Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
File:                     j39d3CK0NKz6QNZ-5QsEKQxw27M.mft (raw, json)
Hash identifier:          tZHDG617GasVpd61ifSUbnM0XxfBGHvbtciZ5uDfvGI=
Subject key identifier:   F4:AD:2F:A4:21:88:1A:90:42:FB:D5:0B:2F:3B:BF:11:63:2B:51:02
Authority key identifier: 8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3
Certificate issuer:       /CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
Certificate serial:       019681A2333E24D4186B36D6E0BD88F96EDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
Manifest number:          06AB
Signing time:             Tue 29 Apr 2025 13:00:12 +0000
Manifest this update:     Tue 29 Apr 2025 13:00:12 +0000
Manifest next update:     Wed 30 Apr 2025 13:00:12 +0000
Files and hashes:         1: j39d3CK0NKz6QNZ-5QsEKQxw27M.crl (hash: cG6cyE9rYGYuYf6l9VLeG0TWg0fwqNlVl6FNoNybuMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a2:33:3e:24:d4:18:6b:36:d6:e0:bd:88:f9:6e:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
        Validity
            Not Before: Apr 29 13:00:12 2025 GMT
            Not After : Apr 30 13:00:12 2025 GMT
        Subject: CN=f4ad2fa421881a9042fbd50b2f3bbf11632b5102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1f:c0:70:a2:69:8e:6f:76:95:8c:2a:93:37:
                    c4:5d:18:a5:c7:b4:94:d9:ef:fd:33:ee:58:df:0f:
                    77:f8:aa:e1:36:f4:0e:1d:05:ba:b2:75:f8:ab:00:
                    31:13:3d:cd:47:cd:cd:f2:16:95:97:53:bc:76:53:
                    f2:7e:75:38:8f:ce:3a:a9:47:ce:d8:8e:e1:3d:23:
                    11:c2:dc:57:bd:96:de:e7:3b:ee:53:e4:c7:d7:1b:
                    18:9e:5d:9a:9e:d6:fc:ba:2c:35:83:10:5a:20:9c:
                    9f:39:f3:ff:ce:e0:2d:3a:96:60:21:f5:b0:82:dc:
                    7c:7e:1d:8c:f2:34:c8:80:0e:d1:31:7e:24:f4:57:
                    de:d0:ba:ad:09:ab:97:38:ab:c6:89:96:0b:70:1b:
                    8a:24:b9:e0:49:35:3e:d4:19:d6:36:9c:b0:67:99:
                    d4:92:16:0a:0b:5f:69:f4:ba:a2:35:b8:2e:2d:f9:
                    ca:4d:6d:0d:76:99:49:ed:89:36:f9:82:ac:33:19:
                    21:e2:87:f0:70:26:46:56:4c:96:05:26:0b:b8:c1:
                    42:47:85:d5:02:e0:83:38:20:b7:b5:dc:65:e5:8d:
                    81:ff:5b:c6:f9:28:40:2b:9f:30:26:c0:93:dd:0a:
                    ca:20:ac:15:c4:e7:f8:47:dd:be:4c:7e:e7:96:65:
                    c0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:AD:2F:A4:21:88:1A:90:42:FB:D5:0B:2F:3B:BF:11:63:2B:51:02
            X509v3 Authority Key Identifier:
                keyid:8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:ac:cb:a6:21:d7:62:28:b6:0d:43:3b:fe:43:2c:dc:b0:cd:
         b9:b6:32:bb:52:89:ce:14:ae:5f:6c:d4:c2:00:75:4b:a4:c4:
         c4:b3:da:51:55:80:c7:ce:13:c2:22:95:af:ea:47:8f:70:6e:
         9e:99:1a:a8:76:d2:37:e7:54:47:39:8f:fd:5d:9b:2f:b8:f4:
         65:96:83:3a:72:ba:1a:94:b7:60:59:b6:cd:98:3e:41:d5:0f:
         33:1c:00:0f:50:eb:fe:ce:5d:e2:4c:7c:9d:cf:3b:49:07:2e:
         35:23:3f:20:4b:2b:43:87:c5:ed:f1:f9:64:b9:81:51:ed:b2:
         09:8b:b9:c6:ad:bd:9d:95:ce:52:87:25:c8:a2:a6:e2:9c:63:
         07:27:07:62:e8:c9:8c:31:44:d1:44:26:7a:38:9d:95:d8:79:
         e8:f7:ea:5b:78:e7:1b:5f:26:84:a5:c8:f9:49:8e:20:65:97:
         db:ad:d2:37:b0:46:d5:a5:9b:a3:45:ba:3b:bb:be:7c:76:88:
         4f:78:9c:e1:16:c8:cf:cd:21:7e:a4:ab:a2:6f:ca:99:68:bd:
         b7:87:04:a0:80:fb:df:4a:d1:72:da:d9:a5:17:c5:6c:c0:7a:
         b0:6e:aa:3f:a1:0d:6a:54:41:75:59:20:43:16:4c:1a:cf:7c:
         43:fd:b8:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBojM+JNQYazbW4L2I+W7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Y1ZGRjMjJiNDM0YWNmYTQwZDY3ZWU1MGIwNDI5MGM3
MGRiYjMwHhcNMjUwNDI5MTMwMDEyWhcNMjUwNDMwMTMwMDEyWjAzMTEwLwYDVQQD
EyhmNGFkMmZhNDIxODgxYTkwNDJmYmQ1MGIyZjNiYmYxMTYzMmI1MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh/AcKJpjm92lYwqkzfEXRilx7SU
2e/9M+5Y3w93+KrhNvQOHQW6snX4qwAxEz3NR83N8haVl1O8dlPyfnU4j846qUfO
2I7hPSMRwtxXvZbe5zvuU+TH1xsYnl2antb8uiw1gxBaIJyfOfP/zuAtOpZgIfWw
gtx8fh2M8jTIgA7RMX4k9Ffe0LqtCauXOKvGiZYLcBuKJLngSTU+1BnWNpywZ5nU
khYKC19p9LqiNbguLfnKTW0NdplJ7Yk2+YKsMxkh4ofwcCZGVkyWBSYLuMFCR4XV
AuCDOCC3tdxl5Y2B/1vG+ShAK58wJsCT3QrKIKwVxOf4R92+TH7nlmXAHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPStL6QhiBqQQvvVCy87vxFjK1ECMB8GA1UdIwQY
MBaAFI9/XdwitDSs+kDWfuULBCkMcNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzkt
MzJkYWM0YjE0MGVkLzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzktMzJkYWM0YjE0MGVk
LzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcazLpiHX
Yii2DUM7/kMs3LDNubYyu1KJzhSuX2zUwgB1S6TExLPaUVWAx84TwiKVr+pHj3Bu
npkaqHbSN+dURzmP/V2bL7j0ZZaDOnK6GpS3YFm2zZg+QdUPMxwAD1Dr/s5d4kx8
nc87SQcuNSM/IEsrQ4fF7fH5ZLmBUe2yCYu5xq29nZXOUoclyKKm4pxjBycHYujJ
jDFE0UQmejidldh56PfqW3jnG18mhKXI+UmOIGWX263SN7BG1aWbo0W6O7u+fHaI
T3ic4RbIz80hfqSrom/KmWi9t4cEoID730rRctrZpRfFbMB6sG6qP6ENalRBdVkg
QxZMGs98Q/24pg==
-----END CERTIFICATE-----