Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
File:                     8H-pjVIdhMKNrsion3SIu86AAhU.mft (raw, json)
Hash identifier:          Y9GWCMEJIHV+l2XXTv91vMu/kxLKiV/nnKfMJo7H8Qg=
Subject key identifier:   DB:F6:10:51:85:15:2F:DB:3F:2E:38:D0:5C:5E:AC:A6:C3:7C:4C:A4
Authority key identifier: F0:7F:A9:8D:52:1D:84:C2:8D:AE:C8:A8:9F:74:88:BB:CE:80:02:15
Certificate issuer:       /CN=f07fa98d521d84c28daec8a89f7488bbce800215
Certificate serial:       01974E205612285EA412F8D08E516CE0D261
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
Manifest number:          01A2
Signing time:             Sun 08 Jun 2025 06:00:31 +0000
Manifest this update:     Sun 08 Jun 2025 06:00:31 +0000
Manifest next update:     Mon 09 Jun 2025 06:00:31 +0000
Files and hashes:         1: 8H-pjVIdhMKNrsion3SIu86AAhU.crl (hash: AWi89Z3HSo9gM/saySYfEpmayl1DP8PTRlJU1IaE7eA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 06:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:20:56:12:28:5e:a4:12:f8:d0:8e:51:6c:e0:d2:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f07fa98d521d84c28daec8a89f7488bbce800215
        Validity
            Not Before: Jun  8 06:00:31 2025 GMT
            Not After : Jun  9 06:00:31 2025 GMT
        Subject: CN=dbf6105185152fdb3f2e38d05c5eaca6c37c4ca4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c3:f7:29:0d:65:a9:69:a5:8a:b0:e9:64:67:
                    01:1a:37:11:78:b0:72:b8:2a:ad:f6:f8:09:fb:56:
                    fb:89:62:a9:a4:74:13:49:31:c0:89:1e:94:91:b3:
                    59:78:b9:c1:ac:29:26:fe:a4:50:cf:a4:12:43:cc:
                    9b:72:4a:c6:cf:36:c8:cc:9c:e8:74:63:e8:c1:8f:
                    76:69:b5:1d:fa:f5:91:8b:c7:f2:f7:76:1c:d2:03:
                    57:ad:8d:cb:c6:16:f2:20:01:6b:58:75:27:93:03:
                    8e:56:49:79:c0:9d:8d:9b:bc:72:eb:11:f6:b0:30:
                    7c:d2:cd:63:ce:c8:c1:b3:e4:0d:57:22:9c:e2:dd:
                    79:38:a5:36:89:4e:e1:cf:09:f6:2a:f5:af:96:75:
                    ef:a1:2b:1e:b9:ee:49:ef:56:dc:a8:bc:82:d0:da:
                    73:2c:55:76:d3:4b:03:71:5c:52:40:62:31:d4:d4:
                    23:91:0f:3e:99:15:3c:12:66:79:35:7e:81:70:42:
                    87:9b:36:67:c3:eb:ec:a9:27:20:26:98:6a:49:96:
                    f7:48:f6:cb:00:bd:c7:85:cc:91:64:53:98:1e:76:
                    86:96:5b:e5:01:d8:b6:55:ff:49:f0:b7:14:54:4f:
                    cd:bd:dd:34:25:fd:1f:e5:ce:f0:f6:0c:f0:cc:32:
                    22:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F6:10:51:85:15:2F:DB:3F:2E:38:D0:5C:5E:AC:A6:C3:7C:4C:A4
            X509v3 Authority Key Identifier:
