Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File:                     jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier:          Fqlu6lhHwipE6/1XnvLnjmFvYa1g6Q/e3qENrzA3990=
Subject key identifier:   A2:C0:72:D1:8B:FE:E9:1E:AD:8E:53:70:4D:C9:B6:D6:4C:F6:C4:A0
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer:       /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial:       019745F918606DE5F1DA07C2D4E7575BE32A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number:          052A
Signing time:             Fri 06 Jun 2025 16:00:41 +0000
Manifest this update:     Fri 06 Jun 2025 16:00:41 +0000
Manifest next update:     Sat 07 Jun 2025 16:00:41 +0000
Files and hashes:         1: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: MgN50SrcucajGSNybQ2C84HqSh5L+G9+ajlGgIesNcs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 16:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:f9:18:60:6d:e5:f1:da:07:c2:d4:e7:57:5b:e3:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
        Validity
            Not Before: Jun  6 16:00:41 2025 GMT
            Not After : Jun  7 16:00:41 2025 GMT
        Subject: CN=a2c072d18bfee91ead8e53704dc9b6d64cf6c4a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:40:f9:de:73:75:2f:4b:5f:1e:be:6b:ff:57:
                    38:8e:29:c2:05:9c:82:4a:f1:09:c1:70:30:e9:cd:
                    79:cf:2a:fb:1e:08:56:22:ca:16:67:b5:1e:06:f2:
                    d2:76:ea:df:3c:a2:e8:3d:b1:97:81:ad:05:cd:cc:
                    65:bd:1b:41:98:49:18:76:82:e8:aa:6d:42:61:d3:
                    c2:ed:93:a2:52:3d:6c:81:30:a7:ba:66:77:fe:79:
                    d2:cc:c7:94:61:57:1c:d9:bc:64:fe:c5:66:0c:25:
                    ed:ce:b7:2f:11:cc:74:81:77:8b:96:3f:35:26:c0:
                    b1:62:54:21:75:da:fc:9d:2a:f4:ec:5b:22:28:a9:
                    f7:e3:32:6e:99:49:cb:3c:5d:f3:6b:08:c3:84:d6:
                    23:16:ac:dd:2d:37:cf:42:87:ce:04:eb:80:47:4a:
                    5d:0e:b5:4b:47:3c:53:ac:72:96:7d:8d:8b:bd:e4:
                    ae:4d:92:45:0a:11:37:52:68:fa:37:e2:6b:fb:08:
                    1c:e8:38:c8:96:a3:fe:8e:1b:77:1a:56:05:9a:0d:
                    c1:f3:2a:3e:98:cb:69:ea:14:71:da:46:a7:7f:36:
                    c2:27:e4:c3:ee:a4:78:ea:4a:62:78:a6:13:d2:16:
                    90:db:73:c5:70:48:1b:55:7c:7d:65:eb:25:e9:0d:
                    00:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C0:72:D1:8B:FE:E9:1E:AD:8E:53:70:4D:C9:B6:D6:4C:F6:C4:A0
            X509v3 Authority Key Identifier:
                keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:e1:72:c9:fc:b3:24:20:3a:c6:82:c0:ac:96:1e:a6:d8:07:
         a0:0e:a2:cc:40:64:c3:f9:a4:e5:b4:a5:44:96:05:cd:d2:70:
         73:92:41:b8:99:ab:be:30:c8:6d:4a:b8:21:f0:00:74:a6:5f:
         24:8b:1e:47:ce:d8:52:14:ba:0c:74:be:78:74:10:e7:3b:2b:
         9a:f4:87:fa:2a:b2:1b:ee:d3:cc:ca:34:24:e6:89:ba:da:b6:
         7e:80:61:23:1b:45:d8:f3:65:c8:fb:5e:c9:81:6e:e4:84:01:
         e1:f8:50:bb:35:45:de:27:de:87:fa:b3:ab:e2:23:dd:08:7d:
         c3:7e:e3:12:00:a4:9e:72:ef:ab:4a:73:16:dc:60:4e:9a:de:
         02:87:2a:94:da:ff:16:3b:39:4b:f1:b5:16:f3:61:63:66:cd:
         6b:35:e0:8f:ba:ce:11:f0:0d:a9:44:37:af:4a:45:ca:ba:63:
         a5:ef:1d:d9:47:b2:0d:6c:25:c2:13:2e:7c:71:7e:2a:5d:eb:
         89:de:08:3a:da:ed:7c:75:7f:4b:5a:30:12:3d:10:47:96:dd:
         dc:03:23:3f:8f:89:2f:99:45:06:55:95:16:b7:8d:b1:07:ed:
         ce:d1:02:da:76:94:f8:3a:26:97:30:7e:53:df:f1:34:cd:ce:
         4a:70:f2:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdF+RhgbeXx2gfC1OdXW+MqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjUwNjA2MTYwMDQxWhcNMjUwNjA3MTYwMDQxWjAzMTEwLwYDVQQD
EyhhMmMwNzJkMThiZmVlOTFlYWQ4ZTUzNzA0ZGM5YjZkNjRjZjZjNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokD53nN1L0tfHr5r/1c4jinCBZyC
SvEJwXAw6c15zyr7HghWIsoWZ7UeBvLSdurfPKLoPbGXga0FzcxlvRtBmEkYdoLo
qm1CYdPC7ZOiUj1sgTCnumZ3/nnSzMeUYVcc2bxk/sVmDCXtzrcvEcx0gXeLlj81
JsCxYlQhddr8nSr07FsiKKn34zJumUnLPF3zawjDhNYjFqzdLTfPQofOBOuAR0pd
DrVLRzxTrHKWfY2LveSuTZJFChE3Umj6N+Jr+wgc6DjIlqP+jht3GlYFmg3B8yo+
mMtp6hRx2kanfzbCJ+TD7qR46kpieKYT0haQ23PFcEgbVXx9Zesl6Q0ACQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLActGL/ukerY5TcE3JttZM9sSgMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe+Fyyfyz
JCA6xoLArJYeptgHoA6izEBkw/mk5bSlRJYFzdJwc5JBuJmrvjDIbUq4IfAAdKZf
JIseR87YUhS6DHS+eHQQ5zsrmvSH+iqyG+7TzMo0JOaJutq2foBhIxtF2PNlyPte
yYFu5IQB4fhQuzVF3ifeh/qzq+Ij3Qh9w37jEgCknnLvq0pzFtxgTpreAocqlNr/
Fjs5S/G1FvNhY2bNazXgj7rOEfANqUQ3r0pFyrpjpe8d2UeyDWwlwhMufHF+Kl3r
id4IOtrtfHV/S1owEj0QR5bd3AMjP4+JL5lFBlWVFreNsQftztEC2naU+DomlzB+
U9/xNM3OSnDyEA==
-----END CERTIFICATE-----