Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
File:                     jzAoLIbxBGuTEkzycOEU5fAm_3M.mft (raw, json)
Hash identifier:          JIMoxVRFDni1x9m55ewX2kTUJg85l6Mlt0GmHdU43OE=
Subject key identifier:   C0:20:91:FA:CA:1E:34:CC:C0:A0:90:34:68:C0:68:74:06:7B:DD:52
Authority key identifier: 8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73
Certificate issuer:       /CN=8f30282c86f1046b93124cf270e114e5f026ff73
Certificate serial:       019923A0E0E361C60DF4D16160C4F8776332
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
Manifest number:          1030
Signing time:             Sun 07 Sep 2025 10:02:49 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:49 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:49 +0000
Files and hashes:         1: jzAoLIbxBGuTEkzycOEU5fAm_3M.crl (hash: 8vCWephk//nvKx9VIngaDycc9S+sJ61Tt2seFjn4hLQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 10:02:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:e0:e3:61:c6:0d:f4:d1:61:60:c4:f8:77:63:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f30282c86f1046b93124cf270e114e5f026ff73
        Validity
            Not Before: Sep  7 10:02:49 2025 GMT
            Not After : Sep  8 10:02:49 2025 GMT
        Subject: CN=c02091faca1e34ccc0a0903468c06874067bdd52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:80:d4:2b:52:07:7b:08:47:c3:50:bc:61:84:
                    a7:cd:20:41:0d:a4:b8:9d:3a:d7:f3:d4:aa:19:32:
                    cc:41:0f:bc:5e:33:22:c1:fe:bd:75:36:82:54:30:
                    33:bb:87:56:8f:2e:2a:84:f9:4f:48:4e:94:2b:cc:
                    c1:34:fb:ce:fe:1a:a6:04:a8:34:3e:7f:38:f8:c3:
                    f1:d1:72:51:ab:2e:00:b0:a7:a8:ae:96:44:89:15:
                    45:fd:b0:d4:b6:f1:a2:56:71:3c:6a:3b:a8:4d:45:
                    30:19:2e:22:0a:cd:68:27:ba:66:f5:eb:ac:ae:8d:
                    ca:3b:95:03:ce:8e:1d:f4:18:ed:db:8e:d2:b0:3d:
                    37:93:ed:51:43:9b:6c:51:9a:87:d2:06:9d:e9:17:
                    cf:cd:f8:ae:a2:51:78:f9:b3:bd:a3:ef:3a:6c:b9:
                    41:a7:b0:99:34:d5:ca:3e:8e:8f:25:4d:fe:eb:7a:
                    bb:84:c2:e1:1f:9f:41:43:35:cf:6c:57:cf:76:21:
                    8d:45:3b:e9:f6:b0:35:b1:ac:dd:ee:d2:11:a7:ad:
                    da:4c:3f:aa:ae:b9:2f:ec:82:53:5a:88:b7:fc:6c:
                    c4:5c:0d:de:10:72:64:d5:57:3e:a7:7a:53:68:44:
                    23:3a:b0:5d:89:97:44:24:01:00:75:bc:e4:81:a7:
                    4b:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:20:91:FA:CA:1E:34:CC:C0:A0:90:34:68:C0:68:74:06:7B:DD:52
            X509v3 Authority Key Identifier:
                keyid:8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:51:9e:aa:2f:dd:cf:30:02:70:dd:3b:57:5e:76:b0:ae:29:
         93:20:b3:69:19:c4:f1:40:48:8a:8a:d4:f1:e9:a5:e1:cd:64:
         e6:80:88:b0:4d:bd:d3:7a:c2:24:24:77:41:88:0b:d3:9c:d6:
         4d:27:e7:b5:c0:50:69:70:cf:2a:f7:58:4a:c4:ea:70:fa:56:
         62:9a:a1:cc:85:f3:b6:8b:27:1c:4d:43:d7:4f:4a:79:1c:fc:
         cd:c5:ed:96:af:d0:04:44:89:6c:aa:7a:81:d4:03:89:8f:d4:
         0a:06:2a:47:bd:ba:49:d1:df:e7:bd:2c:21:e4:2c:51:96:f1:
         fe:db:4d:16:e0:e4:3c:60:5a:22:cf:1a:63:0c:58:a4:4a:47:
         f0:5a:17:2e:a9:c7:5b:8d:df:9a:bc:c0:67:19:91:06:39:26:
         86:f0:ff:56:30:7c:a4:cc:32:be:ec:da:9a:66:53:21:b4:9e:
         71:f0:9c:ec:bf:48:0c:ca:21:5d:19:4b:e7:53:1b:61:d6:65:
         fd:21:1d:cb:6b:43:fd:dc:20:be:c8:8a:c2:78:f2:0d:e7:bc:
         c3:a8:2f:db:ea:d3:7b:30:da:82:ab:01:78:cc:d0:86:8e:c0:
         ab:81:43:a0:01:56:7e:8d:b8:26:62:03:50:ee:0a:f2:2e:ea:
         4a:6f:ce:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoODjYcYN9NFhYMT4d2MyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAyODJjODZmMTA0NmI5MzEyNGNmMjcwZTExNGU1ZjAy
NmZmNzMwHhcNMjUwOTA3MTAwMjQ5WhcNMjUwOTA4MTAwMjQ5WjAzMTEwLwYDVQQD
EyhjMDIwOTFmYWNhMWUzNGNjYzBhMDkwMzQ2OGMwNjg3NDA2N2JkZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIDUK1IHewhHw1C8YYSnzSBBDaS4
nTrX89SqGTLMQQ+8XjMiwf69dTaCVDAzu4dWjy4qhPlPSE6UK8zBNPvO/hqmBKg0
Pn84+MPx0XJRqy4AsKeorpZEiRVF/bDUtvGiVnE8ajuoTUUwGS4iCs1oJ7pm9eus
ro3KO5UDzo4d9Bjt247SsD03k+1RQ5tsUZqH0gad6RfPzfiuolF4+bO9o+86bLlB
p7CZNNXKPo6PJU3+63q7hMLhH59BQzXPbFfPdiGNRTvp9rA1sazd7tIRp63aTD+q
rrkv7IJTWoi3/GzEXA3eEHJk1Vc+p3pTaEQjOrBdiZdEJAEAdbzkgadLHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAgkfrKHjTMwKCQNGjAaHQGe91SMB8GA1UdIwQY
MBaAFI8wKCyG8QRrkxJM8nDhFOXwJv9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjIt
Zjk4Nzk2ZjUxMDIyLzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjItZjk4Nzk2ZjUxMDIy
LzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1Geqi/d
zzACcN07V152sK4pkyCzaRnE8UBIiorU8eml4c1k5oCIsE2903rCJCR3QYgL05zW
TSfntcBQaXDPKvdYSsTqcPpWYpqhzIXztosnHE1D109KeRz8zcXtlq/QBESJbKp6
gdQDiY/UCgYqR726SdHf570sIeQsUZbx/ttNFuDkPGBaIs8aYwxYpEpH8FoXLqnH
W43fmrzAZxmRBjkmhvD/VjB8pMwyvuzammZTIbSecfCc7L9IDMohXRlL51MbYdZl
/SEdy2tD/dwgvsiKwnjyDee8w6gv2+rTezDagqsBeMzQho7Aq4FDoAFWfo24JmID
UO4K8i7qSm/O1g==
-----END CERTIFICATE-----