Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          2jpUO77HRiOvAum0vFVFceAwAxsiBrkZ95Ju8eEq9TA=
Subject key identifier:   4E:BF:D6:0E:DF:E0:F9:F7:7D:E1:6C:78:70:C8:66:51:F3:0B:B8:CF
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       01974EFC4D4E03A8425E720B3AA3B32F915F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0954
Signing time:             Sun 08 Jun 2025 10:00:47 +0000
Manifest this update:     Sun 08 Jun 2025 10:00:47 +0000
Manifest next update:     Mon 09 Jun 2025 10:00:47 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: JgNe3+qcRGYnk/euFp/8FM1a8wvbqhy/hU6kKT50W2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:fc:4d:4e:03:a8:42:5e:72:0b:3a:a3:b3:2f:91:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Jun  8 10:00:47 2025 GMT
            Not After : Jun  9 10:00:47 2025 GMT
        Subject: CN=4ebfd60edfe0f9f77de16c7870c86651f30bb8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:61:1a:b3:9d:03:2f:a0:92:ff:29:14:0c:b0:
                    6f:b0:f3:a1:53:66:45:db:e9:da:bb:55:1e:f3:55:
                    4e:2e:8a:4c:de:e3:29:62:56:8f:b1:d1:93:e2:be:
                    a2:a1:28:3a:45:31:46:1c:1a:29:f4:81:59:c4:da:
                    35:45:bd:f3:c0:2b:a7:72:77:f0:c9:5e:69:67:68:
                    75:12:da:cb:80:8c:f7:8a:83:57:9e:05:47:85:64:
                    d4:ad:61:4a:ec:de:dc:62:6e:3a:f1:ba:3d:f4:76:
                    8a:cc:b0:02:de:ee:1c:d4:4c:78:89:db:e2:47:0e:
                    2b:c8:82:01:81:7e:91:c1:23:68:a9:2c:cc:c7:3e:
                    46:55:a1:b0:2a:bf:ca:83:cd:b6:db:fa:47:8f:fb:
                    ef:2a:20:4e:ac:60:4f:eb:a8:02:4e:60:53:2b:a1:
                    d9:42:60:0d:6f:d6:44:f2:8d:c6:b9:5b:a4:43:f3:
                    d2:b0:f0:5d:90:3e:5c:ab:c8:cb:2b:07:d8:20:b8:
                    e1:5a:71:b4:a6:0c:fa:dc:7d:6f:27:3c:f7:28:d1:
                    53:31:6d:7e:90:8a:11:3c:1c:34:84:7d:e4:0c:a7:
                    1d:5f:f5:b4:28:43:f0:7d:34:3c:f9:33:94:2f:76:
                    13:b6:8c:04:4e:bf:84:47:9b:1d:73:81:da:4e:fe:
                    11:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:BF:D6:0E:DF:E0:F9:F7:7D:E1:6C:78:70:C8:66:51:F3:0B:B8:CF
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:07:8d:fc:1e:65:fc:6c:fd:37:b6:e8:c0:ae:c1:89:f7:fd:
         75:23:18:fb:7d:f2:f9:23:86:99:ca:65:0f:38:ce:28:fe:e5:
         79:53:75:fd:cc:3c:a9:c7:b8:a5:91:90:d4:6d:bd:2b:47:22:
         67:de:04:90:05:2f:16:48:4b:9a:10:00:e3:88:ba:df:db:35:
         98:a5:52:31:7d:39:cd:66:ad:c7:33:f0:3b:e8:16:bf:e8:72:
         da:fe:47:b1:2c:a7:a7:49:80:32:5d:05:cd:54:65:85:2f:71:
         d2:93:e5:90:ff:33:5c:9c:c7:f4:ae:09:09:2b:61:22:99:58:
         6e:a6:6d:96:42:0f:9a:7c:dc:76:32:b0:b2:9e:be:c1:71:91:
         c0:14:73:57:6e:e4:41:75:14:fe:e0:df:b9:bf:c0:5a:7d:45:
         a8:48:1d:60:97:c0:09:3f:cb:99:9c:16:42:79:50:38:8a:bd:
         73:eb:dd:d9:93:e0:dc:b0:5e:d7:39:b0:90:94:51:22:46:45:
         97:cc:48:a3:f7:fe:05:a7:3d:f9:76:7a:e2:07:30:7f:7f:3d:
         e1:b5:4c:49:1a:28:63:65:60:13:be:44:59:a3:b3:91:16:0b:
         4f:c9:7c:a2:58:8d:6a:bc:59:4a:28:07:ae:84:4d:f0:da:d4:
         a5:db:8e:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdO/E1OA6hCXnILOqOzL5FfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjUwNjA4MTAwMDQ3WhcNMjUwNjA5MTAwMDQ3WjAzMTEwLwYDVQQD
Eyg0ZWJmZDYwZWRmZTBmOWY3N2RlMTZjNzg3MGM4NjY1MWYzMGJiOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWEas50DL6CS/ykUDLBvsPOhU2ZF
2+nau1Ue81VOLopM3uMpYlaPsdGT4r6ioSg6RTFGHBop9IFZxNo1Rb3zwCuncnfw
yV5pZ2h1EtrLgIz3ioNXngVHhWTUrWFK7N7cYm468bo99HaKzLAC3u4c1Ex4idvi
Rw4ryIIBgX6RwSNoqSzMxz5GVaGwKr/Kg8222/pHj/vvKiBOrGBP66gCTmBTK6HZ
QmANb9ZE8o3GuVukQ/PSsPBdkD5cq8jLKwfYILjhWnG0pgz63H1vJzz3KNFTMW1+
kIoRPBw0hH3kDKcdX/W0KEPwfTQ8+TOUL3YTtowETr+ER5sdc4HaTv4RMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6/1g7f4Pn3feFseHDIZlHzC7jPMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQeN/B5l
/Gz9N7bowK7Biff9dSMY+33y+SOGmcplDzjOKP7leVN1/cw8qce4pZGQ1G29K0ci
Z94EkAUvFkhLmhAA44i639s1mKVSMX05zWatxzPwO+gWv+hy2v5HsSynp0mAMl0F
zVRlhS9x0pPlkP8zXJzH9K4JCSthIplYbqZtlkIPmnzcdjKwsp6+wXGRwBRzV27k
QXUU/uDfub/AWn1FqEgdYJfACT/LmZwWQnlQOIq9c+vd2ZPg3LBe1zmwkJRRIkZF
l8xIo/f+Bac9+XZ64gcwf3894bVMSRooY2VgE75EWaOzkRYLT8l8oliNarxZSigH
roRN8NrUpduODg==
-----END CERTIFICATE-----