Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
File:                     jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft (raw, json)
Hash identifier:          +epZBnPlClUAh0q3iPoqXojjUAmRIf34ya6IY9Xxkm0=
Subject key identifier:   37:B3:68:64:71:AF:F3:C9:32:57:E6:FC:87:79:F5:E4:6E:2E:14:BA
Authority key identifier: 8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91
Certificate issuer:       /CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
Certificate serial:       0197488C7CBA0A968E72A4E449215998417B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
Manifest number:          0796
Signing time:             Sat 07 Jun 2025 04:00:55 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:55 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:55 +0000
Files and hashes:         1: jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl (hash: 9Pi0GbYGUhRw3I2ZMV213cIqIkt2KC35x8+hQazmxtw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:7c:ba:0a:96:8e:72:a4:e4:49:21:59:98:41:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
        Validity
            Not Before: Jun  7 04:00:55 2025 GMT
            Not After : Jun  8 04:00:55 2025 GMT
        Subject: CN=37b3686471aff3c93257e6fc8779f5e46e2e14ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:6c:aa:a1:38:c9:71:a0:cf:57:d5:90:28:8b:
                    26:10:e6:22:ec:31:73:4a:ce:4f:26:ba:cd:9d:73:
                    86:67:4a:57:0a:01:b7:37:64:7b:5e:ba:f6:ab:21:
                    7b:4e:b3:98:23:0f:4e:79:e1:37:a3:f6:33:28:20:
                    9f:49:86:05:22:59:c7:93:9f:ba:25:5a:ff:2b:33:
                    fc:96:f8:ff:4c:0f:31:31:95:36:e9:5a:fc:2c:03:
                    ad:20:a9:67:3a:24:d8:c5:f6:19:77:2d:2e:2d:cc:
                    70:e4:b1:68:ff:19:24:7a:40:53:ca:1b:c3:b9:ac:
                    3d:d5:91:ca:ff:da:3d:28:bf:4c:ab:d5:c1:b9:94:
                    df:2b:1e:da:6e:29:a6:95:75:47:2c:92:70:17:00:
                    d0:bb:31:e0:3f:7a:dc:fc:05:30:63:eb:05:cb:46:
                    07:00:59:c7:60:aa:43:3f:c7:17:4c:ae:31:d9:20:
                    90:b8:cd:93:d4:03:fd:68:60:13:22:50:7a:35:94:
                    e3:21:87:50:cc:33:7b:1d:7e:c7:d9:ff:78:96:3c:
                    a8:83:a3:fb:5a:2c:f9:f8:3f:b0:a8:d1:d1:a0:a3:
                    6f:39:4c:56:ca:8f:02:28:44:d1:86:ee:88:33:4d:
                    35:6f:90:75:77:4b:1a:d3:fb:a1:1f:f3:9e:a8:2a:
                    49:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:B3:68:64:71:AF:F3:C9:32:57:E6:FC:87:79:F5:E4:6E:2E:14:BA
            X509v3 Authority Key Identifier:
                keyid:8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:15:1f:ce:92:9b:62:45:2d:65:f6:3a:9c:c1:42:21:5a:25:
         db:a1:5f:7b:e6:e9:34:0c:c4:2d:e5:a5:24:e2:35:7a:fa:c6:
         3e:0c:70:68:c0:17:28:28:31:8a:47:eb:f3:d5:86:94:48:b8:
         4a:45:31:e9:74:f8:84:dd:0b:49:75:30:5a:da:88:64:6d:dd:
         52:70:6f:0a:7e:14:8e:c4:78:d6:b7:98:fd:e3:e9:40:eb:3d:
         33:70:b9:16:e1:bf:d2:8d:8b:1d:35:47:69:e4:a2:ee:6c:3f:
         48:ac:19:d7:05:be:50:82:eb:c2:cb:32:7c:ea:a7:58:82:a5:
         62:14:e5:8c:93:15:6e:47:71:7f:53:fd:22:f2:33:97:7a:7a:
         97:1e:e1:24:7d:ea:98:60:f6:8d:92:66:a5:d2:53:14:c3:17:
         56:cb:fa:6c:6c:5a:17:53:eb:4a:45:1c:fa:3c:59:77:33:41:
         93:b4:2c:cc:43:b5:7a:1f:19:29:15:9c:49:e1:c4:3e:1f:de:
         83:6c:44:0c:18:08:f1:90:5f:a6:fc:30:bc:47:8f:42:fc:1b:
         36:1d:64:04:35:f0:ee:32:4e:10:c4:d1:4a:83:fd:c2:01:02:
         fa:a2:c7:0a:25:fb:67:b5:70:d9:2f:a7:b0:65:6a:ef:81:2c:
         d2:b2:31:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjHy6CpaOcqTkSSFZmEF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTdkY2M3ZTUyZjU4YjM0MmI3MGM4M2RhYTIxYTEwNmFj
NTkyOTEwHhcNMjUwNjA3MDQwMDU1WhcNMjUwNjA4MDQwMDU1WjAzMTEwLwYDVQQD
EygzN2IzNjg2NDcxYWZmM2M5MzI1N2U2ZmM4Nzc5ZjVlNDZlMmUxNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGyqoTjJcaDPV9WQKIsmEOYi7DFz
Ss5PJrrNnXOGZ0pXCgG3N2R7Xrr2qyF7TrOYIw9OeeE3o/YzKCCfSYYFIlnHk5+6
JVr/KzP8lvj/TA8xMZU26Vr8LAOtIKlnOiTYxfYZdy0uLcxw5LFo/xkkekBTyhvD
uaw91ZHK/9o9KL9Mq9XBuZTfKx7abimmlXVHLJJwFwDQuzHgP3rc/AUwY+sFy0YH
AFnHYKpDP8cXTK4x2SCQuM2T1AP9aGATIlB6NZTjIYdQzDN7HX7H2f94ljyog6P7
Wiz5+D+wqNHRoKNvOUxWyo8CKETRhu6IM001b5B1d0sa0/uhH/OeqCpJXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDezaGRxr/PJMlfm/Id59eRuLhS6MB8GA1UdIwQY
MBaAFIxX3MflL1izQrcMg9qiGhBqxZKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYt
NDEzMDZjMjdkNmYwLzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYtNDEzMDZjMjdkNmYw
LzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALhUfzpKb
YkUtZfY6nMFCIVol26Ffe+bpNAzELeWlJOI1evrGPgxwaMAXKCgxikfr89WGlEi4
SkUx6XT4hN0LSXUwWtqIZG3dUnBvCn4UjsR41reY/ePpQOs9M3C5FuG/0o2LHTVH
aeSi7mw/SKwZ1wW+UILrwssyfOqnWIKlYhTljJMVbkdxf1P9IvIzl3p6lx7hJH3q
mGD2jZJmpdJTFMMXVsv6bGxaF1PrSkUc+jxZdzNBk7QszEO1eh8ZKRWcSeHEPh/e
g2xEDBgI8ZBfpvwwvEePQvwbNh1kBDXw7jJOEMTRSoP9wgEC+qLHCiX7Z7Vw2S+n
sGVq74Es0rIxdA==
-----END CERTIFICATE-----