Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          UdehISquB3iUZHnbBW4vMC9QtCSf32fbFjusjfU89Bw=
Subject key identifier:   CF:E5:07:FD:F1:27:5E:85:53:2C:BE:FF:40:AE:7C:DC:A3:6B:C8:50
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       01968812321977259ABC0C0AAC0A44373F13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          0591
Signing time:             Wed 30 Apr 2025 19:00:15 +0000
Manifest this update:     Wed 30 Apr 2025 19:00:15 +0000
Manifest next update:     Thu 01 May 2025 19:00:15 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: JUt4F5eLWrs1cG555U+NNWOGBY4mVWOOQjPQQ4jL40g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 19:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:12:32:19:77:25:9a:bc:0c:0a:ac:0a:44:37:3f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: Apr 30 19:00:15 2025 GMT
            Not After : May  1 19:00:15 2025 GMT
        Subject: CN=cfe507fdf1275e85532cbeff40ae7cdca36bc850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c6:fa:6d:b5:dc:10:7f:33:a5:4b:bd:77:c2:
                    b7:fd:c2:a7:cd:4b:d4:91:d0:d0:75:f4:12:21:55:
                    6f:81:07:83:23:c1:e1:04:85:ba:71:a6:63:a4:54:
                    dd:c6:e9:b9:c5:58:34:03:80:55:9e:b4:42:e7:ac:
                    69:3c:50:bf:f7:1e:51:98:fc:dc:60:c3:d6:38:01:
                    df:b8:fd:93:95:c3:a3:7d:f7:f1:37:1a:36:e0:46:
                    90:5a:4b:39:47:ca:c2:d3:0e:3f:49:f0:12:15:b5:
                    2f:d2:f2:11:7c:13:f9:de:29:23:41:10:24:8a:bd:
                    96:9e:d7:2e:4d:86:28:85:6a:c8:d4:bd:25:b7:b6:
                    d3:17:c3:dc:f4:04:08:75:9f:22:d8:89:05:9b:46:
                    90:47:ef:1c:57:1d:34:ba:d0:56:ba:d7:85:76:79:
                    54:ca:a3:9e:d7:d6:4b:03:a1:bd:f1:e4:5d:3a:bc:
                    c9:78:f4:0a:f8:d5:b7:bd:07:37:c1:e6:54:b8:48:
                    37:39:82:f4:b4:a2:19:0f:e8:cd:30:c9:b2:bd:8c:
                    83:2b:c6:8f:0a:58:9f:c0:94:62:20:e0:6a:c1:46:
                    d4:6a:27:17:3c:d3:25:12:57:c9:e0:44:bb:e3:25:
                    90:ea:74:e0:c7:a4:ce:6c:98:19:39:78:17:b6:a9:
                    d3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:E5:07:FD:F1:27:5E:85:53:2C:BE:FF:40:AE:7C:DC:A3:6B:C8:50
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:23:be:1f:57:fa:f1:b2:0d:e3:85:a7:e6:ab:f0:96:6c:99:
         69:1b:b0:5d:b6:f7:f2:c6:60:24:99:f0:8f:55:51:6c:d6:de:
         fd:8c:ba:fb:93:6c:49:38:f7:bb:fa:9b:a4:d1:3c:d1:5b:85:
         64:d8:0b:26:23:d7:80:f4:f0:6a:23:12:a2:5f:5d:c0:4f:ea:
         dd:01:2b:3d:c8:ef:2f:06:45:ed:d7:d4:79:6d:24:4a:40:ae:
         34:4a:89:24:b2:97:fb:0b:b3:3f:15:93:7e:72:92:6d:7e:aa:
         9b:1d:f4:e6:e6:ce:d3:60:00:bc:3d:62:8c:51:31:64:3d:db:
         fb:d6:6d:98:62:72:59:62:15:44:0e:0b:39:b0:4e:18:fa:a1:
         28:d3:c9:67:7e:77:c2:8e:c3:cb:a1:77:55:dc:a6:63:b1:c1:
         17:57:4a:9e:0a:ac:cf:83:b3:8c:39:13:67:35:0a:ff:7b:7d:
         c4:5f:23:93:5e:cd:57:43:61:0f:a7:50:b1:17:bc:e7:3e:d7:
         d8:69:4f:4a:52:34:ea:ee:cc:09:81:97:14:f5:0f:80:79:ad:
         c6:0c:df:7a:f7:f6:a9:fe:38:31:66:22:de:36:28:0a:b0:56:
         77:df:e3:b8:5c:80:9d:15:32:c7:2a:48:65:db:b1:a0:07:51:
         85:a3:99:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaIEjIZdyWavAwKrApENz8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjUwNDMwMTkwMDE1WhcNMjUwNTAxMTkwMDE1WjAzMTEwLwYDVQQD
EyhjZmU1MDdmZGYxMjc1ZTg1NTMyY2JlZmY0MGFlN2NkY2EzNmJjODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8b6bbXcEH8zpUu9d8K3/cKnzUvU
kdDQdfQSIVVvgQeDI8HhBIW6caZjpFTdxum5xVg0A4BVnrRC56xpPFC/9x5RmPzc
YMPWOAHfuP2TlcOjfffxNxo24EaQWks5R8rC0w4/SfASFbUv0vIRfBP53ikjQRAk
ir2WntcuTYYohWrI1L0lt7bTF8Pc9AQIdZ8i2IkFm0aQR+8cVx00utBWuteFdnlU
yqOe19ZLA6G98eRdOrzJePQK+NW3vQc3weZUuEg3OYL0tKIZD+jNMMmyvYyDK8aP
ClifwJRiIOBqwUbUaicXPNMlElfJ4ES74yWQ6nTgx6TObJgZOXgXtqnTzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/lB/3xJ16FUyy+/0CufNyja8hQMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwiO+H1f6
8bIN44Wn5qvwlmyZaRuwXbb38sZgJJnwj1VRbNbe/Yy6+5NsSTj3u/qbpNE80VuF
ZNgLJiPXgPTwaiMSol9dwE/q3QErPcjvLwZF7dfUeW0kSkCuNEqJJLKX+wuzPxWT
fnKSbX6qmx305ubO02AAvD1ijFExZD3b+9ZtmGJyWWIVRA4LObBOGPqhKNPJZ353
wo7Dy6F3VdymY7HBF1dKngqsz4OzjDkTZzUK/3t9xF8jk17NV0NhD6dQsRe85z7X
2GlPSlI06u7MCYGXFPUPgHmtxgzfevf2qf44MWYi3jYoCrBWd9/juFyAnRUyxypI
ZduxoAdRhaOZLA==
-----END CERTIFICATE-----