Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
File:                     JlNDThz2kK0m1HoDs_w1qAKnm1g.mft (raw, json)
Hash identifier:          Txt6pxdu7KOTV2SEtCdCAUNug9GqFQV6UKzDIRhfjz4=
Subject key identifier:   5B:F0:95:C7:12:70:9C:EA:8F:A1:E8:FD:02:C7:1A:E9:29:33:C6:01
Authority key identifier: 26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
Certificate issuer:       /CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Certificate serial:       01974A7AED2480D5EF1FC525FA6B37AAC5F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
Manifest number:          086B
Signing time:             Sat 07 Jun 2025 13:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:59 +0000
Files and hashes:         1: JlNDThz2kK0m1HoDs_w1qAKnm1g.crl (hash: Kpj/DThALTHTUc5dk9qXTpEaEGxtqRXROGBfifpZN4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:ed:24:80:d5:ef:1f:c5:25:fa:6b:37:aa:c5:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
        Validity
            Not Before: Jun  7 13:00:59 2025 GMT
            Not After : Jun  8 13:00:59 2025 GMT
        Subject: CN=5bf095c712709cea8fa1e8fd02c71ae92933c601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4a:b1:30:1a:8e:8a:f6:a2:7c:af:bf:87:7a:
                    0c:09:eb:22:3d:f8:ed:d2:41:a9:4e:fc:f3:26:66:
                    4b:79:53:b5:05:fe:94:62:b0:e5:43:9f:38:0f:9c:
                    70:2d:d7:7f:1f:b4:32:29:46:49:63:3e:2e:7b:0d:
                    d7:01:f8:5a:7a:9d:d5:e7:67:a5:b1:58:fc:b9:3c:
                    4e:d0:73:cf:c4:69:a9:b7:9c:03:2f:a1:99:5f:c5:
                    33:81:3f:f5:47:80:55:74:61:95:ae:dd:59:88:5e:
                    d6:9f:64:60:c5:f2:3a:c0:54:7b:bc:78:54:39:a0:
                    87:2a:70:e2:b7:2a:f3:5b:03:ac:dc:8f:1c:49:db:
                    cd:59:36:06:15:3c:8d:b9:bc:32:8e:35:48:0b:5f:
                    f0:e4:71:89:af:e0:36:24:29:8b:05:3b:8a:c9:3f:
                    ec:a0:4a:6b:94:01:85:0c:36:4b:54:cb:2d:6b:6b:
                    e1:96:67:7d:6f:2a:19:3d:03:e0:01:cc:8f:3c:a2:
                    2e:2a:90:aa:58:76:70:2a:4e:97:18:ae:aa:38:46:
                    3c:c8:80:ef:b1:5e:af:51:79:10:e8:52:90:6b:76:
                    5d:9b:15:1c:12:29:22:21:fc:af:dc:d7:43:61:39:
                    29:32:90:dc:24:66:a3:8d:84:24:e7:a9:8f:9f:33:
                    2f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:F0:95:C7:12:70:9C:EA:8F:A1:E8:FD:02:C7:1A:E9:29:33:C6:01
            X509v3 Authority Key Identifier:
                keyid:26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:b9:12:51:d0:c3:2d:8e:82:35:5f:fc:84:96:34:1b:6f:48:
         5c:ac:9d:bd:3e:8b:cb:d5:fc:d2:15:f1:bc:c7:6b:b8:38:6e:
         aa:14:1a:12:7b:95:21:a9:9f:33:24:2d:d2:7b:bd:9a:54:db:
         6c:6e:66:f6:67:3d:63:1f:16:61:a8:51:b7:ce:c9:71:cc:08:
         36:bf:cf:98:52:3c:5d:92:c9:be:24:a5:81:55:69:eb:9b:09:
         53:dc:c3:4f:b9:c1:ca:98:f4:f3:07:cf:07:01:b1:7e:e3:41:
         30:9a:8f:c7:38:0f:29:ca:db:67:a0:b2:5f:c2:c6:1a:81:a8:
         be:b4:20:1f:e4:7a:73:03:1a:1d:6e:bc:90:f2:11:51:f5:f8:
         3b:0a:a4:f4:a0:39:43:11:5c:b7:30:a6:74:df:29:8c:e0:c9:
         b5:88:c5:b7:10:1a:3b:96:2f:8b:0d:4d:2a:35:5f:58:6f:7d:
         2d:56:f5:e0:99:c0:fd:5b:74:9e:21:43:33:79:da:3d:43:93:
         c7:bb:b6:4f:ad:25:b0:34:e0:20:9f:50:01:ef:da:aa:6d:cc:
         4e:9b:0d:80:0d:f9:0c:58:da:05:8c:a2:5a:37:c3:98:ca:39:
         a2:49:34:30:90:bf:e2:71:63:7c:5c:40:39:d4:ae:ef:64:90:
         97:06:52:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeu0kgNXvH8Ul+ms3qsX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTM0MzRlMWNmNjkwYWQyNmQ0N2EwM2IzZmMzNWE4MDJh
NzliNTgwHhcNMjUwNjA3MTMwMDU5WhcNMjUwNjA4MTMwMDU5WjAzMTEwLwYDVQQD
Eyg1YmYwOTVjNzEyNzA5Y2VhOGZhMWU4ZmQwMmM3MWFlOTI5MzNjNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkqxMBqOivaifK+/h3oMCesiPfjt
0kGpTvzzJmZLeVO1Bf6UYrDlQ584D5xwLdd/H7QyKUZJYz4uew3XAfhaep3V52el
sVj8uTxO0HPPxGmpt5wDL6GZX8UzgT/1R4BVdGGVrt1ZiF7Wn2RgxfI6wFR7vHhU
OaCHKnDityrzWwOs3I8cSdvNWTYGFTyNubwyjjVIC1/w5HGJr+A2JCmLBTuKyT/s
oEprlAGFDDZLVMsta2vhlmd9byoZPQPgAcyPPKIuKpCqWHZwKk6XGK6qOEY8yIDv
sV6vUXkQ6FKQa3ZdmxUcEikiIfyv3NdDYTkpMpDcJGajjYQk56mPnzMvrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvwlccScJzqj6Ho/QLHGukpM8YBMB8GA1UdIwQY
MBaAFCZTQ04c9pCtJtR6A7P8NagCp5tYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUt
Y2JhNWQ5NzhmMzcxLzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUtY2JhNWQ5NzhmMzcx
LzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbkSUdDD
LY6CNV/8hJY0G29IXKydvT6Ly9X80hXxvMdruDhuqhQaEnuVIamfMyQt0nu9mlTb
bG5m9mc9Yx8WYahRt87JccwINr/PmFI8XZLJviSlgVVp65sJU9zDT7nBypj08wfP
BwGxfuNBMJqPxzgPKcrbZ6CyX8LGGoGovrQgH+R6cwMaHW68kPIRUfX4Owqk9KA5
QxFctzCmdN8pjODJtYjFtxAaO5Yviw1NKjVfWG99LVb14JnA/Vt0niFDM3naPUOT
x7u2T60lsDTgIJ9QAe/aqm3MTpsNgA35DFjaBYyiWjfDmMo5okk0MJC/4nFjfFxA
OdSu72SQlwZS9w==
-----END CERTIFICATE-----