Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
File:                     jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft (raw, json)
Hash identifier:          k1q4/ztZcQg9+DDfnJMmBPeXd7NJKVC8lCBOs/rEGv8=
Subject key identifier:   1E:2F:E2:FB:C7:3D:40:AE:2D:C6:F6:72:DE:80:38:D1:6C:5D:9C:31
Authority key identifier: 8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE
Certificate issuer:       /CN=8c5002f639e81958d0f9b3585aed76707d2625de
Certificate serial:       01977DFA81F2B6D4B822151F266A2A76F9AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
Manifest number:          1593
Signing time:             Tue 17 Jun 2025 13:00:58 +0000
Manifest this update:     Tue 17 Jun 2025 13:00:58 +0000
Manifest next update:     Wed 18 Jun 2025 13:00:58 +0000
Files and hashes:         1: jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl (hash: rcZ79PgZEdFAymBYqcEa62oh5Xx2NiEqILbP3qII4+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7d:fa:81:f2:b6:d4:b8:22:15:1f:26:6a:2a:76:f9:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c5002f639e81958d0f9b3585aed76707d2625de
        Validity
            Not Before: Jun 17 13:00:58 2025 GMT
            Not After : Jun 18 13:00:58 2025 GMT
        Subject: CN=1e2fe2fbc73d40ae2dc6f672de8038d16c5d9c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:8e:f0:75:bd:52:9e:49:9e:f1:85:42:dc:1e:
                    7c:bd:21:96:00:2e:e5:8c:9a:2d:e3:01:ac:8e:d4:
                    17:de:87:0a:f6:15:41:ad:cf:98:99:22:c5:22:88:
                    4e:b1:9e:6c:9a:92:cb:a1:c4:00:87:88:1c:30:f1:
                    c3:fe:7a:8a:f0:2b:6d:36:03:b7:c8:c2:b6:74:94:
                    4e:81:79:ea:77:ae:ee:bb:a7:4a:9e:14:8a:09:f4:
                    17:44:93:11:39:86:6b:7c:12:47:32:4b:92:25:42:
                    d3:46:30:b4:55:da:56:e5:89:e0:db:37:5e:49:50:
                    4d:ab:ba:4d:04:55:7c:72:84:5a:6f:77:6f:a6:7f:
                    8f:7a:1d:f1:aa:c9:93:ab:f4:e7:f7:25:76:58:dc:
                    44:9a:49:f3:e1:4b:86:f9:a9:28:95:ff:e7:44:a2:
                    24:cf:f8:a2:05:24:9c:40:a7:ee:80:b3:45:2d:b1:
                    6d:38:c9:fa:f7:d1:17:04:a4:59:42:19:b8:90:cd:
                    3d:4d:e4:fe:91:3c:94:59:93:51:11:67:fb:ac:91:
                    a5:23:f4:6a:d4:f3:50:45:f8:a8:81:11:08:d7:55:
                    aa:56:a4:7b:7c:54:b2:53:e0:24:5b:bd:55:a9:20:
                    98:1b:81:04:32:c8:22:60:12:37:27:dc:62:84:b0:
                    fc:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2F:E2:FB:C7:3D:40:AE:2D:C6:F6:72:DE:80:38:D1:6C:5D:9C:31
            X509v3 Authority Key Identifier:
                keyid:8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:5e:ce:a5:ad:c0:94:7f:9a:2b:c4:06:6f:58:14:0b:ea:84:
         50:56:c8:d1:0d:b3:94:4c:b4:67:1f:99:a8:ba:cd:a4:b3:84:
         3d:c7:aa:80:cd:16:1b:3f:7a:6b:c9:70:08:cd:84:d1:ed:5a:
         88:49:f2:a2:b0:0f:4d:65:85:01:54:c6:e7:2e:d3:86:e0:7a:
         bc:9b:31:10:e2:4c:0d:a8:47:b9:79:2e:62:16:ef:4e:0d:9b:
         6d:19:84:ed:cf:1e:d9:b4:a9:29:37:f0:52:21:ec:45:3b:51:
         91:83:12:2b:01:13:61:94:2f:fd:07:d6:77:5d:bc:c5:fc:62:
         66:95:f2:ae:22:c4:f5:97:0f:c9:31:fc:8f:5e:ce:c9:68:5a:
         b3:9b:e0:06:40:e9:91:f6:df:cc:d5:f5:21:2f:5f:42:e4:5c:
         34:fe:0c:93:b3:71:3c:c3:37:f0:f8:d9:8e:d0:92:ea:35:12:
         29:1d:c4:46:b7:fc:22:91:6b:39:51:28:7e:b0:4b:c2:7e:36:
         b6:25:bd:63:3a:18:e9:ca:f3:4a:bf:2e:4b:58:eb:1d:22:04:
         cd:24:13:83:8e:52:e9:cc:84:bb:e5:c7:1c:29:29:0a:a1:37:
         e2:3c:e4:c4:a6:e8:5e:4c:fa:8e:3a:40:39:0b:72:d1:45:41:
         ab:c1:23:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd9+oHyttS4IhUfJmoqdvmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTAwMmY2MzllODE5NThkMGY5YjM1ODVhZWQ3NjcwN2Qy
NjI1ZGUwHhcNMjUwNjE3MTMwMDU4WhcNMjUwNjE4MTMwMDU4WjAzMTEwLwYDVQQD
EygxZTJmZTJmYmM3M2Q0MGFlMmRjNmY2NzJkZTgwMzhkMTZjNWQ5YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Y7wdb1Snkme8YVC3B58vSGWAC7l
jJot4wGsjtQX3ocK9hVBrc+YmSLFIohOsZ5smpLLocQAh4gcMPHD/nqK8CttNgO3
yMK2dJROgXnqd67uu6dKnhSKCfQXRJMROYZrfBJHMkuSJULTRjC0VdpW5Yng2zde
SVBNq7pNBFV8coRab3dvpn+Peh3xqsmTq/Tn9yV2WNxEmknz4UuG+akolf/nRKIk
z/iiBSScQKfugLNFLbFtOMn699EXBKRZQhm4kM09TeT+kTyUWZNREWf7rJGlI/Rq
1PNQRfiogREI11WqVqR7fFSyU+AkW71VqSCYG4EEMsgiYBI3J9xihLD8wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4v4vvHPUCuLcb2ct6AONFsXZwxMB8GA1UdIwQY
MBaAFIxQAvY56BlY0PmzWFrtdnB9JiXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYt
NmYwNjE5MTQ0NGFjLzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYtNmYwNjE5MTQ0NGFj
LzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApF7Opa3A
lH+aK8QGb1gUC+qEUFbI0Q2zlEy0Zx+ZqLrNpLOEPceqgM0WGz96a8lwCM2E0e1a
iEnyorAPTWWFAVTG5y7ThuB6vJsxEOJMDahHuXkuYhbvTg2bbRmE7c8e2bSpKTfw
UiHsRTtRkYMSKwETYZQv/QfWd128xfxiZpXyriLE9ZcPyTH8j17OyWhas5vgBkDp
kfbfzNX1IS9fQuRcNP4Mk7NxPMM38PjZjtCS6jUSKR3ERrf8IpFrOVEofrBLwn42
tiW9YzoY6crzSr8uS1jrHSIEzSQTg45S6cyEu+XHHCkpCqE34jzkxKboXkz6jjpA
OQty0UVBq8EjGg==
-----END CERTIFICATE-----