Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          +IljsEIF8jE+rBJN3Gw2GNMx6U2vAFPFuvPBzi9DG/c=
Subject key identifier:   43:8C:8C:5D:B5:A7:5E:DD:22:8B:54:A1:CC:DA:84:CC:89:1B:18:6B
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       019A71135816B767C2F39DFC0AC34877A803
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          0F08
Signing time:             Tue 11 Nov 2025 04:01:24 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:24 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:24 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: Im6m2roNntXva6ADDZheCvNshBOiCtQlk7ZWuDzdCWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:58:16:b7:67:c2:f3:9d:fc:0a:c3:48:77:a8:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Nov 11 04:01:24 2025 GMT
            Not After : Nov 12 04:01:24 2025 GMT
        Subject: CN=438c8c5db5a75edd228b54a1ccda84cc891b186b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:39:30:ef:80:ac:72:8c:dc:ab:6d:69:71:cc:
                    ac:df:1a:01:38:58:dd:ed:ef:f1:57:ce:64:cc:c1:
                    f5:9d:72:3c:68:9d:b2:21:83:2e:84:fa:9b:ee:f8:
                    1a:c4:69:20:1d:6e:1e:db:75:da:12:0c:db:13:23:
                    b6:b4:49:de:a4:a2:72:7c:22:27:b3:cb:b6:fc:54:
                    b7:d2:59:b5:93:c1:27:8d:60:38:ab:4b:70:18:9a:
                    3e:ad:23:bc:51:fe:a5:c9:9b:ab:7a:85:37:1f:0c:
                    1f:ff:35:c0:1d:62:c5:a9:9d:aa:3c:89:ab:64:5e:
                    27:cc:2c:44:32:e2:5a:39:a4:7a:33:ac:1b:a0:54:
                    4f:0d:19:7b:88:a4:30:dc:39:f6:01:57:98:b8:c5:
                    e0:d6:a8:29:e0:85:73:74:36:0b:59:ef:70:c0:6a:
                    5a:96:f5:3f:32:54:a7:44:4b:1a:46:6e:79:e8:21:
                    8f:6c:6c:0d:72:f8:3e:35:68:41:cf:ea:0b:77:1d:
                    80:90:ca:6b:54:c4:63:bd:83:ab:8a:28:b6:1d:92:
                    2b:a3:a9:4d:68:ac:bb:13:6b:43:cb:b0:e4:53:7e:
                    43:8d:37:63:21:f2:93:e1:42:b9:83:be:a1:99:34:
                    a7:c3:f8:f9:f9:04:87:4c:c9:d8:b1:81:ec:4e:68:
                    96:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:8C:8C:5D:B5:A7:5E:DD:22:8B:54:A1:CC:DA:84:CC:89:1B:18:6B
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:d7:84:5a:6c:55:bd:3f:32:62:bf:08:07:be:31:bf:64:14:
         a2:4b:40:ac:99:eb:6f:0c:5d:bd:9c:ab:f2:b1:cd:4b:db:01:
         39:84:0c:40:4a:8c:01:5e:dd:f7:c7:8c:28:e6:1d:eb:a2:7b:
         be:9a:3d:f0:9e:a0:e4:20:a7:55:b5:62:d4:06:95:05:48:f5:
         78:0f:69:2e:f3:3e:cc:de:7c:8e:1c:b4:6c:01:22:04:4c:dc:
         c9:78:3a:74:6f:99:06:63:fc:77:3c:79:37:c4:2e:79:17:5d:
         d9:4f:7b:5f:75:24:cd:91:52:1b:34:5a:73:cc:8d:bc:5e:c6:
         99:cf:a1:7c:4f:e5:f9:dd:15:3c:b4:31:3e:ef:88:e6:5d:01:
         95:bf:e8:53:9e:06:d1:89:2b:21:53:94:69:b4:b0:5c:84:6c:
         4d:3e:f6:69:95:54:37:4b:67:2d:01:87:b4:0e:d6:47:f2:8a:
         b3:5e:ae:30:5e:80:8d:64:9b:63:eb:64:52:8f:34:e3:61:5a:
         7a:a3:4c:36:43:ba:32:b6:82:31:bc:52:bf:1a:16:c3:3f:7c:
         23:36:ba:72:8e:0f:79:6a:77:9e:57:f6:99:71:89:f3:1d:cc:
         5b:81:91:22:80:0f:ec:df:97:55:a9:5d:a1:e7:59:ac:a2:6f:
         8a:3d:15:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1gWt2fC8538CsNId6gDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjUxMTExMDQwMTI0WhcNMjUxMTEyMDQwMTI0WjAzMTEwLwYDVQQD
Eyg0MzhjOGM1ZGI1YTc1ZWRkMjI4YjU0YTFjY2RhODRjYzg5MWIxODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjkw74Cscozcq21pccys3xoBOFjd
7e/xV85kzMH1nXI8aJ2yIYMuhPqb7vgaxGkgHW4e23XaEgzbEyO2tEnepKJyfCIn
s8u2/FS30lm1k8EnjWA4q0twGJo+rSO8Uf6lyZureoU3Hwwf/zXAHWLFqZ2qPImr
ZF4nzCxEMuJaOaR6M6wboFRPDRl7iKQw3Dn2AVeYuMXg1qgp4IVzdDYLWe9wwGpa
lvU/MlSnREsaRm556CGPbGwNcvg+NWhBz+oLdx2AkMprVMRjvYOriii2HZIro6lN
aKy7E2tDy7DkU35DjTdjIfKT4UK5g76hmTSnw/j5+QSHTMnYsYHsTmiWSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOMjF21p17dIotUoczahMyJGxhrMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxteEWmxV
vT8yYr8IB74xv2QUoktArJnrbwxdvZyr8rHNS9sBOYQMQEqMAV7d98eMKOYd66J7
vpo98J6g5CCnVbVi1AaVBUj1eA9pLvM+zN58jhy0bAEiBEzcyXg6dG+ZBmP8dzx5
N8QueRdd2U97X3UkzZFSGzRac8yNvF7Gmc+hfE/l+d0VPLQxPu+I5l0Blb/oU54G
0YkrIVOUabSwXIRsTT72aZVUN0tnLQGHtA7WR/KKs16uMF6AjWSbY+tkUo8042Fa
eqNMNkO6MraCMbxSvxoWwz98Iza6co4PeWp3nlf2mXGJ8x3MW4GRIoAP7N+XVald
oedZrKJvij0VOw==
-----END CERTIFICATE-----