Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
File:                     jzAoLIbxBGuTEkzycOEU5fAm_3M.mft (raw, json)
Hash identifier:          Uk/QEDHpSljAI8EqINJX6KE6oH1pyCZ6nk3i+iZI1LU=
Subject key identifier:   03:20:A6:CD:5C:84:F8:7F:60:AD:43:1E:36:82:E5:89:71:4D:D7:CF
Authority key identifier: 8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73
Certificate issuer:       /CN=8f30282c86f1046b93124cf270e114e5f026ff73
Certificate serial:       01976772C9B38D5230E792785AE16A119205
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
Manifest number:          0F4A
Signing time:             Fri 13 Jun 2025 04:01:05 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:05 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:05 +0000
Files and hashes:         1: jzAoLIbxBGuTEkzycOEU5fAm_3M.crl (hash: 8jvUlhmFceYg6bo1n7N41cEFSGsBp+qcauYwYtVjv3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:72:c9:b3:8d:52:30:e7:92:78:5a:e1:6a:11:92:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f30282c86f1046b93124cf270e114e5f026ff73
        Validity
            Not Before: Jun 13 04:01:05 2025 GMT
            Not After : Jun 14 04:01:05 2025 GMT
        Subject: CN=0320a6cd5c84f87f60ad431e3682e589714dd7cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:92:86:51:ac:c9:5d:03:27:6b:b1:c9:df:56:
                    14:53:74:ac:c0:47:59:b8:55:37:33:b1:d9:57:1c:
                    c2:72:49:ed:76:c2:81:bb:52:cc:42:77:95:d2:d9:
                    49:8f:f7:c4:cc:3c:b0:38:21:e1:30:78:95:db:a3:
                    ce:b5:88:41:b4:5e:ab:63:9b:b1:5f:c0:24:0a:27:
                    81:e1:2d:df:45:50:b8:42:e2:71:44:ef:0d:4f:f6:
                    9d:1c:cd:89:0a:5a:f4:21:c7:91:f5:aa:ec:69:0e:
                    e8:9a:dd:8c:52:d1:5e:63:82:07:23:8f:b4:81:35:
                    df:4d:1e:11:c0:52:5b:3e:eb:f1:d3:22:65:ea:04:
                    9f:43:4d:ad:b5:e7:d6:5d:8c:51:4c:92:f9:79:2c:
                    a5:1e:5e:77:eb:17:d3:5b:88:35:67:ff:14:2c:7d:
                    7f:42:b7:43:fe:23:0f:db:33:27:3d:f9:cf:6a:6a:
                    72:42:46:4b:4d:b6:db:16:3a:5a:cb:6f:41:fa:b7:
                    8c:ca:1b:e4:22:bb:47:68:22:5b:61:ed:be:af:9e:
                    44:a4:f0:f8:98:9f:24:82:2e:60:24:4a:6d:87:35:
                    77:ee:6f:b0:74:d9:6a:45:ce:7a:c5:ff:8f:3b:c5:
                    57:78:2f:dd:63:5f:30:d6:a8:8e:9f:bc:cd:26:f8:
                    43:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:20:A6:CD:5C:84:F8:7F:60:AD:43:1E:36:82:E5:89:71:4D:D7:CF
            X509v3 Authority Key Identifier:
                keyid:8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:66:94:f9:ae:23:e6:64:01:cb:89:cc:de:66:53:53:13:96:
         f0:93:a5:db:7e:e2:1c:7b:f3:02:45:b2:d8:85:89:48:98:c9:
         b6:1e:3a:43:af:3d:68:e4:1e:ba:95:68:3d:da:66:1c:a1:a8:
         d3:d7:4a:1f:d4:48:f0:b7:8a:c7:db:c1:f5:c8:48:e0:c6:a1:
         63:d0:81:3d:fc:36:c4:96:e3:7d:d4:ee:db:a8:a2:43:12:33:
         f1:c1:c9:00:70:3f:f8:79:5f:0b:9b:da:4f:8f:8d:9d:9d:94:
         03:16:ba:7d:3d:ff:7c:3d:e8:30:f6:fc:32:8c:fa:f0:03:b0:
         4b:31:a2:10:a1:26:fc:f4:c2:6a:06:40:1f:25:8d:72:36:b9:
         7d:01:5b:8d:e1:66:2d:b2:41:55:92:be:8e:ac:81:ea:c8:2e:
         2a:6a:e6:f1:d3:ab:b1:2e:7f:c5:af:6e:57:09:f5:4f:f4:04:
         29:7c:fa:ca:35:f5:ff:92:b7:2d:4f:37:a6:da:2e:5d:59:9b:
         49:9f:71:5a:1e:5d:93:9c:bd:6f:6f:41:71:02:67:28:26:3a:
         16:76:03:bc:9b:c2:e7:d1:12:29:6b:66:f9:44:e1:2e:28:7d:
         c5:09:f2:aa:bb:3b:a5:d6:08:ad:4a:3e:0b:95:cd:84:f1:d5:
         f7:65:26:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdncsmzjVIw55J4WuFqEZIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAyODJjODZmMTA0NmI5MzEyNGNmMjcwZTExNGU1ZjAy
NmZmNzMwHhcNMjUwNjEzMDQwMTA1WhcNMjUwNjE0MDQwMTA1WjAzMTEwLwYDVQQD
EygwMzIwYTZjZDVjODRmODdmNjBhZDQzMWUzNjgyZTU4OTcxNGRkN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZKGUazJXQMna7HJ31YUU3SswEdZ
uFU3M7HZVxzCckntdsKBu1LMQneV0tlJj/fEzDywOCHhMHiV26POtYhBtF6rY5ux
X8AkCieB4S3fRVC4QuJxRO8NT/adHM2JClr0IceR9arsaQ7omt2MUtFeY4IHI4+0
gTXfTR4RwFJbPuvx0yJl6gSfQ02ttefWXYxRTJL5eSylHl536xfTW4g1Z/8ULH1/
QrdD/iMP2zMnPfnPampyQkZLTbbbFjpay29B+reMyhvkIrtHaCJbYe2+r55EpPD4
mJ8kgi5gJEpthzV37m+wdNlqRc56xf+PO8VXeC/dY18w1qiOn7zNJvhDkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMgps1chPh/YK1DHjaC5YlxTdfPMB8GA1UdIwQY
MBaAFI8wKCyG8QRrkxJM8nDhFOXwJv9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjIt
Zjk4Nzk2ZjUxMDIyLzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjItZjk4Nzk2ZjUxMDIy
LzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv2aU+a4j
5mQBy4nM3mZTUxOW8JOl237iHHvzAkWy2IWJSJjJth46Q689aOQeupVoPdpmHKGo
09dKH9RI8LeKx9vB9chI4MahY9CBPfw2xJbjfdTu26iiQxIz8cHJAHA/+HlfC5va
T4+NnZ2UAxa6fT3/fD3oMPb8Moz68AOwSzGiEKEm/PTCagZAHyWNcja5fQFbjeFm
LbJBVZK+jqyB6sguKmrm8dOrsS5/xa9uVwn1T/QEKXz6yjX1/5K3LU83ptouXVmb
SZ9xWh5dk5y9b29BcQJnKCY6FnYDvJvC59ESKWtm+UThLih9xQnyqrs7pdYIrUo+
C5XNhPHV92UmKg==
-----END CERTIFICATE-----