Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          Mpw78mkQTRWf1cECN3k+Pbc+XnIPi7kl5v2jAIg7sww=
Subject key identifier:   24:A6:43:C3:0B:C0:55:24:78:28:7D:C4:13:70:95:05:EB:2A:75:0C
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       0194C42CA28E417E3AE43EBFDF63C7CC0526
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0803
Signing time:             Sun 02 Feb 2025 01:00:46 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:46 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:46 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: Gh+XYn+KG4p2DEbfoLc/hPgNX/7R03mtczYWBSUoLNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:a2:8e:41:7e:3a:e4:3e:bf:df:63:c7:cc:05:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Feb  2 01:00:46 2025 GMT
            Not After : Feb  3 01:00:46 2025 GMT
        Subject: CN=24a643c30bc0552478287dc413709505eb2a750c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:02:53:13:25:7b:de:43:75:f2:fc:a7:43:7a:
                    5a:b7:83:04:e3:6a:9d:80:79:04:5f:89:01:97:25:
                    e6:71:e2:9a:46:28:77:5e:51:e6:48:1f:fb:a8:92:
                    f8:df:b0:5e:c9:d0:93:23:cf:09:81:ec:91:5b:a8:
                    89:7e:76:4a:d7:c4:77:2d:8d:06:98:d4:5e:b2:a9:
                    19:26:a4:05:79:71:c6:5d:9e:83:09:52:61:09:d2:
                    eb:ec:f7:3d:8f:93:9d:e7:1a:e2:da:3f:6f:19:a8:
                    3a:f0:61:ea:99:f8:aa:44:03:b5:97:22:e4:94:2b:
                    10:74:d4:2d:3e:8f:27:ef:c2:78:48:72:d3:58:f0:
                    d5:70:12:0e:81:8b:80:21:2d:fe:ce:88:dd:ce:7a:
                    3a:e8:96:25:7c:de:43:99:2f:5c:c6:08:4e:bf:df:
                    da:9f:48:ab:9c:20:ef:dd:14:c7:d6:f9:6f:42:52:
                    f1:50:7f:e3:74:a8:57:21:e5:86:dd:19:68:47:ef:
                    19:f2:98:14:ec:05:e1:93:61:f7:d1:61:0f:e9:8d:
                    0e:46:90:3d:ed:0d:fc:88:84:e5:16:45:cb:6e:0e:
                    fd:c2:6d:fa:e5:17:48:73:47:fa:e2:33:1c:6b:24:
                    83:3d:02:51:d3:c3:bd:c7:f7:7e:fa:d6:63:1c:76:
                    cc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:A6:43:C3:0B:C0:55:24:78:28:7D:C4:13:70:95:05:EB:2A:75:0C
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:ab:60:ae:d8:21:1b:db:ef:e5:50:58:84:98:1d:66:b0:81:
         63:8b:ee:4a:51:27:46:37:18:84:d4:ff:3d:bb:d4:cf:b8:28:
         bd:f6:24:81:71:cb:af:6e:9c:54:46:20:c9:d9:ed:ec:61:31:
         ac:3c:3f:f9:21:35:7f:78:57:55:67:7d:fb:a1:d7:23:66:d2:
         39:db:78:69:1f:3f:cf:39:47:27:e3:12:d6:e4:e4:12:e5:c5:
         c7:ad:9f:d5:48:fa:2b:07:30:40:5c:24:8c:9a:3b:ee:38:9d:
         3a:5d:60:11:f3:c0:41:00:f5:36:ed:7f:76:88:fc:cf:9f:af:
         ae:d4:9b:85:8a:47:2f:d0:85:ba:84:96:83:0b:14:4c:2a:f2:
         7d:1f:06:a0:87:8a:64:c3:4b:5d:49:cf:32:ef:40:1a:15:2c:
         85:36:0e:46:10:67:5e:af:4d:f1:10:58:38:68:44:cb:37:2d:
         80:19:f1:f1:ca:2f:c8:3a:f0:58:f4:a2:ae:d5:7c:a7:0b:d8:
         c6:89:7d:a4:c0:0e:79:f7:a8:04:89:ea:d5:26:ba:4b:04:18:
         b1:11:81:4c:8f:74:ef:c7:06:f1:a8:46:00:65:75:39:80:79:
         0b:ab:7f:70:94:f0:65:b6:56:c9:0f:57:fd:33:68:a6:93:eb:
         bc:32:08:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELKKOQX465D6/32PHzAUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjUwMjAyMDEwMDQ2WhcNMjUwMjAzMDEwMDQ2WjAzMTEwLwYDVQQD
EygyNGE2NDNjMzBiYzA1NTI0NzgyODdkYzQxMzcwOTUwNWViMmE3NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAJTEyV73kN18vynQ3pat4ME42qd
gHkEX4kBlyXmceKaRih3XlHmSB/7qJL437BeydCTI88JgeyRW6iJfnZK18R3LY0G
mNResqkZJqQFeXHGXZ6DCVJhCdLr7Pc9j5Od5xri2j9vGag68GHqmfiqRAO1lyLk
lCsQdNQtPo8n78J4SHLTWPDVcBIOgYuAIS3+zojdzno66JYlfN5DmS9cxghOv9/a
n0irnCDv3RTH1vlvQlLxUH/jdKhXIeWG3RloR+8Z8pgU7AXhk2H30WEP6Y0ORpA9
7Q38iITlFkXLbg79wm365RdIc0f64jMcaySDPQJR08O9x/d++tZjHHbMUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSmQ8MLwFUkeCh9xBNwlQXrKnUMMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKtgrtgh
G9vv5VBYhJgdZrCBY4vuSlEnRjcYhNT/PbvUz7govfYkgXHLr26cVEYgydnt7GEx
rDw/+SE1f3hXVWd9+6HXI2bSOdt4aR8/zzlHJ+MS1uTkEuXFx62f1Uj6KwcwQFwk
jJo77jidOl1gEfPAQQD1Nu1/doj8z5+vrtSbhYpHL9CFuoSWgwsUTCryfR8GoIeK
ZMNLXUnPMu9AGhUshTYORhBnXq9N8RBYOGhEyzctgBnx8covyDrwWPSirtV8pwvY
xol9pMAOefeoBInq1Sa6SwQYsRGBTI9078cG8ahGAGV1OYB5C6t/cJTwZbZWyQ9X
/TNoppPrvDIIrA==
-----END CERTIFICATE-----