Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          unNzPBXplsupmHSvryaexh0vCaJ7M6iAK+lCPcSLiEY=
Subject key identifier:   BD:CC:BF:9E:BF:B4:7A:7C:A7:DD:A3:5E:DF:F9:4D:32:B7:68:A3:A7
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       0196789F98DC277BA8B2F51420CBE6993101
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          08E5
Signing time:             Sun 27 Apr 2025 19:00:47 +0000
Manifest this update:     Sun 27 Apr 2025 19:00:47 +0000
Manifest next update:     Mon 28 Apr 2025 19:00:47 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: gb+yq0MOhc11u7Fx6vsZV/xHbdlXjhgMgPyMFILG1QI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 19:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:9f:98:dc:27:7b:a8:b2:f5:14:20:cb:e6:99:31:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Apr 27 19:00:47 2025 GMT
            Not After : Apr 28 19:00:47 2025 GMT
        Subject: CN=bdccbf9ebfb47a7ca7dda35edff94d32b768a3a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:02:b1:61:f0:bc:7a:cc:de:0d:a0:83:f2:9c:
                    ce:02:52:64:0b:7e:f1:91:5c:7a:03:c0:71:ad:34:
                    38:8b:23:fc:a2:01:ad:6d:af:d6:63:73:03:75:8a:
                    9c:ce:f1:0a:51:35:64:82:a0:38:6b:91:40:04:5d:
                    42:17:5d:d4:11:01:aa:58:9e:7d:9a:21:b1:3f:df:
                    09:4d:c5:0a:50:f1:45:cb:6f:a8:d7:df:41:60:99:
                    7c:64:90:66:d2:f5:06:8e:60:c9:d3:28:c4:b2:0a:
                    9b:99:85:0b:9e:bb:2b:77:4c:03:a7:ca:ba:a1:59:
                    06:f3:de:ae:58:c4:de:55:57:e3:9e:c6:b4:9d:7e:
                    a4:1c:56:50:c9:98:8b:fb:81:59:a3:2e:00:d6:77:
                    b0:81:9a:fc:66:ee:96:34:14:c8:8f:96:07:7c:5a:
                    bc:be:da:4b:4d:e5:c0:ab:f1:cd:26:f8:95:e7:0c:
                    79:bd:c1:76:2a:28:67:0d:40:27:63:ac:76:30:28:
                    5e:cb:ff:d4:12:6b:99:45:5e:f0:01:d6:d6:1f:b6:
                    11:d6:4e:7c:1e:33:0b:eb:c7:a5:4f:7e:0a:f6:45:
                    4e:de:68:1d:10:8c:55:9e:07:9b:52:2d:0d:38:fa:
                    d8:c6:88:84:a1:b4:72:e7:de:fe:7a:6f:0b:16:11:
                    0e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:CC:BF:9E:BF:B4:7A:7C:A7:DD:A3:5E:DF:F9:4D:32:B7:68:A3:A7
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:00:12:7b:c6:f5:74:a1:57:64:d1:9d:85:89:0f:68:1b:8f:
         23:87:ec:19:d8:37:cd:16:1c:d3:1a:b7:ef:94:23:13:81:2a:
         65:64:ea:b8:69:33:5f:9c:d2:73:28:eb:f6:3a:c4:82:f4:06:
         e3:55:aa:b5:d7:d7:8c:4f:57:21:b8:97:82:8a:f6:95:b9:34:
         6c:1a:25:53:26:c7:07:3e:b4:81:ee:fd:12:72:e3:af:ac:12:
         39:c6:c9:bf:9b:3a:22:fa:8c:18:51:30:84:1a:df:68:44:e2:
         df:79:7c:10:2b:09:69:2f:70:90:f5:98:ed:56:30:72:f9:e5:
         19:3c:bb:8e:ea:4a:12:da:db:41:17:34:93:f0:50:30:5e:2f:
         b8:b4:36:e1:4f:11:e0:e2:65:50:8b:07:35:1b:62:8d:73:f5:
         40:99:e0:e5:75:d1:d7:40:35:8b:ed:6e:e8:39:6d:45:ec:ed:
         df:2b:ed:e5:ed:aa:90:67:40:e9:56:ba:b9:0b:56:f5:a5:ed:
         ce:d6:9c:37:45:90:0f:cc:e1:53:b8:eb:3e:07:60:85:5a:61:
         d0:b3:85:49:e8:b2:c5:38:21:7b:68:7d:93:66:d7:d0:b7:59:
         96:17:88:7e:be:0d:0a:b3:86:dd:07:93:fc:8a:5b:df:67:64:
         02:ba:a5:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4n5jcJ3uosvUUIMvmmTEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjUwNDI3MTkwMDQ3WhcNMjUwNDI4MTkwMDQ3WjAzMTEwLwYDVQQD
EyhiZGNjYmY5ZWJmYjQ3YTdjYTdkZGEzNWVkZmY5NGQzMmI3NjhhM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QKxYfC8eszeDaCD8pzOAlJkC37x
kVx6A8BxrTQ4iyP8ogGtba/WY3MDdYqczvEKUTVkgqA4a5FABF1CF13UEQGqWJ59
miGxP98JTcUKUPFFy2+o199BYJl8ZJBm0vUGjmDJ0yjEsgqbmYULnrsrd0wDp8q6
oVkG896uWMTeVVfjnsa0nX6kHFZQyZiL+4FZoy4A1newgZr8Zu6WNBTIj5YHfFq8
vtpLTeXAq/HNJviV5wx5vcF2KihnDUAnY6x2MChey//UEmuZRV7wAdbWH7YR1k58
HjML68elT34K9kVO3mgdEIxVngebUi0NOPrYxoiEobRy597+em8LFhEOAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3Mv56/tHp8p92jXt/5TTK3aKOnMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABgASe8b1
dKFXZNGdhYkPaBuPI4fsGdg3zRYc0xq375QjE4EqZWTquGkzX5zScyjr9jrEgvQG
41WqtdfXjE9XIbiXgor2lbk0bBolUybHBz60ge79EnLjr6wSOcbJv5s6IvqMGFEw
hBrfaETi33l8ECsJaS9wkPWY7VYwcvnlGTy7jupKEtrbQRc0k/BQMF4vuLQ24U8R
4OJlUIsHNRtijXP1QJng5XXR10A1i+1u6DltRezt3yvt5e2qkGdA6Va6uQtW9aXt
ztacN0WQD8zhU7jrPgdghVph0LOFSeiyxTghe2h9k2bX0LdZlheIfr4NCrOG3QeT
/Ipb32dkArqlAA==
-----END CERTIFICATE-----