Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
File:                     jhTxdhHOtBMYStycGa71CKhJubI.mft (raw, json)
Hash identifier:          NwMmB0814V7E62Bumdv4gVK5qq3JUkQqs3uF52J7TLM=
Subject key identifier:   15:C6:88:3E:E7:B3:A9:F6:02:D4:C6:EE:A9:CD:E7:4E:96:87:1C:02
Authority key identifier: 8E:14:F1:76:11:CE:B4:13:18:4A:DC:9C:19:AE:F5:08:A8:49:B9:B2
Certificate issuer:       /CN=8e14f17611ceb413184adc9c19aef508a849b9b2
Certificate serial:       01965500E15ECDACB55E1C565177107BB898
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 21:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 21:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 21:00:42 +0000
Files and hashes:         1: jhTxdhHOtBMYStycGa71CKhJubI.crl (hash: /IozTeohHEa70EdWEzAXPvAz/BteLZ7odf/bP3E9oYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 21:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:00:e1:5e:cd:ac:b5:5e:1c:56:51:77:10:7b:b8:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e14f17611ceb413184adc9c19aef508a849b9b2
        Validity
            Not Before: Apr 20 21:00:42 2025 GMT
            Not After : Apr 21 21:00:42 2025 GMT
        Subject: CN=15c6883ee7b3a9f602d4c6eea9cde74e96871c02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:df:86:c3:80:16:91:fb:3e:36:e9:b2:8f:f7:
                    66:7c:0c:56:18:d0:a6:e6:98:48:21:42:97:d3:84:
                    1c:af:10:bf:2b:2b:cd:99:60:38:64:6e:ee:d8:c2:
                    af:d3:00:8b:5f:95:2b:db:12:44:da:41:71:d8:8e:
                    5e:98:5d:40:08:42:62:b9:35:78:ff:6e:3d:c6:ca:
                    87:ee:87:c2:40:cc:2d:77:35:ac:12:5c:32:48:d4:
                    1a:80:06:f8:80:a9:c9:92:74:c7:aa:93:b8:77:71:
                    2e:40:5d:9a:fe:e7:9d:95:51:15:a2:cb:ca:cb:ae:
                    6e:76:3c:15:f5:cb:a9:a3:aa:b7:bf:37:25:2d:92:
                    2d:39:d6:cb:97:c8:3b:e7:56:7f:8f:36:dc:2a:60:
                    ed:4c:dc:69:5a:73:a3:48:37:02:6d:d1:25:26:2b:
                    cd:cf:f5:5e:cf:77:cf:9e:59:74:9a:b8:16:ad:17:
                    25:10:61:6c:a3:73:35:87:c3:d3:94:a3:cc:42:51:
                    28:e5:3f:7e:f9:5b:72:21:31:d1:21:1d:8c:c9:e6:
                    8b:ff:81:d7:0b:eb:26:14:32:62:0e:a6:83:83:ab:
                    98:ec:18:ec:f0:8d:49:6c:9a:64:3a:01:38:16:49:
                    a5:c2:56:be:f6:a7:c0:8f:59:6e:d3:dd:2c:b1:d2:
                    91:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:C6:88:3E:E7:B3:A9:F6:02:D4:C6:EE:A9:CD:E7:4E:96:87:1C:02
