Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          u4dfk9+9vidUf+ZTo8wcfnoH3URToH09XFlCkRecybM=
Subject key identifier:   32:4D:62:40:E0:8F:AE:62:CD:28:D3:6D:12:70:0C:24:C6:9D:6D:D0
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       019745C257B56A16B8D7A0D32D7299E1DE61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0682
Signing time:             Fri 06 Jun 2025 15:00:53 +0000
Manifest this update:     Fri 06 Jun 2025 15:00:53 +0000
Manifest next update:     Sat 07 Jun 2025 15:00:53 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: hbXPgM1adtfzsd0OpcsL0ECl/csoXmxrnzrIuN1QVz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:c2:57:b5:6a:16:b8:d7:a0:d3:2d:72:99:e1:de:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: Jun  6 15:00:53 2025 GMT
            Not After : Jun  7 15:00:53 2025 GMT
        Subject: CN=324d6240e08fae62cd28d36d12700c24c69d6dd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9b:4e:d6:4b:ca:10:5a:07:1d:aa:10:3e:08:
                    3c:d5:de:af:b3:56:59:b1:65:d8:a9:82:f1:43:71:
                    10:6b:9b:77:03:79:a4:b9:ba:37:e4:9b:0c:6b:83:
                    f1:62:cf:97:95:c1:ef:94:33:4e:6f:23:d2:ce:27:
                    f2:b6:fa:7b:83:3f:92:ac:b3:e9:cd:b3:1a:6c:a1:
                    bb:d5:fc:70:a6:8a:ff:77:87:ff:20:8f:f7:36:81:
                    67:26:f5:56:e7:9c:72:17:f2:96:ca:f0:60:61:e9:
                    02:4c:0b:ee:9f:5d:9b:c6:74:9c:a2:a9:33:6a:c3:
                    17:5e:f0:7f:ca:c4:e8:1f:22:61:20:91:bb:27:8d:
                    2e:be:3a:15:89:48:2e:d4:e5:39:0b:88:0b:74:0b:
                    c4:b7:29:eb:6e:c9:c8:aa:fd:d2:42:fd:06:c8:67:
                    fd:6d:88:d1:06:25:49:7a:9e:9d:49:39:27:30:b5:
                    21:31:76:d8:33:b4:2f:1c:d9:22:92:b5:d3:bb:e8:
                    97:78:ca:cd:38:39:26:35:5e:ae:70:1c:8b:97:16:
                    01:e7:f6:27:73:46:9d:9c:29:90:45:6c:e0:67:21:
                    a6:e3:ec:de:0c:47:01:49:a3:e5:bf:f3:d6:cf:e2:
                    45:7e:c6:ac:93:46:75:55:1b:7d:c4:32:3c:47:0b:
                    ca:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:4D:62:40:E0:8F:AE:62:CD:28:D3:6D:12:70:0C:24:C6:9D:6D:D0
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:43:6d:be:a0:89:e3:ac:2f:4a:cc:78:47:a8:61:fe:d5:d1:
         2d:00:fd:f0:47:6a:2f:30:3a:8b:89:0d:ce:aa:ce:08:02:b7:
         b9:38:21:d8:5d:a6:b6:10:53:0e:28:63:25:9d:64:2f:67:7c:
         c2:91:f1:52:17:62:20:58:d7:2c:ef:03:55:a5:09:b7:55:ec:
         21:f3:89:6c:76:8a:c4:7c:e4:67:8d:89:79:31:29:3c:a8:c4:
         98:5c:6e:73:53:0f:7a:cc:a0:aa:65:43:0f:51:5e:9e:5f:2c:
         9c:6d:29:95:f7:68:56:e4:49:31:46:9c:49:e7:d7:c4:91:96:
         22:c8:df:24:ee:af:e7:2a:d2:e7:0c:55:71:c8:2e:93:90:d3:
         45:24:64:34:b5:75:ba:55:95:10:fd:6e:85:41:40:49:ba:8e:
         cb:6a:b5:46:32:89:9d:9b:f4:0d:32:3e:35:9c:bf:f5:69:61:
         3d:7e:23:e7:15:2d:29:90:8e:8b:06:e5:66:04:7e:ae:60:75:
         79:df:3b:76:76:15:cc:5f:f1:90:96:8a:bb:43:b4:8d:7b:82:
         1e:27:00:ff:78:67:3a:33:f9:b9:52:4a:70:cc:21:66:3a:3a:
         bd:53:84:f8:1a:3c:1b:12:47:25:bb:72:74:bd:2c:0b:14:97:
         9c:9f:42:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdFwle1aha416DTLXKZ4d5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjUwNjA2MTUwMDUzWhcNMjUwNjA3MTUwMDUzWjAzMTEwLwYDVQQD
EygzMjRkNjI0MGUwOGZhZTYyY2QyOGQzNmQxMjcwMGMyNGM2OWQ2ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvptO1kvKEFoHHaoQPgg81d6vs1ZZ
sWXYqYLxQ3EQa5t3A3mkubo35JsMa4PxYs+XlcHvlDNObyPSzifytvp7gz+SrLPp
zbMabKG71fxwpor/d4f/II/3NoFnJvVW55xyF/KWyvBgYekCTAvun12bxnScoqkz
asMXXvB/ysToHyJhIJG7J40uvjoViUgu1OU5C4gLdAvEtynrbsnIqv3SQv0GyGf9
bYjRBiVJep6dSTknMLUhMXbYM7QvHNkikrXTu+iXeMrNODkmNV6ucByLlxYB5/Yn
c0adnCmQRWzgZyGm4+zeDEcBSaPlv/PWz+JFfsask0Z1VRt9xDI8RwvKcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJNYkDgj65izSjTbRJwDCTGnW3QMB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkNtvqCJ
46wvSsx4R6hh/tXRLQD98EdqLzA6i4kNzqrOCAK3uTgh2F2mthBTDihjJZ1kL2d8
wpHxUhdiIFjXLO8DVaUJt1XsIfOJbHaKxHzkZ42JeTEpPKjEmFxuc1MPesygqmVD
D1Fenl8snG0plfdoVuRJMUacSefXxJGWIsjfJO6v5yrS5wxVccguk5DTRSRkNLV1
ulWVEP1uhUFASbqOy2q1RjKJnZv0DTI+NZy/9WlhPX4j5xUtKZCOiwblZgR+rmB1
ed87dnYVzF/xkJaKu0O0jXuCHicA/3hnOjP5uVJKcMwhZjo6vVOE+Bo8GxJHJbty
dL0sCxSXnJ9C1Q==
-----END CERTIFICATE-----