Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft
File:                     jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft (raw, json)
Hash identifier:          B1xUG4115jgBcAuXYFQ/kPgNPfvj5ErwP2Vl3SszFKA=
Subject key identifier:   33:78:3D:F2:D2:DB:5C:84:8B:2C:14:AB:BF:6D:88:EC:FD:7A:7D:F9
Authority key identifier: 8D:C2:97:EF:18:59:CA:33:75:97:06:BD:C6:EE:79:25:CF:A5:14:1D
Certificate issuer:       /CN=8dc297ef1859ca33759706bdc6ee7925cfa5141d
Certificate serial:       019510C6F3D25AF034A90FC11DA3A34F0AA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft
Manifest number:          0C33
Signing time:             Sun 16 Feb 2025 22:00:28 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:28 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:28 +0000
Files and hashes:         1: jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl (hash: 9TEVeeM/V6Czjtl+5IDGB4HC9ZXVk8XiyFcCuHGN6do=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:f3:d2:5a:f0:34:a9:0f:c1:1d:a3:a3:4f:0a:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8dc297ef1859ca33759706bdc6ee7925cfa5141d
        Validity
            Not Before: Feb 16 22:00:28 2025 GMT
            Not After : Feb 17 22:00:28 2025 GMT
        Subject: CN=33783df2d2db5c848b2c14abbf6d88ecfd7a7df9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fd:3f:92:e2:df:a9:41:c3:01:e1:3a:ea:4a:
                    43:6a:63:b1:1a:88:19:57:0d:d9:9c:a0:95:fb:06:
                    15:dc:f5:22:1b:dd:a0:af:fe:47:d9:b2:21:56:be:
                    c8:7f:11:5e:41:0f:05:6d:c4:e8:a0:7c:31:0a:17:
                    38:bc:02:6b:de:57:08:43:d5:4f:79:58:0b:6e:52:
                    f3:e8:f6:dc:b6:d4:70:14:ab:1a:5c:e1:19:28:0d:
                    2a:d4:1a:fd:0c:fc:45:a6:d7:ce:db:fd:82:7c:de:
                    e1:8d:0c:9e:2e:6e:1f:91:fc:3d:48:1f:2c:f3:d7:
                    de:84:4b:bb:1d:65:37:07:a2:5d:ad:80:2c:4b:8c:
                    08:b4:f9:51:8c:20:fb:8f:36:42:46:7b:53:2a:c1:
                    52:a2:e2:62:ee:18:8b:d6:5c:09:f7:51:ec:cc:dd:
                    41:08:f9:1a:3e:2e:c8:fd:9d:bb:e7:01:85:ef:bb:
                    c2:11:a2:48:08:6c:65:cf:ac:23:32:e0:da:00:74:
                    a6:44:3c:ec:96:f2:97:c9:8c:0a:4f:9d:15:01:cb:
                    32:b1:e1:49:70:81:80:24:20:c0:ba:8e:21:ec:85:
                    90:01:e7:46:1f:94:d3:dd:ad:15:ce:36:9d:7f:b4:
                    e0:3a:f8:ed:c6:1c:87:db:98:9c:07:c6:ea:ef:b7:
                    1a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:78:3D:F2:D2:DB:5C:84:8B:2C:14:AB:BF:6D:88:EC:FD:7A:7D:F9