            X509v3 Authority Key Identifier:
                keyid:8E:14:F1:76:11:CE:B4:13:18:4A:DC:9C:19:AE:F5:08:A8:49:B9:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:f3:76:39:b7:26:29:ea:35:45:54:ec:51:0b:6d:df:a3:74:
         85:e2:17:0a:f3:61:31:9f:04:c8:4a:29:77:0d:f7:ea:f1:8f:
         88:a3:ee:bc:a1:85:c1:e3:73:98:d6:be:fb:39:e0:c4:ac:37:
         58:4c:8a:4b:84:24:e5:ac:4c:e7:66:c8:0e:5b:4e:ce:82:af:
         fa:a4:b2:42:21:5d:0e:84:ba:2c:be:df:e9:1b:a1:61:68:87:
         fd:bf:c2:f5:da:5c:30:b0:fa:e1:cb:1c:e8:9d:84:46:e3:3c:
         37:39:c7:d9:34:1f:75:cb:ef:9c:ee:aa:42:a6:0e:68:bf:7e:
         f2:7c:5c:d6:ba:a8:bb:a9:48:14:30:a8:47:cb:fb:3a:62:0a:
         34:7d:55:f2:ba:6c:16:4c:62:2b:86:a6:06:b8:b8:5c:20:ac:
         fe:de:f4:37:6e:84:7c:4c:3c:7f:af:03:b0:ca:7e:ba:c2:15:
         ab:ca:07:fa:96:6d:40:03:2a:7a:7f:d8:47:d8:87:24:16:04:
         b2:23:74:58:1c:26:80:1f:5e:13:fc:2c:1b:38:ca:14:7a:cf:
         05:87:92:97:cc:74:dc:9a:48:68:c3:33:b4:6b:ba:c5:36:07:
         c6:2c:dd:e0:d2:ee:fc:9e:58:d2:d5:06:9d:60:2e:09:cd:d1:
         90:de:71:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVAOFezay1XhxWUXcQe7iYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMTRmMTc2MTFjZWI0MTMxODRhZGM5YzE5YWVmNTA4YTg0
OWI5YjIwHhcNMjUwNDIwMjEwMDQyWhcNMjUwNDIxMjEwMDQyWjAzMTEwLwYDVQQD
EygxNWM2ODgzZWU3YjNhOWY2MDJkNGM2ZWVhOWNkZTc0ZTk2ODcxYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9+Gw4AWkfs+Numyj/dmfAxWGNCm
5phIIUKX04QcrxC/KyvNmWA4ZG7u2MKv0wCLX5Ur2xJE2kFx2I5emF1ACEJiuTV4
/249xsqH7ofCQMwtdzWsElwySNQagAb4gKnJknTHqpO4d3EuQF2a/uedlVEVosvK
y65udjwV9cupo6q3vzclLZItOdbLl8g751Z/jzbcKmDtTNxpWnOjSDcCbdElJivN
z/Vez3fPnll0mrgWrRclEGFso3M1h8PTlKPMQlEo5T9++VtyITHRIR2MyeaL/4HX
C+smFDJiDqaDg6uY7Bjs8I1JbJpkOgE4Fkmlwla+9qfAj1lu090ssdKROQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXGiD7ns6n2AtTG7qnN506WhxwCMB8GA1UdIwQY
MBaAFI4U8XYRzrQTGErcnBmu9QioSbmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS84MWQ1NmQtMWY1Mi00YTliLTk1OTEt
NzIwZmQzYTFlZWYzLzEvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS84MWQ1NmQtMWY1Mi00YTliLTk1OTEtNzIwZmQzYTFlZWYz
LzEvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr/N2Obcm
Keo1RVTsUQtt36N0heIXCvNhMZ8EyEopdw336vGPiKPuvKGFweNzmNa++zngxKw3
WEyKS4Qk5axM52bIDltOzoKv+qSyQiFdDoS6LL7f6RuhYWiH/b/C9dpcMLD64csc
6J2ERuM8NznH2TQfdcvvnO6qQqYOaL9+8nxc1rqou6lIFDCoR8v7OmIKNH1V8rps
FkxiK4amBri4XCCs/t70N26EfEw8f68DsMp+usIVq8oH+pZtQAMqen/YR9iHJBYE
siN0WBwmgB9eE/wsGzjKFHrPBYeSl8x03JpIaMMztGu6xTYHxizd4NLu/J5Y0tUG
nWAuCc3RkN5xqg==
-----END CERTIFICATE-----