Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          iwpnJErtqFdThM14iySEyTksFFMsrEUB6y+0J0dW4ow=
Subject key identifier:   C3:86:29:42:0F:C1:DB:31:C7:FE:23:5E:22:2B:17:7B:5F:82:40:47
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       01989D14C71B86FD2888B1BCDE335179468C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0A01
Signing time:             Tue 12 Aug 2025 07:00:41 +0000
Manifest this update:     Tue 12 Aug 2025 07:00:41 +0000
Manifest next update:     Wed 13 Aug 2025 07:00:41 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: GIi0qoB7DfNqrVwmi+Xu7LPYFFvnmq3cXValcW0IXeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9d:14:c7:1b:86:fd:28:88:b1:bc:de:33:51:79:46:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Aug 12 07:00:41 2025 GMT
            Not After : Aug 13 07:00:41 2025 GMT
        Subject: CN=c38629420fc1db31c7fe235e222b177b5f824047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:f7:dc:cc:5f:43:09:dc:42:4a:b1:5d:32:78:
                    ea:65:fe:4a:c7:b6:3b:29:aa:39:50:de:4c:09:46:
                    3c:1d:20:34:9a:ae:c9:6b:b6:cd:73:9e:a2:cd:6f:
                    d1:3d:cd:9c:03:39:5c:f9:95:36:80:f0:43:79:12:
                    b0:c2:ae:8a:4f:ad:7d:82:24:d4:d7:a0:14:39:79:
                    cc:a7:1a:d2:af:b2:6e:bb:e9:41:13:92:e0:5b:c3:
                    07:e4:5a:27:f9:92:e5:4b:9d:da:f2:62:0e:d1:52:
                    ba:a5:28:25:22:83:35:4b:0f:c9:86:f8:2e:bb:70:
                    1d:c3:65:95:af:d4:5f:bf:db:11:74:1c:60:7c:e6:
                    33:63:dd:ee:0a:34:23:1d:4f:12:d9:38:11:25:de:
                    2f:e5:2f:88:75:3e:ba:ab:d4:e5:c9:94:90:62:58:
                    cc:29:a1:ef:3e:1f:9d:fc:47:2b:62:42:31:03:33:
                    f4:24:d9:9b:27:51:69:41:fe:2a:fe:68:6f:92:91:
                    58:72:77:81:c4:7d:30:e3:ba:cc:8e:10:60:37:86:
                    3d:5f:e5:ed:f9:79:4d:06:67:c9:65:75:52:41:d9:
                    15:3a:91:29:b7:6e:21:e6:9d:4a:12:8d:21:81:06:
                    44:6d:31:67:13:8e:e7:f7:1e:ad:35:c6:25:67:a5:
                    fe:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:86:29:42:0F:C1:DB:31:C7:FE:23:5E:22:2B:17:7B:5F:82:40:47
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:e1:e9:4a:fe:02:c6:b0:43:6e:25:1e:6c:7f:a0:db:5e:c9:
         8d:69:1d:7d:f8:c5:2e:b1:13:87:d9:ed:a6:bd:54:9d:2e:45:
         d1:ae:80:08:04:47:2d:dc:b3:bc:b6:ab:7d:65:1f:23:40:8e:
         3b:11:4f:1a:2e:65:fe:13:d4:12:73:6b:e5:0f:1b:a7:9a:0d:
         e7:b4:02:7e:71:7f:7c:e8:86:34:bb:03:e2:a0:3c:f3:81:43:
         73:2d:29:b9:c8:dd:59:63:cb:ce:9f:5d:79:bd:2b:6b:d3:02:
         52:1c:c0:fb:24:61:7a:d0:d8:f7:3b:73:45:33:a2:c7:34:6f:
         91:1b:83:bc:bf:1e:52:50:6e:0d:a5:9e:1a:e4:39:45:e0:c8:
         91:c3:70:2e:2f:59:4e:d8:2b:12:31:6c:06:fe:a0:49:d4:94:
         dd:c4:6d:7e:ce:3e:5e:bd:63:2d:cb:07:36:7d:0a:a3:24:ec:
         14:a5:f7:7c:bb:75:0f:ed:07:1a:24:ab:3d:97:ec:e7:9a:29:
         9a:25:f4:43:29:21:44:d6:a0:a3:38:0d:17:d5:a1:47:11:0a:
         cf:b4:8e:27:cf:d0:03:ef:3b:3e:e3:85:23:19:3f:08:d6:ca:
         74:c6:7b:47:91:98:36:9a:c5:a9:16:c6:f9:9a:aa:c3:e7:80:
         80:18:4c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZidFMcbhv0oiLG83jNReUaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjUwODEyMDcwMDQxWhcNMjUwODEzMDcwMDQxWjAzMTEwLwYDVQQD
EyhjMzg2Mjk0MjBmYzFkYjMxYzdmZTIzNWUyMjJiMTc3YjVmODI0MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PfczF9DCdxCSrFdMnjqZf5Kx7Y7
Kao5UN5MCUY8HSA0mq7Ja7bNc56izW/RPc2cAzlc+ZU2gPBDeRKwwq6KT619giTU
16AUOXnMpxrSr7Juu+lBE5LgW8MH5Fon+ZLlS53a8mIO0VK6pSglIoM1Sw/Jhvgu
u3Adw2WVr9Rfv9sRdBxgfOYzY93uCjQjHU8S2TgRJd4v5S+IdT66q9TlyZSQYljM
KaHvPh+d/EcrYkIxAzP0JNmbJ1FpQf4q/mhvkpFYcneBxH0w47rMjhBgN4Y9X+Xt
+XlNBmfJZXVSQdkVOpEpt24h5p1KEo0hgQZEbTFnE47n9x6tNcYlZ6X+CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOGKUIPwdsxx/4jXiIrF3tfgkBHMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFuHpSv4C
xrBDbiUebH+g217JjWkdffjFLrETh9ntpr1UnS5F0a6ACARHLdyzvLarfWUfI0CO
OxFPGi5l/hPUEnNr5Q8bp5oN57QCfnF/fOiGNLsD4qA884FDcy0pucjdWWPLzp9d
eb0ra9MCUhzA+yRhetDY9ztzRTOixzRvkRuDvL8eUlBuDaWeGuQ5ReDIkcNwLi9Z
TtgrEjFsBv6gSdSU3cRtfs4+Xr1jLcsHNn0KoyTsFKX3fLt1D+0HGiSrPZfs55op
miX0QykhRNagozgNF9WhRxEKz7SOJ8/QA+87PuOFIxk/CNbKdMZ7R5GYNprFqRbG
+Zqqw+eAgBhMoQ==
-----END CERTIFICATE-----