Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          J9obYMb8AsuKH5FEMAQ5PZAa5o8emPC79To/V2QSjOw=
Subject key identifier:   B8:A8:B2:4A:E7:18:E5:EA:6A:5F:87:07:EB:00:70:5D:86:4A:19:E6
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       0196741EB81889293C2E56676BE72E5DFC6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          1022
Signing time:             Sat 26 Apr 2025 22:01:32 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:32 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:32 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: xc9qyMIs3g9waxS4tbf8b0xdsGT4Zp0thZvUul/1oIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:b8:18:89:29:3c:2e:56:67:6b:e7:2e:5d:fc:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Apr 26 22:01:32 2025 GMT
            Not After : Apr 27 22:01:32 2025 GMT
        Subject: CN=b8a8b24ae718e5ea6a5f8707eb00705d864a19e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:7f:16:a7:5a:49:7e:42:bb:7b:39:af:f9:78:
                    c3:4c:e0:06:cf:f2:05:b4:73:00:ef:79:25:13:db:
                    2d:6d:2f:64:cc:c1:4b:2f:85:f8:a5:a7:ef:ad:16:
                    a6:62:c1:0e:13:1f:f0:2b:80:77:eb:83:57:67:d0:
                    03:a1:73:bf:14:17:a5:0e:6a:ce:f7:ef:fb:ce:38:
                    f9:54:83:17:fe:f2:d7:ea:6c:a7:64:95:ee:73:c6:
                    47:47:aa:88:a2:86:c5:43:88:c4:d3:c2:de:ed:7b:
                    de:97:6c:cc:af:a1:54:e4:ff:06:6b:be:2d:6f:b0:
                    31:8e:a2:e2:5c:0a:84:5e:08:50:d6:72:39:24:2f:
                    30:bc:42:db:18:b2:cc:7f:61:a2:7f:5e:8e:82:31:
                    92:f3:d9:fb:75:de:79:c6:ac:72:25:88:46:a5:52:
                    18:9e:eb:6e:a1:d8:6e:b1:a2:16:cb:53:40:e6:f0:
                    3b:a6:a3:d1:08:bc:fd:df:cb:7b:58:eb:a0:21:66:
                    d6:76:e1:96:9f:f9:db:89:a3:53:76:af:97:43:59:
                    8b:2e:5a:6d:b5:dc:5b:01:9a:a1:6a:5a:80:43:fa:
                    77:43:f0:21:98:f0:40:39:e3:20:12:8d:0f:e6:da:
                    d7:9a:7b:95:b5:e3:da:a9:c9:3c:4f:78:71:2c:26:
                    35:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:A8:B2:4A:E7:18:E5:EA:6A:5F:87:07:EB:00:70:5D:86:4A:19:E6
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:7c:47:a6:1a:a8:c1:54:4a:e1:3a:87:e7:45:b1:0e:c7:44:
         62:83:5a:11:3d:aa:78:f3:16:91:3e:1c:a6:7f:19:a2:a9:fd:
         ce:ce:db:77:a1:4c:12:f5:b1:1f:3c:ba:1b:04:ec:65:63:4d:
         03:57:fa:25:d1:c6:54:22:3b:77:d1:32:4f:e5:d3:7a:e5:0e:
         58:9b:64:61:4b:d1:6e:ef:6a:02:2d:16:b4:be:6d:47:ad:d8:
         bf:d2:9d:77:86:49:60:ee:bb:aa:7c:b7:f0:80:5b:4e:6c:56:
         8e:41:b2:07:20:c6:fe:84:72:5e:81:2b:97:c4:3e:01:c9:05:
         84:d4:f6:d8:55:6a:f5:09:00:fb:8c:0d:4e:ee:54:a9:99:e0:
         e1:8a:9a:50:99:d8:01:d7:42:80:ec:d7:f8:b5:a0:a1:61:f4:
         e2:b2:0b:21:f3:c8:1d:e5:7b:03:21:27:59:9d:1c:7b:59:14:
         c5:9a:d7:e3:f1:e0:42:1c:2d:b3:54:b6:dd:e4:9f:bb:39:29:
         42:17:6a:26:2f:3f:dd:8b:06:f0:40:8d:7c:87:ad:3f:67:db:
         5b:25:a9:5b:b8:90:0f:ee:d1:77:92:da:90:03:22:43:6f:0e:
         19:3f:35:fa:5c:91:f3:49:7a:cf:d2:fa:b4:cd:48:85:35:31:
         18:c7:e1:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HrgYiSk8LlZna+cuXfxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjUwNDI2MjIwMTMyWhcNMjUwNDI3MjIwMTMyWjAzMTEwLwYDVQQD
EyhiOGE4YjI0YWU3MThlNWVhNmE1Zjg3MDdlYjAwNzA1ZDg2NGExOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n8Wp1pJfkK7ezmv+XjDTOAGz/IF
tHMA73klE9stbS9kzMFLL4X4pafvrRamYsEOEx/wK4B364NXZ9ADoXO/FBelDmrO
9+/7zjj5VIMX/vLX6mynZJXuc8ZHR6qIoobFQ4jE08Le7Xvel2zMr6FU5P8Ga74t
b7AxjqLiXAqEXghQ1nI5JC8wvELbGLLMf2Gif16OgjGS89n7dd55xqxyJYhGpVIY
nutuodhusaIWy1NA5vA7pqPRCLz938t7WOugIWbWduGWn/nbiaNTdq+XQ1mLLlpt
tdxbAZqhalqAQ/p3Q/AhmPBAOeMgEo0P5trXmnuVtePaqck8T3hxLCY1lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLioskrnGOXqal+HB+sAcF2GShnmMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY3xHphqo
wVRK4TqH50WxDsdEYoNaET2qePMWkT4cpn8Zoqn9zs7bd6FMEvWxHzy6GwTsZWNN
A1f6JdHGVCI7d9EyT+XTeuUOWJtkYUvRbu9qAi0WtL5tR63Yv9Kdd4ZJYO67qny3
8IBbTmxWjkGyByDG/oRyXoErl8Q+AckFhNT22FVq9QkA+4wNTu5UqZng4YqaUJnY
AddCgOzX+LWgoWH04rILIfPIHeV7AyEnWZ0ce1kUxZrX4/HgQhwts1S23eSfuzkp
QhdqJi8/3YsG8ECNfIetP2fbWyWpW7iQD+7Rd5LakAMiQ28OGT81+lyR80l6z9L6
tM1IhTUxGMfhYw==
-----END CERTIFICATE-----