Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          WLXzSkvTMe8OPUbIVEYK4VQwh8eGoOuvLgggTS9exQ0=
Subject key identifier:   D8:9F:F4:DC:AB:51:77:94:B3:5A:52:E2:6A:52:A0:DF:4E:42:19:3B
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       0196545C424B8F41429B58E0769676ADA87D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0605
Signing time:             Sun 20 Apr 2025 18:00:54 +0000
Manifest this update:     Sun 20 Apr 2025 18:00:54 +0000
Manifest next update:     Mon 21 Apr 2025 18:00:54 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: +PHtE2Lw51jaLvGL1rBgKARXPHMiQGu5qVfmO7B44Sk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5c:42:4b:8f:41:42:9b:58:e0:76:96:76:ad:a8:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: Apr 20 18:00:54 2025 GMT
            Not After : Apr 21 18:00:54 2025 GMT
        Subject: CN=d89ff4dcab517794b35a52e26a52a0df4e42193b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:45:23:57:fa:e8:30:eb:2c:5e:e5:fa:b3:7c:
                    82:82:4d:22:da:09:21:8c:9e:57:b3:b7:1e:a0:49:
                    1a:fe:a2:67:ae:1e:78:88:a4:66:ff:cf:ef:b0:c3:
                    6d:4e:c6:18:33:df:dc:cf:00:15:8f:2d:83:ce:b8:
                    b7:bd:b8:f2:f1:eb:a8:f2:0e:a8:2b:a8:f6:97:1e:
                    f3:0b:54:3c:eb:38:63:f5:d2:e4:f5:35:f9:e8:cf:
                    8e:93:3f:2e:fa:c8:c3:a5:05:ca:4c:27:ea:cc:9b:
                    da:a7:f1:14:9e:05:86:5a:bc:74:7d:2c:72:9b:0e:
                    67:b0:c4:4e:cf:35:a6:44:25:63:61:47:b7:31:d3:
                    e9:bd:76:98:c7:47:1e:fa:bd:d0:04:33:af:b8:43:
                    11:6a:28:86:cd:9d:45:18:88:90:79:f5:ac:82:fa:
                    15:91:4e:69:36:45:dc:e7:15:ec:ca:aa:c3:b7:53:
                    5f:91:93:2f:33:44:51:06:4f:29:f3:71:27:56:91:
                    e0:75:42:de:36:dd:6c:1c:83:51:ac:45:dc:8a:29:
                    69:b7:ae:75:a2:1c:ce:54:dd:c0:74:1d:56:bc:ac:
                    68:9d:38:fa:b8:67:73:69:14:d7:ff:91:cc:e2:e9:
                    6b:01:b5:e0:a6:c5:03:0e:4c:f3:ba:e2:e0:dc:a6:
                    47:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:9F:F4:DC:AB:51:77:94:B3:5A:52:E2:6A:52:A0:DF:4E:42:19:3B
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:84:38:84:c5:26:52:f9:80:2c:8c:49:54:f6:d6:33:91:5f:
         c9:bf:54:41:6f:f9:ba:ff:d9:81:0d:e6:9f:96:fd:f3:48:84:
         55:1c:2e:8e:e2:88:61:34:e5:4f:42:b8:5b:78:c3:69:a3:84:
         d2:5e:a1:65:6c:19:a0:e5:72:1d:15:56:af:09:37:bd:2a:ef:
         fb:33:17:9f:4a:74:44:c1:c5:43:34:5f:3e:16:b0:30:0d:44:
         f5:69:dc:f9:89:31:f9:42:7b:9e:0e:21:be:ec:cb:b0:40:d5:
         4b:63:ba:af:8a:1c:c3:ad:85:6e:be:88:23:2f:70:42:1f:da:
         f3:4f:5f:8c:e0:22:53:07:49:b3:7b:37:d3:98:10:39:6b:14:
         3c:dc:34:45:c5:03:b5:21:28:0c:91:e5:bc:ed:1f:07:0d:48:
         31:32:ef:fd:c2:eb:62:96:19:30:ee:f8:91:3d:e3:b0:92:01:
         a3:a4:c3:d2:47:a6:e1:9f:ca:75:bf:a7:67:25:6c:7c:4e:7b:
         c8:be:28:f1:94:ec:94:94:fb:c0:ec:0b:16:df:de:45:7f:fb:
         07:b5:11:7f:50:6e:de:d3:d8:af:15:56:13:d5:f9:74:24:05:
         3e:5e:84:aa:4b:d7:23:fa:df:c7:24:a5:c9:59:94:4f:d3:27:
         5c:a4:6c:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXEJLj0FCm1jgdpZ2rah9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjUwNDIwMTgwMDU0WhcNMjUwNDIxMTgwMDU0WjAzMTEwLwYDVQQD
EyhkODlmZjRkY2FiNTE3Nzk0YjM1YTUyZTI2YTUyYTBkZjRlNDIxOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0UjV/roMOssXuX6s3yCgk0i2gkh
jJ5Xs7ceoEka/qJnrh54iKRm/8/vsMNtTsYYM9/czwAVjy2Dzri3vbjy8euo8g6o
K6j2lx7zC1Q86zhj9dLk9TX56M+Okz8u+sjDpQXKTCfqzJvap/EUngWGWrx0fSxy
mw5nsMROzzWmRCVjYUe3MdPpvXaYx0ce+r3QBDOvuEMRaiiGzZ1FGIiQefWsgvoV
kU5pNkXc5xXsyqrDt1NfkZMvM0RRBk8p83EnVpHgdULeNt1sHINRrEXciilpt651
ohzOVN3AdB1WvKxonTj6uGdzaRTX/5HM4ulrAbXgpsUDDkzzuuLg3KZHXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNif9NyrUXeUs1pS4mpSoN9OQhk7MB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYQ4hMUm
UvmALIxJVPbWM5Ffyb9UQW/5uv/ZgQ3mn5b980iEVRwujuKIYTTlT0K4W3jDaaOE
0l6hZWwZoOVyHRVWrwk3vSrv+zMXn0p0RMHFQzRfPhawMA1E9Wnc+Ykx+UJ7ng4h
vuzLsEDVS2O6r4ocw62Fbr6IIy9wQh/a809fjOAiUwdJs3s305gQOWsUPNw0RcUD
tSEoDJHlvO0fBw1IMTLv/cLrYpYZMO74kT3jsJIBo6TD0kem4Z/Kdb+nZyVsfE57
yL4o8ZTslJT7wOwLFt/eRX/7B7URf1Bu3tPYrxVWE9X5dCQFPl6EqkvXI/rfxySl
yVmUT9MnXKRs8A==
-----END CERTIFICATE-----