Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
File:                     CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft (raw, json)
Hash identifier:          PGXUZbdFQE3kLD/RDEWVVB/n99ztjoZaDFmWacUQ33U=
Subject key identifier:   AF:91:EC:F7:53:A7:E4:02:FC:FA:44:C4:00:A5:19:F4:F3:88:47:CE
Authority key identifier: 08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
Certificate issuer:       /CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
Certificate serial:       019921B1A7D0FB9113FA6DDB0865857A0AB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
Manifest number:          0B0A
Signing time:             Sun 07 Sep 2025 01:01:54 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:54 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:54 +0000
Files and hashes:         1: CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl (hash: AMMltlfEWpyidxktaVwGGa7iuSNG5e1RGdHeb7654Dc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:a7:d0:fb:91:13:fa:6d:db:08:65:85:7a:0a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
        Validity
            Not Before: Sep  7 01:01:54 2025 GMT
            Not After : Sep  8 01:01:54 2025 GMT
        Subject: CN=af91ecf753a7e402fcfa44c400a519f4f38847ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0c:43:ac:a6:e5:25:db:4a:b4:cc:99:bb:bf:
                    e0:57:4d:62:04:9d:29:d9:36:47:38:29:bf:57:88:
                    20:a8:e2:16:27:56:aa:94:ae:e0:57:2c:49:78:e4:
                    6e:c5:07:e1:9b:24:bb:77:ba:ff:76:cb:25:0b:87:
                    2e:39:16:a0:43:c8:c1:82:2b:87:33:97:5a:f1:1a:
                    87:7c:f9:0b:44:e9:58:41:6d:40:4a:80:01:d7:f0:
                    51:af:da:5b:58:24:67:02:ff:d0:80:44:61:1a:7e:
                    a1:a2:73:fd:e3:e2:6b:99:35:ff:28:06:c6:23:92:
                    03:b1:15:8e:f6:5c:ad:62:94:ce:95:3b:a9:e3:ce:
                    2f:c1:28:1d:a5:76:09:68:67:8e:2e:01:1d:7b:96:
                    d6:e6:e1:9c:81:b7:49:86:d9:40:46:54:b1:90:c5:
                    ce:f9:78:fb:96:17:e7:83:c1:90:90:f6:31:db:e2:
                    b2:a0:23:12:c7:e7:ba:e3:6e:96:52:40:db:d4:23:
                    a4:0f:e1:7e:11:b9:10:b6:0d:7d:23:f5:07:de:06:
                    c9:12:b3:14:57:bf:05:bd:c1:b1:f6:69:e1:44:59:
                    90:87:7d:59:24:49:97:c5:1a:7b:34:2f:ee:38:0e:
                    40:62:b7:92:6c:f6:18:d6:3a:c1:3f:c6:08:d4:57:
                    44:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:91:EC:F7:53:A7:E4:02:FC:FA:44:C4:00:A5:19:F4:F3:88:47:CE
            X509v3 Authority Key Identifier:
                keyid:08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:83:85:c3:7e:db:49:93:5a:87:ab:c6:35:4c:b7:1a:41:92:
         cf:de:02:f5:79:67:cf:d4:7f:62:93:a5:38:06:a4:5b:13:26:
         5d:2b:10:58:ec:2e:01:43:e3:b3:9c:92:af:97:54:0d:39:17:
         bd:f2:56:02:f9:19:0e:a6:57:87:0b:79:89:11:5a:2b:1b:44:
         89:7f:84:ec:d6:51:5f:73:bb:be:49:62:f6:36:4e:7f:a8:fb:
         ca:46:12:6c:2c:fe:2b:ac:7f:43:e2:ef:8b:25:4b:5c:bb:96:
         aa:83:76:fa:de:18:cb:a7:20:1d:9f:1f:f3:a5:63:0d:5f:96:
         11:e5:0e:88:95:9e:ec:8c:31:bd:4e:cc:8e:08:a6:6d:33:bf:
         ef:27:43:a0:c0:cd:2e:96:f1:82:c0:0c:d9:a1:0b:5a:1d:1e:
         08:12:1f:2a:6f:bc:ad:4d:17:ee:b7:c0:cc:9b:37:44:3f:1c:
         c4:54:80:91:a7:33:a0:d9:e8:7a:ac:09:1a:c7:95:f7:09:c3:
         63:1e:cd:b2:0f:aa:25:77:04:4a:2f:f8:98:b8:c5:65:03:fc:
         a3:51:30:90:49:90:f5:2f:75:d9:a3:08:72:b7:23:90:ee:6e:
         ae:36:30:fa:63:a3:67:21:72:9c:18:40:5e:57:e2:be:85:72:
         48:d4:fc:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsafQ+5ET+m3bCGWFegqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDI3ZmRjOTBmODBmODA5NzJjMTI1YmQ0MWVkYjBhZTgz
MzRhYTAwHhcNMjUwOTA3MDEwMTU0WhcNMjUwOTA4MDEwMTU0WjAzMTEwLwYDVQQD
EyhhZjkxZWNmNzUzYTdlNDAyZmNmYTQ0YzQwMGE1MTlmNGYzODg0N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AxDrKblJdtKtMyZu7/gV01iBJ0p
2TZHOCm/V4ggqOIWJ1aqlK7gVyxJeORuxQfhmyS7d7r/dsslC4cuORagQ8jBgiuH
M5da8RqHfPkLROlYQW1ASoAB1/BRr9pbWCRnAv/QgERhGn6honP94+JrmTX/KAbG
I5IDsRWO9lytYpTOlTup484vwSgdpXYJaGeOLgEde5bW5uGcgbdJhtlARlSxkMXO
+Xj7lhfng8GQkPYx2+KyoCMSx+e6426WUkDb1COkD+F+EbkQtg19I/UH3gbJErMU
V78FvcGx9mnhRFmQh31ZJEmXxRp7NC/uOA5AYreSbPYY1jrBP8YI1FdE5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+R7PdTp+QC/PpExAClGfTziEfOMB8GA1UdIwQY
MBaAFAjSf9yQ+A+AlywSW9Qe2wroM0qgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYt
OTEwNTQxMTU1ZmVmLzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYtOTEwNTQxMTU1ZmVm
LzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdYOFw37b
SZNah6vGNUy3GkGSz94C9Xlnz9R/YpOlOAakWxMmXSsQWOwuAUPjs5ySr5dUDTkX
vfJWAvkZDqZXhwt5iRFaKxtEiX+E7NZRX3O7vkli9jZOf6j7ykYSbCz+K6x/Q+Lv
iyVLXLuWqoN2+t4Yy6cgHZ8f86VjDV+WEeUOiJWe7IwxvU7MjgimbTO/7ydDoMDN
LpbxgsAM2aELWh0eCBIfKm+8rU0X7rfAzJs3RD8cxFSAkaczoNnoeqwJGseV9wnD
Yx7Nsg+qJXcESi/4mLjFZQP8o1EwkEmQ9S912aMIcrcjkO5urjYw+mOjZyFynBhA
XlfivoVySNT8rA==
-----END CERTIFICATE-----