Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
File:                     j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft (raw, json)
Hash identifier:          HF7B61XIygL76HltZwJuwdTf1aUyfR+IB1hplXUePQc=
Subject key identifier:   C3:F6:CD:34:A2:0E:D1:6F:71:E0:C9:88:9B:BD:D2:78:EA:71:F5:72
Authority key identifier: 8F:49:F4:A4:CD:82:93:44:51:9F:45:2A:3B:0E:1E:66:FE:8D:3E:25
Certificate issuer:       /CN=8f49f4a4cd829344519f452a3b0e1e66fe8d3e25
Certificate serial:       019678D698B4E3F741F381745580B4ADEDA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
Manifest number:          150D
Signing time:             Sun 27 Apr 2025 20:00:51 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:51 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:51 +0000
Files and hashes:         1: j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl (hash: V/59/nMxPWEnDGLILbFVfDzq2+0EwI2g87THt8QAG5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 20:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:98:b4:e3:f7:41:f3:81:74:55:80:b4:ad:ed:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f49f4a4cd829344519f452a3b0e1e66fe8d3e25
        Validity
            Not Before: Apr 27 20:00:51 2025 GMT
            Not After : Apr 28 20:00:51 2025 GMT
        Subject: CN=c3f6cd34a20ed16f71e0c9889bbdd278ea71f572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7e:ed:6a:3d:57:78:cb:81:56:0e:fc:38:a6:
                    1e:13:d2:b0:a3:4f:29:9e:d0:23:d6:8d:da:8e:70:
                    c8:44:dc:7a:51:d9:e6:88:46:9a:cc:47:7e:51:b5:
                    0e:5d:8a:fc:06:e4:a5:e7:05:eb:4b:dd:55:22:13:
                    8e:d2:61:d3:ba:07:3b:94:35:84:b5:9d:32:62:f4:
                    b9:00:90:fd:99:9b:da:42:da:19:9f:7e:d7:f2:4a:
                    6f:2c:7a:e7:80:44:c0:5a:93:76:b9:9e:94:67:42:
                    13:06:23:6e:ee:9a:c8:15:61:73:2e:5e:cf:a1:77:
                    e9:4b:50:5b:60:2a:ff:98:c6:e9:15:e3:6c:1c:6b:
                    e2:c3:75:e5:9e:56:76:e4:54:ef:b8:35:18:cc:a9:
                    57:c2:d1:49:fe:17:61:8d:8c:1d:e0:a0:e6:7d:5b:
                    d5:f7:e9:9b:ad:05:71:49:79:66:76:5e:b2:16:ff:
                    4c:ec:e9:00:63:92:bb:a5:9f:d6:ed:8f:b9:ad:a9:
                    54:36:8f:22:8e:7f:38:20:7b:b0:c9:20:e8:b3:3a:
                    8b:01:aa:3e:33:5d:cf:cf:e9:09:55:56:d6:9e:a0:
                    5f:48:73:ae:8e:01:83:52:12:4d:69:5d:87:f7:79:
                    b5:1d:66:09:46:b8:32:af:46:50:04:76:37:b0:1a:
                    ab:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:F6:CD:34:A2:0E:D1:6F:71:E0:C9:88:9B:BD:D2:78:EA:71:F5:72
