTEwLwYDVQQD
EygwYzliZjZhMTk2MTNlYjY3NTM1YTc3ZGFmZjcyNWE2OTk5MTFmNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7Nj98g3o4rYO3UNjNLMbUZLZwrT
kJ19LxmgMRAQay0buNsN+mLRg+fR2+Va1vK22ILg+U/KJh92I8rSZvjw6UadDwC6
4d7KuFu25nHCadCnwldcaC8XoMifUmvfhtJrpkMjDhlcVF1KsDSmv+lUOXzVGmWr
cMchVHgD0cTIvoHO4aGxeSGHcaZq5R//qS2sk0DlhMPHe4umApmXqrQTnO6UcWFW
HCQc+tI1AuQW8SUsbxGtCOAA3m587Y2KUZgPzcAcwvWEntzdxKmQYiTyYpCPkil0
HaCEfZWQCBN+Qrx3MqtpuOWgxi3XBM6r1hlMS8aidqERnw/LdjkDEzsmnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyb9qGWE+tnU1p32v9yWmmZEfWCMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHt2IVyHA
fI+z6aAp7y+mOCUd3GnKqzLskOWOXzYVJPloWKyuX+P3rXfKVwRNAyVIT/cvLKBq
JdctdeGRWL6sngh3ncWeu/9i8R9gBi0VOa0n0eBpUzMkc3ybQZZfVhYDcDpK4vym
qTe8oyPXTSkyAvQOFsNp2fjIO1wefnawZDc6BWWPhbVGnze0zfIskniYxlLu4SDg
CQGlrDkIxKRtLdYAYeGBEKn/fARAcT9cRqshUK7B7goLDdt+oH+0hXuzycoWZRGO
FiCog9RsBwPnEjBc+yJ7TVedpD+c+UVHtzmBm/vr28HoNhVWTndd1plkuT+MMm+k
6PAezB3UnGyqzw==
-----END CERTIFICATE-----