Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File:                     jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier:          bPLz8FeA8cH91qFahCdbhrCALxle17X516PTz1jKMsk=
Subject key identifier:   89:5A:E8:3A:36:C4:2A:E4:8E:A8:7C:B8:06:F3:10:76:0B:A8:88:13
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer:       /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial:       01968C946E407DB31D7E09BEDFC622013EC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number:          04CA
Signing time:             Thu 01 May 2025 16:00:59 +0000
Manifest this update:     Thu 01 May 2025 16:00:59 +0000
Manifest next update:     Fri 02 May 2025 16:00:59 +0000
Files and hashes:         1: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: CuImdqRbE+hjvGZ4WgRRNg9rWwNFadgeEfhyChfLeME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8c:94:6e:40:7d:b3:1d:7e:09:be:df:c6:22:01:3e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
        Validity
            Not Before: May  1 16:00:59 2025 GMT
            Not After : May  2 16:00:59 2025 GMT
        Subject: CN=895ae83a36c42ae48ea87cb806f310760ba88813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:88:19:19:11:4c:f3:25:aa:02:8a:74:62:52:
                    6d:71:57:d8:26:af:91:a7:6d:7b:e9:24:24:93:f2:
                    6c:85:8a:ea:b5:17:66:28:6c:d8:2c:71:98:f1:d9:
                    93:2e:28:1e:28:27:82:0f:63:dd:4a:56:6d:4d:22:
                    15:e1:a0:89:67:6e:d2:06:21:34:f0:e3:21:83:da:
                    8a:8a:10:c9:13:9a:ac:e7:25:99:7f:83:ac:df:03:
                    62:36:a6:e0:11:75:3b:55:68:61:e7:51:4d:de:fc:
                    f7:6f:ef:e2:ee:9e:45:8c:a6:54:80:10:75:c0:55:
                    75:e6:87:86:21:c5:67:7d:24:09:0f:7b:28:42:94:
                    10:dc:50:4e:6a:6c:65:a9:71:c1:b5:ea:d4:db:e5:
                    c3:2d:04:3c:08:ca:bc:0c:11:73:6d:74:80:6d:96:
                    9c:16:37:25:b7:50:ce:96:c1:64:9a:68:64:91:d4:
                    d2:fc:5b:73:ab:27:ad:03:b8:b8:e9:5c:a7:ea:83:
                    7e:d5:ee:94:59:3c:4f:e5:51:9e:d7:7b:59:9a:55:
                    b5:08:c4:c3:38:4d:24:cf:f8:3e:ff:43:6e:9e:a1:
                    23:82:3f:ba:67:35:61:d6:13:05:91:61:4e:f7:c9:
                    06:d5:a3:dd:6f:4b:c0:ae:6e:d1:0e:c9:ad:75:b9:
                    8b:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:5A:E8:3A:36:C4:2A:E4:8E:A8:7C:B8:06:F3:10:76:0B:A8:88:13
            X509v3 Authority Key Identifier:
                keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:0c:b1:15:aa:1e:ff:87:65:cc:26:4e:50:f2:6d:c4:41:c2:
         35:55:6b:3c:f3:ea:51:35:55:be:ff:42:a1:86:d3:3e:12:18:
         ba:b9:aa:7e:e6:fe:1e:15:54:24:49:0b:c1:4c:cf:df:52:34:
         cd:9d:e8:ae:d6:f2:5c:72:20:7c:8b:9b:ab:52:3b:46:34:61:
         09:2a:c0:da:15:bf:bf:39:eb:50:d5:fd:41:8f:3e:3d:37:64:
         71:31:85:f4:6f:ac:11:d9:d2:e5:4b:3a:34:99:b8:fe:8c:b8:
         b6:d6:29:c5:ce:05:16:58:2a:20:a5:09:bf:a4:2b:e3:c9:8f:
         6e:cd:7a:51:4d:44:ea:c9:f8:54:4d:19:4c:67:5f:c3:91:43:
         fc:34:ae:98:d6:d2:80:0c:7a:0b:1c:e9:8b:60:b4:73:de:52:
         11:3d:ca:d0:aa:c8:d1:8c:4e:4f:51:47:a8:43:89:d1:b1:b8:
         b6:be:1d:b4:d4:0f:b3:10:de:5e:76:19:19:58:ae:d2:e2:47:
         cc:bb:34:81:24:31:78:83:b7:69:a0:49:2d:f5:01:c7:8c:be:
         af:6e:12:e9:23:8a:23:7c:92:aa:aa:74:ba:28:b2:c4:77:5c:
         51:f2:fe:9e:96:34:51:36:db:1e:ce:7e:6b:15:46:e9:ac:60:
         ce:f2:e9:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaMlG5AfbMdfgm+38YiAT7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjUwNTAxMTYwMDU5WhcNMjUwNTAyMTYwMDU5WjAzMTEwLwYDVQQD
Eyg4OTVhZTgzYTM2YzQyYWU0OGVhODdjYjgwNmYzMTA3NjBiYTg4ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoogZGRFM8yWqAop0YlJtcVfYJq+R
p2176SQkk/JshYrqtRdmKGzYLHGY8dmTLigeKCeCD2PdSlZtTSIV4aCJZ27SBiE0
8OMhg9qKihDJE5qs5yWZf4Os3wNiNqbgEXU7VWhh51FN3vz3b+/i7p5FjKZUgBB1
wFV15oeGIcVnfSQJD3soQpQQ3FBOamxlqXHBterU2+XDLQQ8CMq8DBFzbXSAbZac
Fjclt1DOlsFkmmhkkdTS/FtzqyetA7i46Vyn6oN+1e6UWTxP5VGe13tZmlW1CMTD
OE0kz/g+/0NunqEjgj+6ZzVh1hMFkWFO98kG1aPdb0vArm7RDsmtdbmLbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIla6Do2xCrkjqh8uAbzEHYLqIgTMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASwyxFaoe
/4dlzCZOUPJtxEHCNVVrPPPqUTVVvv9CoYbTPhIYurmqfub+HhVUJEkLwUzP31I0
zZ3ortbyXHIgfIubq1I7RjRhCSrA2hW/vznrUNX9QY8+PTdkcTGF9G+sEdnS5Us6
NJm4/oy4ttYpxc4FFlgqIKUJv6Qr48mPbs16UU1E6sn4VE0ZTGdfw5FD/DSumNbS
gAx6Cxzpi2C0c95SET3K0KrI0YxOT1FHqEOJ0bG4tr4dtNQPsxDeXnYZGViu0uJH
zLs0gSQxeIO3aaBJLfUBx4y+r24S6SOKI3ySqqp0uiiyxHdcUfL+npY0UTbbHs5+
axVG6axgzvLp1A==
-----END CERTIFICATE-----