            X509v3 Authority Key Identifier:
                keyid:8D:C2:97:EF:18:59:CA:33:75:97:06:BD:C6:EE:79:25:CF:A5:14:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:23:68:fa:df:51:08:0d:c3:be:83:3d:64:ac:36:a2:6c:be:
         7b:73:66:a0:f3:7e:a7:9b:fe:b4:e7:76:ed:6f:74:64:4b:a7:
         af:07:70:b2:99:c1:0d:1a:3e:63:16:02:fb:ca:e4:a7:dd:c8:
         22:80:8f:d1:5d:df:1c:68:54:4c:6c:50:cd:a5:9c:78:ab:d7:
         51:31:eb:d4:e7:62:18:6c:33:76:f9:52:d2:4c:5a:39:32:e1:
         9b:bd:13:69:18:15:0e:c6:59:16:b8:88:25:5a:d0:2c:1c:29:
         6c:5f:ae:ee:e3:f6:00:b8:70:6f:2e:ce:2b:65:17:f1:db:a7:
         97:7b:c1:81:51:34:3a:d0:91:e4:f0:8c:2f:de:e6:c4:2f:dd:
         30:eb:ef:e8:9a:f8:87:fa:b3:4e:79:67:f9:e1:39:12:b9:66:
         18:84:fe:ec:92:24:ea:8c:9f:a1:4e:4a:05:0d:cd:67:8d:4f:
         05:a2:52:f9:7b:92:06:1a:2c:46:f1:4c:f2:4b:94:7b:bb:32:
         65:fb:54:82:b7:cd:7f:c1:a3:ac:34:f3:aa:d1:8d:d3:af:9d:
         06:5d:8a:f1:eb:58:6e:88:da:d9:f2:7a:0c:eb:f7:8f:7f:1b:
         0e:3f:b2:b2:31:d0:14:9b:2a:ed:57:53:32:bf:08:1d:28:d9:
         c0:74:fa:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxvPSWvA0qQ/BHaOjTwqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzI5N2VmMTg1OWNhMzM3NTk3MDZiZGM2ZWU3OTI1Y2Zh
NTE0MWQwHhcNMjUwMjE2MjIwMDI4WhcNMjUwMjE3MjIwMDI4WjAzMTEwLwYDVQQD
EygzMzc4M2RmMmQyZGI1Yzg0OGIyYzE0YWJiZjZkODhlY2ZkN2E3ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf0/kuLfqUHDAeE66kpDamOxGogZ
Vw3ZnKCV+wYV3PUiG92gr/5H2bIhVr7IfxFeQQ8FbcTooHwxChc4vAJr3lcIQ9VP
eVgLblLz6PbcttRwFKsaXOEZKA0q1Br9DPxFptfO2/2CfN7hjQyeLm4fkfw9SB8s
89fehEu7HWU3B6JdrYAsS4wItPlRjCD7jzZCRntTKsFSouJi7hiL1lwJ91HszN1B
CPkaPi7I/Z275wGF77vCEaJICGxlz6wjMuDaAHSmRDzslvKXyYwKT50VAcsyseFJ
cIGAJCDAuo4h7IWQAedGH5TT3a0Vzjadf7TgOvjtxhyH25icB8bq77caVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDN4PfLS21yEiywUq79tiOz9en35MB8GA1UdIwQY
MBaAFI3Cl+8YWcozdZcGvcbueSXPpRQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hYWFmOTktYjFjNS00YmI1LTg5Mjgt
YjViYzc0Y2FhNDAyLzEvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hYWFmOTktYjFjNS00YmI1LTg5MjgtYjViYzc0Y2FhNDAy
LzEvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPiNo+t9R
CA3DvoM9ZKw2omy+e3NmoPN+p5v+tOd27W90ZEunrwdwspnBDRo+YxYC+8rkp93I
IoCP0V3fHGhUTGxQzaWceKvXUTHr1OdiGGwzdvlS0kxaOTLhm70TaRgVDsZZFriI
JVrQLBwpbF+u7uP2ALhwby7OK2UX8dunl3vBgVE0OtCR5PCML97mxC/dMOvv6Jr4
h/qzTnln+eE5ErlmGIT+7JIk6oyfoU5KBQ3NZ41PBaJS+XuSBhosRvFM8kuUe7sy
ZftUgrfNf8GjrDTzqtGN06+dBl2K8etYboja2fJ6DOv3j38bDj+ysjHQFJsq7VdT
Mr8IHSjZwHT6xA==
-----END CERTIFICATE-----