            X509v3 Authority Key Identifier:
                keyid:8F:49:F4:A4:CD:82:93:44:51:9F:45:2A:3B:0E:1E:66:FE:8D:3E:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:69:69:94:46:a2:5e:56:d1:2a:bf:e2:c5:05:9d:71:8d:fe:
         f5:c4:a7:c3:55:3d:98:36:40:cb:2c:2a:8c:8d:bc:98:1d:52:
         68:36:a8:23:54:55:2d:b1:fc:47:fc:77:b8:5c:f3:a4:f0:ca:
         30:e3:c8:0f:c0:d8:23:68:70:b8:6c:c9:e9:63:24:83:bd:c6:
         7c:5d:7d:9a:0c:9b:94:83:5f:36:ef:1d:b0:21:5e:0c:f9:97:
         4f:11:73:f6:49:4e:fb:9e:b3:37:06:b9:fa:31:7e:66:1f:fa:
         fe:d5:45:9f:1a:d4:e3:c6:09:dd:57:ef:be:13:cc:a4:60:df:
         39:4b:b0:d8:15:02:ac:9d:fa:38:ba:31:e9:ae:8e:f3:ef:0c:
         c1:f0:1a:f4:32:1e:eb:ea:14:2e:ce:6e:59:9e:70:e6:27:da:
         95:b6:91:9e:dd:52:93:2a:10:dd:a7:03:5f:f5:b9:36:f3:f4:
         1b:86:05:0a:a8:4d:da:ca:40:fb:4e:3f:5b:e3:ac:44:06:a3:
         62:a3:5f:db:ef:c1:23:13:69:bb:4f:bf:5d:dc:65:d4:f9:7f:
         6c:e9:88:d1:c4:76:b6:6b:e2:24:d1:11:93:fa:b1:e7:4a:60:
         c8:a6:a3:ce:42:f1:b2:6a:4f:2c:00:c9:52:06:1e:93:b4:c4:
         33:be:97:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41pi04/dB84F0VYC0re2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNDlmNGE0Y2Q4MjkzNDQ1MTlmNDUyYTNiMGUxZTY2ZmU4
ZDNlMjUwHhcNMjUwNDI3MjAwMDUxWhcNMjUwNDI4MjAwMDUxWjAzMTEwLwYDVQQD
EyhjM2Y2Y2QzNGEyMGVkMTZmNzFlMGM5ODg5YmJkZDI3OGVhNzFmNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi37taj1XeMuBVg78OKYeE9Kwo08p
ntAj1o3ajnDIRNx6UdnmiEaazEd+UbUOXYr8BuSl5wXrS91VIhOO0mHTugc7lDWE
tZ0yYvS5AJD9mZvaQtoZn37X8kpvLHrngETAWpN2uZ6UZ0ITBiNu7prIFWFzLl7P
oXfpS1BbYCr/mMbpFeNsHGviw3XlnlZ25FTvuDUYzKlXwtFJ/hdhjYwd4KDmfVvV
9+mbrQVxSXlmdl6yFv9M7OkAY5K7pZ/W7Y+5ralUNo8ijn84IHuwySDoszqLAao+
M13Pz+kJVVbWnqBfSHOujgGDUhJNaV2H93m1HWYJRrgyr0ZQBHY3sBqr7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMP2zTSiDtFvceDJiJu90njqcfVyMB8GA1UdIwQY
MBaAFI9J9KTNgpNEUZ9FKjsOHmb+jT4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi82NjU4YzAtNTY1My00YTlmLWE4ZTgt
MTQwYWFkYTU0YjYxLzEvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi82NjU4YzAtNTY1My00YTlmLWE4ZTgtMTQwYWFkYTU0YjYx
LzEvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGlplEai
XlbRKr/ixQWdcY3+9cSnw1U9mDZAyywqjI28mB1SaDaoI1RVLbH8R/x3uFzzpPDK
MOPID8DYI2hwuGzJ6WMkg73GfF19mgyblINfNu8dsCFeDPmXTxFz9klO+56zNwa5
+jF+Zh/6/tVFnxrU48YJ3VfvvhPMpGDfOUuw2BUCrJ36OLox6a6O8+8MwfAa9DIe
6+oULs5uWZ5w5ifalbaRnt1SkyoQ3acDX/W5NvP0G4YFCqhN2spA+04/W+OsRAaj
YqNf2+/BIxNpu0+/Xdxl1Pl/bOmI0cR2tmviJNERk/qx50pgyKajzkLxsmpPLADJ
UgYek7TEM76X9Q==
-----END CERTIFICATE-----