Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
File:                     jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft (raw, json)
Hash identifier:          E21DAxOBa+7G8lURoRht5Nm8XRfaejc7yfVypqDXWQY=
Subject key identifier:   59:17:4A:FF:CC:6F:75:4A:C4:F7:FD:54:D6:0E:4B:8B:02:AC:64:62
Authority key identifier: 8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE
Certificate issuer:       /CN=8c5002f639e81958d0f9b3585aed76707d2625de
Certificate serial:       019675679BFD87B14DFD30DF309A608BF624
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
Manifest number:          150A
Signing time:             Sun 27 Apr 2025 04:00:46 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:46 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:46 +0000
Files and hashes:         1: jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl (hash: /zlZqfjEpj+khrX9iD4q7goop2PVEkJZCjanRQQjLUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:9b:fd:87:b1:4d:fd:30:df:30:9a:60:8b:f6:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c5002f639e81958d0f9b3585aed76707d2625de
        Validity
            Not Before: Apr 27 04:00:46 2025 GMT
            Not After : Apr 28 04:00:46 2025 GMT
        Subject: CN=59174affcc6f754ac4f7fd54d60e4b8b02ac6462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f1:7d:69:c6:87:dc:b9:db:43:79:b7:8b:80:
                    42:96:4e:38:31:26:3c:b1:87:0e:58:a5:e8:5f:cf:
                    88:38:3d:6f:cc:d6:ec:81:ee:9a:ed:bf:66:f1:57:
                    b7:28:c7:c0:bf:58:f8:4d:fc:36:6a:05:89:11:a4:
                    2c:6f:65:a0:2c:38:c2:76:0f:6d:e2:74:c6:ff:78:
                    27:3f:37:2d:c0:9a:61:db:cc:ac:f1:f0:af:a5:de:
                    ce:4a:d0:05:d7:24:f6:e7:4d:f3:b7:02:4c:bd:4a:
                    e2:9c:d0:88:85:6f:fa:7b:3a:ac:0b:83:3c:a8:9b:
                    75:c6:84:cd:3f:02:7b:59:ca:d8:b6:38:48:8c:35:
                    57:62:a0:e6:41:a7:c7:ae:25:fb:9d:d8:89:9d:86:
                    30:42:de:52:1a:77:cb:fa:8c:8a:43:6b:7a:be:ce:
                    36:58:e3:3a:e0:2c:52:77:e0:6b:b5:d2:4f:c2:3b:
                    3e:6a:96:29:31:17:66:29:8c:14:27:b0:ee:f8:5c:
                    7e:0b:6b:ec:03:0e:22:e0:d0:30:d5:c4:60:fe:3e:
                    aa:56:8a:2a:29:95:f8:66:52:52:65:b3:eb:72:67:
                    f9:c9:b9:e8:49:e9:b6:20:ec:45:e4:a0:db:ec:f0:
                    fe:6b:8d:75:25:03:33:40:67:0b:68:fb:b1:90:c1:
                    5c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:17:4A:FF:CC:6F:75:4A:C4:F7:FD:54:D6:0E:4B:8B:02:AC:64:62
            X509v3 Authority Key Identifier:
                keyid:8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ba:4d:28:fa:b5:4b:8b:3f:02:62:4f:8c:d5:ba:b6:1f:c7:
         a8:b1:45:f0:11:1c:9a:91:7f:a4:57:9e:36:8e:0f:99:3a:8d:
         13:4e:7b:71:46:97:96:39:44:2a:f6:63:08:e2:39:19:2b:76:
         55:f3:13:6d:a7:ed:86:99:40:53:92:42:d4:1b:35:b4:5f:78:
         b5:49:f6:46:31:b6:91:9a:1d:57:26:93:da:31:6d:08:fd:25:
         68:3a:07:44:1d:1d:7a:a3:8d:37:13:92:82:7b:ef:39:0b:bd:
         54:ad:47:d3:63:53:7a:bb:ff:4d:cc:65:e4:8c:93:7f:a3:85:
         21:dc:ec:f9:f7:3e:01:5c:f3:a0:92:ae:67:6c:f8:c4:27:e9:
         0c:b1:72:45:73:35:3d:95:1d:88:e4:e3:fb:ac:c1:21:ed:8a:
         b2:7a:71:b8:32:74:89:ab:b4:57:76:4a:9e:e3:ec:e2:d9:50:
         85:97:d2:1e:a3:7c:e6:29:f0:ca:62:62:df:48:a4:d8:b8:31:
         76:41:ca:2e:19:23:dd:2e:b5:0c:fb:02:00:c7:3f:bb:4e:51:
         ea:f8:20:59:68:d3:a2:9a:00:7a:b6:c5:b5:7e:1d:d2:39:eb:
         27:6d:d3:fd:20:b3:e2:89:56:be:6d:98:6d:8c:9a:87:42:94:
         0e:ce:9f:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z5v9h7FN/TDfMJpgi/YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTAwMmY2MzllODE5NThkMGY5YjM1ODVhZWQ3NjcwN2Qy
NjI1ZGUwHhcNMjUwNDI3MDQwMDQ2WhcNMjUwNDI4MDQwMDQ2WjAzMTEwLwYDVQQD
Eyg1OTE3NGFmZmNjNmY3NTRhYzRmN2ZkNTRkNjBlNGI4YjAyYWM2NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfF9acaH3LnbQ3m3i4BClk44MSY8
sYcOWKXoX8+IOD1vzNbsge6a7b9m8Ve3KMfAv1j4Tfw2agWJEaQsb2WgLDjCdg9t
4nTG/3gnPzctwJph28ys8fCvpd7OStAF1yT2503ztwJMvUrinNCIhW/6ezqsC4M8
qJt1xoTNPwJ7WcrYtjhIjDVXYqDmQafHriX7ndiJnYYwQt5SGnfL+oyKQ2t6vs42
WOM64CxSd+BrtdJPwjs+apYpMRdmKYwUJ7Du+Fx+C2vsAw4i4NAw1cRg/j6qVooq
KZX4ZlJSZbPrcmf5ybnoSem2IOxF5KDb7PD+a411JQMzQGcLaPuxkMFcGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkXSv/Mb3VKxPf9VNYOS4sCrGRiMB8GA1UdIwQY
MBaAFIxQAvY56BlY0PmzWFrtdnB9JiXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYt
NmYwNjE5MTQ0NGFjLzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYtNmYwNjE5MTQ0NGFj
LzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLpNKPq1
S4s/AmJPjNW6th/HqLFF8BEcmpF/pFeeNo4PmTqNE057cUaXljlEKvZjCOI5GSt2
VfMTbafthplAU5JC1Bs1tF94tUn2RjG2kZodVyaT2jFtCP0laDoHRB0deqONNxOS
gnvvOQu9VK1H02NTerv/Tcxl5IyTf6OFIdzs+fc+AVzzoJKuZ2z4xCfpDLFyRXM1
PZUdiOTj+6zBIe2KsnpxuDJ0iau0V3ZKnuPs4tlQhZfSHqN85inwymJi30ik2Lgx
dkHKLhkj3S61DPsCAMc/u05R6vggWWjTopoAerbFtX4d0jnrJ23T/SCz4olWvm2Y
bYyah0KUDs6fQQ==
-----END CERTIFICATE-----