Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
File:                     JCsEwxmbHrlpPUMg9702HtYXBTA.mft (raw, json)
Hash identifier:          gDPwSV4CR6rxWqxk92RiQKJuTipY7TDETxXUirjESlo=
Subject key identifier:   26:51:B4:D5:A9:60:69:6A:4C:CC:8F:83:B8:7B:D3:9A:47:04:CE:03
Authority key identifier: 24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30
Certificate issuer:       /CN=242b04c3199b1eb9693d4320f7bd361ed6170530
Certificate serial:       0198D66097DA148EEC1FE3DC0ABBEF138514
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:51 +0000
Files and hashes:         1: JCsEwxmbHrlpPUMg9702HtYXBTA.crl (hash: 4WLwcBmqUfV8cuS2dOkYAZ/aajbl1hoAvwSWvZ4d5uk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:97:da:14:8e:ec:1f:e3:dc:0a:bb:ef:13:85:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=242b04c3199b1eb9693d4320f7bd361ed6170530
        Validity
            Not Before: Aug 23 10:01:51 2025 GMT
            Not After : Aug 24 10:01:51 2025 GMT
        Subject: CN=2651b4d5a960696a4ccc8f83b87bd39a4704ce03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a2:ec:1e:99:bf:e0:8e:0b:4a:75:44:11:03:
                    fc:07:44:61:1e:f6:07:c4:5e:a1:f1:6e:32:32:84:
                    31:5c:f9:fe:ba:20:9c:76:3f:0a:10:80:51:c8:77:
                    06:24:ed:0a:df:c5:33:8a:d3:79:db:e8:2e:05:3a:
                    d8:ed:3c:0c:04:6f:c4:29:a6:37:33:d4:13:dd:c9:
                    3a:1e:d6:d1:df:ef:fe:b2:bb:1f:45:64:d0:98:0a:
                    48:e4:6c:a3:36:2a:6a:65:6b:f0:75:8d:8b:23:c7:
                    77:d0:8c:a7:45:5a:34:37:8b:ed:40:43:09:42:64:
                    7e:de:58:9d:d7:f0:53:df:ab:7e:39:0b:66:65:3d:
                    6f:da:02:71:e8:8c:92:3d:d3:fc:9c:5c:03:ff:b4:
                    c4:5b:0a:6e:6a:5a:c4:ae:38:78:25:ec:e6:3b:85:
                    4a:83:df:da:12:34:31:2d:9d:d3:5d:02:f5:f3:43:
                    af:e7:d4:a0:6c:d0:c0:36:73:fa:be:1e:da:da:35:
                    25:a6:07:b7:b4:89:22:44:31:1b:c2:fb:f3:c0:aa:
                    60:68:1f:1a:88:9a:91:94:1b:6f:36:53:23:a8:2f:
                    46:83:5b:c4:28:fc:c3:ba:cf:c1:5c:61:5e:f8:56:
                    3f:5b:4e:24:c6:8d:2e:d5:d6:4d:07:c5:9c:6a:81:
                    dd:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:51:B4:D5:A9:60:69:6A:4C:CC:8F:83:B8:7B:D3:9A:47:04:CE:03
            X509v3 Authority Key Identifier:
                keyid:24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:ae:04:cf:b5:83:72:c4:b3:a4:d0:7d:1a:dc:b9:79:cd:4e:
         62:75:57:ac:53:1f:cf:29:cd:11:87:3f:c9:01:5c:cd:53:47:
         ae:66:b6:ab:26:2d:36:b7:3f:3f:ca:b5:ca:10:d4:03:cf:94:
         4c:8d:c1:e6:06:f3:f5:e6:c8:67:ad:5f:bb:81:51:7f:c5:de:
         a2:05:2a:0a:86:ba:d4:ea:7e:b8:4a:bb:e3:43:d5:6b:90:49:
         89:8d:8e:5f:d5:75:26:24:13:40:b6:87:86:87:f6:bd:a8:6d:
         e8:86:7f:ac:0d:83:ea:a2:96:f9:c3:ab:f9:09:91:7d:b9:7c:
         19:4a:3d:f8:71:d1:4d:48:3b:91:40:80:e0:64:3f:b3:dc:3c:
         9d:0f:dc:63:2f:8f:c7:06:61:76:1f:93:52:c5:ac:d4:cf:c5:
         ca:39:b5:4c:d1:d8:53:4b:77:36:dc:17:29:15:6c:a3:ba:08:
         c6:b4:21:0d:c9:1b:19:6b:ed:ec:c7:e3:2e:28:a8:81:e9:99:
         ce:57:c3:81:59:38:c3:f3:15:4a:fd:bd:70:50:9b:61:f7:9f:
         2e:f0:41:5c:1a:81:9d:71:df:48:7c:79:2a:32:48:b3:86:21:
         ee:55:91:4d:39:61:8b:f8:68:84:18:7d:3e:35:bb:e5:c2:8d:
         f0:bf:5e:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYJfaFI7sH+PcCrvvE4UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MmIwNGMzMTk5YjFlYjk2OTNkNDMyMGY3YmQzNjFlZDYx
NzA1MzAwHhcNMjUwODIzMTAwMTUxWhcNMjUwODI0MTAwMTUxWjAzMTEwLwYDVQQD
EygyNjUxYjRkNWE5NjA2OTZhNGNjYzhmODNiODdiZDM5YTQ3MDRjZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqLsHpm/4I4LSnVEEQP8B0RhHvYH
xF6h8W4yMoQxXPn+uiCcdj8KEIBRyHcGJO0K38UzitN52+guBTrY7TwMBG/EKaY3
M9QT3ck6HtbR3+/+srsfRWTQmApI5GyjNipqZWvwdY2LI8d30IynRVo0N4vtQEMJ
QmR+3lid1/BT36t+OQtmZT1v2gJx6IySPdP8nFwD/7TEWwpualrErjh4JezmO4VK
g9/aEjQxLZ3TXQL180Ov59SgbNDANnP6vh7a2jUlpge3tIkiRDEbwvvzwKpgaB8a
iJqRlBtvNlMjqC9Gg1vEKPzDus/BXGFe+FY/W04kxo0u1dZNB8WcaoHdbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZRtNWpYGlqTMyPg7h705pHBM4DMB8GA1UdIwQY
MBaAFCQrBMMZmx65aT1DIPe9Nh7WFwUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWIt
NjZiNjdlMjFhODJiLzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWItNjZiNjdlMjFhODJi
LzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOq4Ez7WD
csSzpNB9Gty5ec1OYnVXrFMfzynNEYc/yQFczVNHrma2qyYtNrc/P8q1yhDUA8+U
TI3B5gbz9ebIZ61fu4FRf8XeogUqCoa61Op+uEq740PVa5BJiY2OX9V1JiQTQLaH
hof2vaht6IZ/rA2D6qKW+cOr+QmRfbl8GUo9+HHRTUg7kUCA4GQ/s9w8nQ/cYy+P
xwZhdh+TUsWs1M/Fyjm1TNHYU0t3NtwXKRVso7oIxrQhDckbGWvt7MfjLiiogemZ
zlfDgVk4w/MVSv29cFCbYfefLvBBXBqBnXHfSHx5KjJIs4Yh7lWRTTlhi/hohBh9
PjW75cKN8L9e/w==
-----END CERTIFICATE-----