Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          yOhv5YeSNkH/mwnGVaPvPlB3ELpStQBNkAzjce9k+jw=
Subject key identifier:   FD:FB:1C:A7:62:34:4B:20:AF:06:D6:6F:9A:4F:D4:00:63:CD:DD:07
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       01958BBB5B49DDFC564BBE6520EBD782EBEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          0C7F
Signing time:             Wed 12 Mar 2025 19:01:06 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:06 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:06 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: J7ufN5kERqag2leZm9FAoEj1v0cWsYwN6kMLOYcKstM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:5b:49:dd:fc:56:4b:be:65:20:eb:d7:82:eb:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Mar 12 19:01:06 2025 GMT
            Not After : Mar 13 19:01:06 2025 GMT
        Subject: CN=fdfb1ca762344b20af06d66f9a4fd40063cddd07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4e:b2:21:a5:fb:36:5a:6e:3e:1f:98:86:5e:
                    26:ac:06:2c:4c:04:d9:bf:65:ac:54:a3:03:47:41:
                    5f:f6:e6:be:b7:c1:99:92:30:9c:75:80:4d:27:a8:
                    69:54:46:7a:ed:9e:e7:03:b4:b9:6f:f8:3f:0c:8c:
                    52:0c:b1:76:bd:97:66:ae:af:bc:4d:91:5d:9c:38:
                    98:4e:65:8f:b5:d7:21:c4:b6:0f:9c:5c:a9:71:4c:
                    c5:69:d0:4c:63:63:39:9f:08:27:87:56:85:62:d4:
                    bb:f6:8d:74:3a:36:35:02:34:60:ed:d2:c1:cd:d3:
                    10:e6:7a:9c:81:60:b5:8c:76:98:1b:a7:e2:25:56:
                    1f:47:58:0a:9e:6d:ff:02:1b:cb:a4:e1:a6:1c:f0:
                    59:d1:66:b4:39:03:57:50:65:13:73:00:a6:99:fd:
                    e7:60:b5:f4:b0:7c:f6:92:ef:26:be:0a:ff:c9:2b:
                    ad:d1:e2:8d:55:7f:e3:fa:c1:26:86:fe:22:0a:b3:
                    8b:d0:85:cd:4f:68:34:9c:af:9d:50:7a:15:64:b5:
                    cb:30:82:f0:6a:35:ce:28:f8:d9:d9:a5:7a:c6:cd:
                    dc:d0:fb:5c:8b:94:db:cd:a0:2c:c7:40:72:b3:76:
                    3c:99:f9:f7:aa:d6:a5:f9:d4:15:b3:e4:1f:58:52:
                    99:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:FB:1C:A7:62:34:4B:20:AF:06:D6:6F:9A:4F:D4:00:63:CD:DD:07
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:c8:e5:c0:ac:3a:e9:e5:e4:05:95:50:57:a2:4a:40:0c:53:
         e0:42:9b:60:ea:6a:2c:41:db:ad:06:7c:36:31:4c:db:60:8b:
         95:40:fb:cd:86:4e:55:4b:e7:9c:67:b4:a5:19:9d:cd:22:49:
         f6:59:b7:8f:61:f2:d2:17:9b:a5:17:0e:00:1f:d6:f6:e1:89:
         b9:cb:7f:b1:b8:db:c4:6a:80:50:d5:3d:e9:ff:4b:4e:0d:80:
         05:55:bf:2a:18:97:ae:5c:4e:b7:d0:59:56:3f:7f:45:87:93:
         2e:3b:29:7d:fa:a2:b4:dc:65:21:1a:19:2b:1b:d2:12:4e:28:
         71:50:c5:64:bc:3a:d4:74:7a:9e:40:1a:a1:ee:14:57:63:ff:
         5b:bc:d9:ac:01:02:8c:3e:37:1e:aa:0c:93:65:d5:0c:9f:ed:
         3c:7d:f7:d2:31:a1:c7:66:8a:32:4f:af:d4:07:dd:23:72:db:
         23:2b:71:66:57:0d:a9:71:e3:13:51:09:59:25:3b:3a:f3:e5:
         62:39:8c:6d:21:f7:2c:0c:ea:fe:3e:f5:c9:fb:26:2a:24:15:
         15:a8:23:a9:ab:d8:d3:13:41:6f:4e:7a:ba:52:c7:55:fc:55:
         49:aa:63:74:00:d7:3d:44:88:7b:ef:47:6e:4b:e8:f7:8d:a8:
         85:16:f6:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu1tJ3fxWS75lIOvXguvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjUwMzEyMTkwMTA2WhcNMjUwMzEzMTkwMTA2WjAzMTEwLwYDVQQD
EyhmZGZiMWNhNzYyMzQ0YjIwYWYwNmQ2NmY5YTRmZDQwMDYzY2RkZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU6yIaX7NlpuPh+Yhl4mrAYsTATZ
v2WsVKMDR0Ff9ua+t8GZkjCcdYBNJ6hpVEZ67Z7nA7S5b/g/DIxSDLF2vZdmrq+8
TZFdnDiYTmWPtdchxLYPnFypcUzFadBMY2M5nwgnh1aFYtS79o10OjY1AjRg7dLB
zdMQ5nqcgWC1jHaYG6fiJVYfR1gKnm3/AhvLpOGmHPBZ0Wa0OQNXUGUTcwCmmf3n
YLX0sHz2ku8mvgr/ySut0eKNVX/j+sEmhv4iCrOL0IXNT2g0nK+dUHoVZLXLMILw
ajXOKPjZ2aV6xs3c0Ptci5TbzaAsx0Bys3Y8mfn3qtal+dQVs+QfWFKZiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP37HKdiNEsgrwbWb5pP1ABjzd0HMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacjlwKw6
6eXkBZVQV6JKQAxT4EKbYOpqLEHbrQZ8NjFM22CLlUD7zYZOVUvnnGe0pRmdzSJJ
9lm3j2Hy0hebpRcOAB/W9uGJuct/sbjbxGqAUNU96f9LTg2ABVW/KhiXrlxOt9BZ
Vj9/RYeTLjspffqitNxlIRoZKxvSEk4ocVDFZLw61HR6nkAaoe4UV2P/W7zZrAEC
jD43HqoMk2XVDJ/tPH330jGhx2aKMk+v1AfdI3LbIytxZlcNqXHjE1EJWSU7OvPl
YjmMbSH3LAzq/j71yfsmKiQVFagjqavY0xNBb056ulLHVfxVSapjdADXPUSIe+9H
bkvo942ohRb2Gg==
-----END CERTIFICATE-----