Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
File:                     JCsEwxmbHrlpPUMg9702HtYXBTA.mft (raw, json)
Hash identifier:          Qfx0im1GfC/ayN0whLqdL+8C/MTRmjonQaM5s7JHZp0=
Subject key identifier:   6C:58:B1:9A:BD:91:DB:8E:3B:23:BE:C3:45:FA:7A:3A:27:8A:2F:91
Authority key identifier: 24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30
Certificate issuer:       /CN=242b04c3199b1eb9693d4320f7bd361ed6170530
Certificate serial:       0197B6A0BC8C298CDEF31A9E2F4918B2F1D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:16 +0000
Files and hashes:         1: JCsEwxmbHrlpPUMg9702HtYXBTA.crl (hash: dLjoHT7+6xhx7cngxmbt0Pfmd1axit6KeXrC3lgyx9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:bc:8c:29:8c:de:f3:1a:9e:2f:49:18:b2:f1:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=242b04c3199b1eb9693d4320f7bd361ed6170530
        Validity
            Not Before: Jun 28 13:01:16 2025 GMT
            Not After : Jun 29 13:01:16 2025 GMT
        Subject: CN=6c58b19abd91db8e3b23bec345fa7a3a278a2f91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0d:e8:54:52:a9:70:fd:fc:18:9a:58:e0:87:
                    f9:49:1a:f0:22:28:13:24:4a:f3:51:c6:f2:a5:96:
                    e6:45:59:d0:c4:30:39:d9:a5:c1:6e:4d:f4:80:38:
                    ee:4b:28:46:dd:f7:68:80:35:f5:d4:89:d9:37:8d:
                    75:13:29:4e:72:09:3e:37:fa:a6:1c:54:13:37:d3:
                    e7:1e:08:ef:7a:34:47:11:fa:f3:43:ba:dc:a3:58:
                    39:0c:c5:6d:6f:85:2f:3e:b8:1b:bc:f1:02:29:45:
                    e1:17:35:38:8d:70:b7:df:ef:75:99:80:67:c7:c0:
                    6a:bc:f5:9a:02:40:45:0b:10:9f:10:41:ae:5c:63:
                    33:64:a1:8e:28:8f:e6:6e:33:1e:bf:a9:a8:2f:68:
                    f2:33:8f:ee:4c:68:51:ac:53:22:91:b5:cd:f3:ff:
                    1b:d0:bb:1c:c4:a2:a0:f5:f0:ab:b4:4f:73:4d:44:
                    32:b1:3f:23:d1:cd:28:bb:a3:1e:d1:05:22:5f:51:
                    bf:ef:56:eb:7f:3a:56:39:ee:3c:c0:0c:dd:0b:07:
                    78:ae:86:e5:95:e5:83:e3:f1:11:09:f9:a1:25:f7:
                    dc:d8:3c:56:d4:fe:3d:ec:09:d1:49:07:0d:a8:ce:
                    d2:95:2f:7e:a9:9a:53:ed:8c:26:18:c2:c6:5b:39:
                    e8:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:58:B1:9A:BD:91:DB:8E:3B:23:BE:C3:45:FA:7A:3A:27:8A:2F:91
            X509v3 Authority Key Identifier:
                keyid:24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:57:e7:91:10:6b:d9:35:3d:08:a8:81:e8:39:64:d4:8e:a1:
         c0:9f:07:bc:34:d0:bd:f1:87:40:76:b9:26:18:2c:92:c9:34:
         dd:02:c7:d3:4f:da:85:d4:c8:23:40:ce:ce:d1:8b:a4:27:1c:
         53:95:3c:e8:b8:45:99:3b:87:36:32:85:88:02:b9:d2:36:43:
         50:a3:15:60:79:83:69:b3:3d:fc:a6:27:33:5d:88:23:71:b3:
         7f:47:3c:57:13:1b:a7:9a:2c:0f:ca:89:70:1f:c7:bf:f6:ec:
         e5:de:f7:e8:e9:03:0c:ce:04:23:ca:e4:cf:d2:67:38:29:81:
         60:e0:84:82:1a:f1:f1:4c:c2:1e:61:3d:22:af:eb:67:4a:04:
         e8:1d:3f:71:06:7a:dc:95:85:38:d0:9c:e8:a1:25:c7:df:49:
         5a:71:66:d7:03:4a:50:33:72:5a:e5:a1:7b:d2:28:49:80:c8:
         2d:21:ce:bd:5d:19:c8:f7:12:e2:5b:dc:46:1e:d1:8d:b2:a6:
         bf:04:0e:31:1d:fa:54:db:58:e1:8f:fa:bc:74:4a:0e:48:98:
         9e:c6:04:34:c0:b2:dd:1e:c5:9a:79:d2:fd:dd:17:14:7a:d6:
         43:0b:0c:5d:0d:5f:b1:35:c0:8d:a8:1a:9d:c0:d4:02:ef:8a:
         cf:b5:27:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oLyMKYze8xqeL0kYsvHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MmIwNGMzMTk5YjFlYjk2OTNkNDMyMGY3YmQzNjFlZDYx
NzA1MzAwHhcNMjUwNjI4MTMwMTE2WhcNMjUwNjI5MTMwMTE2WjAzMTEwLwYDVQQD
Eyg2YzU4YjE5YWJkOTFkYjhlM2IyM2JlYzM0NWZhN2EzYTI3OGEyZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw3oVFKpcP38GJpY4If5SRrwIigT
JErzUcbypZbmRVnQxDA52aXBbk30gDjuSyhG3fdogDX11InZN411EylOcgk+N/qm
HFQTN9PnHgjvejRHEfrzQ7rco1g5DMVtb4UvPrgbvPECKUXhFzU4jXC33+91mYBn
x8BqvPWaAkBFCxCfEEGuXGMzZKGOKI/mbjMev6moL2jyM4/uTGhRrFMikbXN8/8b
0LscxKKg9fCrtE9zTUQysT8j0c0ou6Me0QUiX1G/71brfzpWOe48wAzdCwd4robl
leWD4/ERCfmhJffc2DxW1P497AnRSQcNqM7SlS9+qZpT7YwmGMLGWznoEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxYsZq9kduOOyO+w0X6ejonii+RMB8GA1UdIwQY
MBaAFCQrBMMZmx65aT1DIPe9Nh7WFwUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWIt
NjZiNjdlMjFhODJiLzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWItNjZiNjdlMjFhODJi
LzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFfnkRBr
2TU9CKiB6Dlk1I6hwJ8HvDTQvfGHQHa5Jhgsksk03QLH00/ahdTII0DOztGLpCcc
U5U86LhFmTuHNjKFiAK50jZDUKMVYHmDabM9/KYnM12II3Gzf0c8VxMbp5osD8qJ
cB/Hv/bs5d736OkDDM4EI8rkz9JnOCmBYOCEghrx8UzCHmE9Iq/rZ0oE6B0/cQZ6
3JWFONCc6KElx99JWnFm1wNKUDNyWuWhe9IoSYDILSHOvV0ZyPcS4lvcRh7RjbKm
vwQOMR36VNtY4Y/6vHRKDkiYnsYENMCy3R7FmnnS/d0XFHrWQwsMXQ1fsTXAjaga
ncDUAu+Kz7UnYA==
-----END CERTIFICATE-----