                keyid:F0:7F:A9:8D:52:1D:84:C2:8D:AE:C8:A8:9F:74:88:BB:CE:80:02:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:2f:fe:da:aa:8d:98:1b:36:48:7a:26:27:49:1f:5e:64:92:
         15:c4:63:46:5d:19:20:32:aa:36:8a:eb:3a:60:fd:dc:3c:6b:
         77:5f:e0:13:6a:03:2a:46:83:21:2d:6f:53:2a:29:6e:ea:3b:
         70:7f:c9:de:55:08:3a:9b:43:bd:72:ac:7c:f2:ed:24:44:c7:
         5f:3e:c3:d9:a0:a6:9e:65:b4:17:e8:db:0d:ac:df:a9:10:bb:
         ea:0c:0e:78:ac:ac:86:d9:8f:9b:f3:d7:ef:c9:a2:42:1e:84:
         99:25:92:6a:2b:5b:01:df:e8:8c:d5:33:3a:be:28:5e:83:a1:
         f5:54:1a:a7:ac:fd:19:96:bf:44:2a:c8:36:03:04:ec:24:76:
         d5:81:a1:93:56:4a:fe:a3:13:12:83:d5:e1:81:4b:58:ba:32:
         e5:83:37:ff:ad:95:65:f0:92:fb:56:be:1d:ba:e3:39:35:ae:
         ea:1d:bc:9b:cf:72:6d:35:65:28:ee:c1:bb:d1:39:03:7d:6b:
         37:fe:d5:1f:9c:32:fd:13:f2:e6:e7:1e:f8:20:3e:34:c1:53:
         77:c6:d6:f0:7b:9d:09:64:39:2e:05:77:6f:57:4a:6a:2c:75:
         cd:b3:06:df:56:42:75:6a:b6:37:a7:c7:11:39:b7:33:f0:0f:
         47:c1:af:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOIFYSKF6kEvjQjlFs4NJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwN2ZhOThkNTIxZDg0YzI4ZGFlYzhhODlmNzQ4OGJiY2U4
MDAyMTUwHhcNMjUwNjA4MDYwMDMxWhcNMjUwNjA5MDYwMDMxWjAzMTEwLwYDVQQD
EyhkYmY2MTA1MTg1MTUyZmRiM2YyZTM4ZDA1YzVlYWNhNmMzN2M0Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8P3KQ1lqWmlirDpZGcBGjcReLBy
uCqt9vgJ+1b7iWKppHQTSTHAiR6UkbNZeLnBrCkm/qRQz6QSQ8ybckrGzzbIzJzo
dGPowY92abUd+vWRi8fy93Yc0gNXrY3LxhbyIAFrWHUnkwOOVkl5wJ2Nm7xy6xH2
sDB80s1jzsjBs+QNVyKc4t15OKU2iU7hzwn2KvWvlnXvoSseue5J71bcqLyC0Npz
LFV200sDcVxSQGIx1NQjkQ8+mRU8EmZ5NX6BcEKHmzZnw+vsqScgJphqSZb3SPbL
AL3HhcyRZFOYHnaGllvlAdi2Vf9J8LcUVE/Nvd00Jf0f5c7w9gzwzDIiMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNv2EFGFFS/bPy440FxerKbDfEykMB8GA1UdIwQY
MBaAFPB/qY1SHYTCja7IqJ90iLvOgAIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEgtcGpWSWRoTUtOcnNpb24zU0l1ODZBQWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMjVmODktNjM5Yi00ZjllLWFjOWQt
N2Q5MjhjMTMxNzI0LzEvOEgtcGpWSWRoTUtOcnNpb24zU0l1ODZBQWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMjVmODktNjM5Yi00ZjllLWFjOWQtN2Q5MjhjMTMxNzI0
LzEvOEgtcGpWSWRoTUtOcnNpb24zU0l1ODZBQWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABi/+2qqN
mBs2SHomJ0kfXmSSFcRjRl0ZIDKqNorrOmD93Dxrd1/gE2oDKkaDIS1vUyopbuo7
cH/J3lUIOptDvXKsfPLtJETHXz7D2aCmnmW0F+jbDazfqRC76gwOeKyshtmPm/PX
78miQh6EmSWSaitbAd/ojNUzOr4oXoOh9VQap6z9GZa/RCrINgME7CR21YGhk1ZK
/qMTEoPV4YFLWLoy5YM3/62VZfCS+1a+HbrjOTWu6h28m89ybTVlKO7Bu9E5A31r
N/7VH5wy/RPy5uce+CA+NMFTd8bW8HudCWQ5LgV3b1dKaix1zbMG31ZCdWq2N6fH
ETm3M/APR8Gv8A==
-----END CERTIFICATE-----