Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          4EcuJPirqPMIalKNRh28+u4rEDZiRpIhUkf+p07oK+s=
Subject key identifier:   20:3A:12:47:DC:08:7E:83:EF:E3:49:2F:7C:44:01:11:39:DE:00:98
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       0196C014278E57E10B6DFEBF91DBEAC5B2DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          05AE
Signing time:             Sun 11 May 2025 16:01:08 +0000
Manifest this update:     Sun 11 May 2025 16:01:08 +0000
Manifest next update:     Mon 12 May 2025 16:01:08 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: NFKNLaOvsKTodZHeinJfH62kmKIHqmsCGPKiPxv1umg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:14:27:8e:57:e1:0b:6d:fe:bf:91:db:ea:c5:b2:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: May 11 16:01:08 2025 GMT
            Not After : May 12 16:01:08 2025 GMT
        Subject: CN=203a1247dc087e83efe3492f7c44011139de0098
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ec:9e:4f:63:50:de:8f:f3:d5:2d:99:08:b2:
                    7c:bc:73:2e:7c:27:42:8d:cc:7f:0e:d5:7a:8b:63:
                    3d:49:95:db:c7:e4:3c:d2:98:4c:f8:4f:af:50:b9:
                    fe:e1:8c:cb:12:4d:32:50:a0:20:7f:53:0e:a3:9f:
                    ca:f5:f6:d4:9e:ac:1e:19:7d:36:e6:bf:84:99:d5:
                    9d:44:5c:03:8b:eb:4e:13:60:55:52:db:ca:5b:0b:
                    c0:75:40:7c:e5:6a:24:79:b2:ee:89:e4:98:0d:a2:
                    2c:02:7d:0f:b1:81:25:3b:31:ac:54:8d:72:5e:24:
                    df:07:06:51:46:d1:91:c0:6c:88:37:11:b2:d4:73:
                    e0:a3:9e:56:fe:7a:e3:1f:3d:ff:04:3e:d2:dd:ca:
                    9a:8d:14:72:f2:0f:56:84:b5:25:74:44:7e:48:85:
                    78:f3:61:68:6d:02:f1:97:1f:8a:61:09:8e:8b:01:
                    57:03:9d:83:1a:6d:0c:5b:5e:78:48:d5:9a:9f:59:
                    e4:5c:3a:12:da:19:ff:f8:2e:91:8e:07:dd:0a:3b:
                    99:fc:db:32:8c:3f:d2:2e:d7:f0:9c:07:d0:33:b1:
                    de:24:3c:8b:de:ad:a8:af:9c:dc:5f:4d:c6:e2:6c:
                    b7:94:c6:6c:e9:37:57:74:b3:a0:da:ad:35:bf:93:
                    b0:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:3A:12:47:DC:08:7E:83:EF:E3:49:2F:7C:44:01:11:39:DE:00:98
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:f7:4d:65:b8:4a:47:46:9d:59:f8:1b:0a:0e:70:75:68:13:
         0a:1a:70:ba:94:a1:95:f7:81:6d:af:cf:da:fd:bf:28:1f:ba:
         97:df:80:86:3e:21:42:c3:42:73:8a:d2:c1:74:87:09:04:03:
         74:12:3c:10:96:61:c9:b7:e6:ce:39:eb:d0:a8:29:76:b3:5e:
         b9:e5:aa:e8:b0:03:25:06:36:2d:21:21:55:bf:a1:d1:ae:74:
         5f:a3:ac:b9:ac:b0:50:e5:1d:1d:94:bc:b9:67:9c:ee:cd:e8:
         3a:32:0a:9a:9a:c8:ba:8d:8a:c6:ae:2c:b3:8b:62:53:c4:35:
         6b:6c:91:1f:ff:1f:8b:f0:e7:57:e2:0c:95:47:bd:56:49:82:
         39:55:7c:70:9d:35:6a:e9:a6:55:a3:ea:17:b2:6d:46:f3:00:
         05:90:b3:97:a7:d7:06:ba:62:62:af:4d:29:f6:bb:55:44:73:
         90:cc:4d:16:0b:01:60:53:c0:ea:84:de:8e:b4:ff:92:d3:04:
         2b:cf:13:38:4a:9c:26:28:d0:61:44:3c:ae:b2:66:19:78:7a:
         ae:0d:b8:c0:88:4d:0f:c2:2a:e3:70:1e:38:8d:96:26:ab:42:
         52:bf:8a:bd:f6:ab:bb:88:d7:22:d0:b8:96:35:4f:77:2f:ce:
         3f:a7:b0:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAFCeOV+ELbf6/kdvqxbLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjUwNTExMTYwMTA4WhcNMjUwNTEyMTYwMTA4WjAzMTEwLwYDVQQD
EygyMDNhMTI0N2RjMDg3ZTgzZWZlMzQ5MmY3YzQ0MDExMTM5ZGUwMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOyeT2NQ3o/z1S2ZCLJ8vHMufCdC
jcx/DtV6i2M9SZXbx+Q80phM+E+vULn+4YzLEk0yUKAgf1MOo5/K9fbUnqweGX02
5r+EmdWdRFwDi+tOE2BVUtvKWwvAdUB85WokebLuieSYDaIsAn0PsYElOzGsVI1y
XiTfBwZRRtGRwGyINxGy1HPgo55W/nrjHz3/BD7S3cqajRRy8g9WhLUldER+SIV4
82FobQLxlx+KYQmOiwFXA52DGm0MW154SNWan1nkXDoS2hn/+C6RjgfdCjuZ/Nsy
jD/SLtfwnAfQM7HeJDyL3q2or5zcX03G4my3lMZs6TdXdLOg2q01v5OwVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA6EkfcCH6D7+NJL3xEARE53gCYMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfdNZbhK
R0adWfgbCg5wdWgTChpwupShlfeBba/P2v2/KB+6l9+Ahj4hQsNCc4rSwXSHCQQD
dBI8EJZhybfmzjnr0KgpdrNeueWq6LADJQY2LSEhVb+h0a50X6OsuaywUOUdHZS8
uWec7s3oOjIKmprIuo2Kxq4ss4tiU8Q1a2yRH/8fi/DnV+IMlUe9VkmCOVV8cJ01
aummVaPqF7JtRvMABZCzl6fXBrpiYq9NKfa7VURzkMxNFgsBYFPA6oTejrT/ktME
K88TOEqcJijQYUQ8rrJmGXh6rg24wIhND8Iq43AeOI2WJqtCUr+Kvfaru4jXItC4
ljVPdy/OP6ewTA==
-----END CERTIFICATE-----