Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
File:                     jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json)
Hash identifier:          mvf+kphqB/DqZKBCN+B/wMtRHSd7k+hZCsBsdeaSPjs=
Subject key identifier:   28:84:86:49:FD:A2:34:EC:E4:D0:23:54:6E:8D:86:7E:B4:2D:F8:FE
Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36
Certificate issuer:       /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
Certificate serial:       01974E57792F7339FF0E7BFB4DFFDDE69B5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
Manifest number:          0A59
Signing time:             Sun 08 Jun 2025 07:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:44 +0000
Files and hashes:         1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: Ffh+Qbl8DEMZwjRmQ6711hrC6XjRxkVRi/m6wx8IZuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:79:2f:73:39:ff:0e:7b:fb:4d:ff:dd:e6:9b:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
        Validity
            Not Before: Jun  8 07:00:44 2025 GMT
            Not After : Jun  9 07:00:44 2025 GMT
        Subject: CN=28848649fda234ece4d023546e8d867eb42df8fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:43:df:26:90:aa:97:7d:cc:43:0f:f5:6d:d4:
                    cc:0b:5f:09:75:3d:8e:38:21:ba:38:7d:71:c9:ab:
                    33:d3:a5:3a:89:4d:f4:bb:bc:45:e8:6c:f1:70:17:
                    21:80:df:d4:81:6d:77:be:e9:bd:aa:c4:f1:54:f9:
                    90:b4:d9:f7:81:3f:fc:11:ab:bf:8d:8f:9c:aa:34:
                    b8:c1:fa:ec:1d:79:24:03:6f:7d:13:7b:25:db:40:
                    3a:14:43:fc:15:84:88:c8:f0:cf:1e:2d:ea:01:95:
                    01:b3:44:d4:f6:02:bc:8a:38:d3:26:7c:37:e7:4f:
                    93:f2:07:32:f3:a5:99:5e:83:18:77:3d:5e:8b:84:
                    95:86:95:63:ff:db:c8:5f:f1:6b:65:e1:e8:70:ef:
                    ae:9c:b5:37:dc:82:cf:56:4a:35:33:d9:d0:e1:73:
                    02:a2:e2:f4:29:81:84:d3:43:ea:a6:b4:26:cc:34:
                    a0:af:67:b2:52:b4:a1:f5:01:6d:38:56:df:3c:da:
                    ad:c2:73:c3:d6:04:56:6b:03:4d:03:b1:d4:74:42:
                    81:e4:ce:51:b7:33:ee:a3:22:37:93:40:2f:e2:30:
                    f8:f3:77:1c:67:21:9a:33:65:27:5a:e4:99:c7:8a:
                    4f:18:db:fe:16:6b:6e:9d:d7:80:ba:f8:58:d0:03:
                    ae:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:84:86:49:FD:A2:34:EC:E4:D0:23:54:6E:8D:86:7E:B4:2D:F8:FE
            X509v3 Authority Key Identifier:
                keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:e0:f3:4c:a3:7c:1a:dc:80:8c:96:f7:e2:b6:98:97:33:b6:
         80:f3:b4:50:07:c1:3b:38:ce:fb:2b:6f:7f:d6:8d:4f:a2:39:
         b9:78:21:23:38:77:9b:2e:27:8c:67:94:06:eb:e7:02:03:0c:
         da:00:0f:fa:2e:2a:bb:19:ca:cd:48:1a:51:6a:19:73:40:37:
         1c:e5:12:35:42:41:74:91:15:6c:9d:4a:f5:46:e0:f2:a0:69:
         4c:aa:39:a5:4e:e6:8f:39:dd:dd:e4:8e:e2:0e:32:80:0d:a4:
         6f:cb:f1:51:f4:06:88:14:bc:e2:01:c4:d6:2f:9a:c2:0d:8d:
         4f:19:8b:84:8f:27:7d:ea:84:66:5b:9f:b1:a9:ff:45:ed:4c:
         61:6e:9f:f6:42:5e:f7:ca:7c:92:8d:51:6a:be:eb:f2:16:bc:
         ce:aa:78:6d:d9:63:e6:42:7f:e8:97:27:98:ab:bc:b5:7c:19:
         92:1d:3f:d5:b2:58:8d:f7:f8:e1:04:0e:34:1e:95:e4:9f:1f:
         03:19:c6:13:e7:70:5d:c0:f6:e8:ac:0b:aa:7d:40:ac:e1:5b:
         78:9c:8e:0d:57:04:71:07:c8:69:68:d8:1a:3f:6b:a9:86:b9:
         ac:c4:a5:6c:59:ea:b5:79:91:88:e8:dc:d4:bb:38:25:0a:d1:
         0f:2a:bc:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV3kvczn/Dnv7Tf/d5ptdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz
ODFkMzYwHhcNMjUwNjA4MDcwMDQ0WhcNMjUwNjA5MDcwMDQ0WjAzMTEwLwYDVQQD
EygyODg0ODY0OWZkYTIzNGVjZTRkMDIzNTQ2ZThkODY3ZWI0MmRmOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0PfJpCql33MQw/1bdTMC18JdT2O
OCG6OH1xyasz06U6iU30u7xF6GzxcBchgN/UgW13vum9qsTxVPmQtNn3gT/8Eau/
jY+cqjS4wfrsHXkkA299E3sl20A6FEP8FYSIyPDPHi3qAZUBs0TU9gK8ijjTJnw3
50+T8gcy86WZXoMYdz1ei4SVhpVj/9vIX/FrZeHocO+unLU33ILPVko1M9nQ4XMC
ouL0KYGE00PqprQmzDSgr2eyUrSh9QFtOFbfPNqtwnPD1gRWawNNA7HUdEKB5M5R
tzPuoyI3k0Av4jD483ccZyGaM2UnWuSZx4pPGNv+FmtundeAuvhY0AOu9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiEhkn9ojTs5NAjVG6Nhn60Lfj+MB8GA1UdIwQY
MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt
Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz
LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK+DzTKN8
GtyAjJb34raYlzO2gPO0UAfBOzjO+ytvf9aNT6I5uXghIzh3my4njGeUBuvnAgMM
2gAP+i4quxnKzUgaUWoZc0A3HOUSNUJBdJEVbJ1K9Ubg8qBpTKo5pU7mjznd3eSO
4g4ygA2kb8vxUfQGiBS84gHE1i+awg2NTxmLhI8nfeqEZlufsan/Re1MYW6f9kJe
98p8ko1Rar7r8ha8zqp4bdlj5kJ/6JcnmKu8tXwZkh0/1bJYjff44QQONB6V5J8f
AxnGE+dwXcD26KwLqn1ArOFbeJyODVcEcQfIaWjYGj9rqYa5rMSlbFnqtXmRiOjc
1Ls4JQrRDyq8sg==
-----END CERTIFICATE-----