Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          bG7ixz0cLi6I2G0r2QjzK53pUKazLD+KvC6/hfuGHeQ=
Subject key identifier:   85:BD:14:4D:2F:21:1B:14:C2:38:9D:D9:05:64:8A:16:86:34:4D:19
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       0196C98483D14677DEDB8DCAB413979AA3C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          04D4
Signing time:             Tue 13 May 2025 12:00:26 +0000
Manifest this update:     Tue 13 May 2025 12:00:26 +0000
Manifest next update:     Wed 14 May 2025 12:00:26 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: buIjFH0c1rnOlMyz29Jx+OBwjpGi4QbSaMmqKRCGZXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 12:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:84:83:d1:46:77:de:db:8d:ca:b4:13:97:9a:a3:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: May 13 12:00:26 2025 GMT
            Not After : May 14 12:00:26 2025 GMT
        Subject: CN=85bd144d2f211b14c2389dd905648a1686344d19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ec:61:30:b6:f8:6b:2b:83:dc:5f:f0:ea:bc:
                    72:8e:4d:c6:b5:8c:04:4e:d0:e9:16:90:0e:15:bc:
                    75:52:f5:f3:2f:df:85:e1:e5:f8:de:78:2a:54:97:
                    ec:5b:a9:22:10:6e:06:55:68:95:29:10:3c:e4:fa:
                    5f:db:b4:3f:ce:60:1b:1c:2a:50:65:a7:9d:77:10:
                    e1:47:ee:d8:f6:58:86:d6:e2:63:81:86:35:3a:12:
                    cd:d1:54:39:e0:4d:a7:66:98:ca:74:57:5f:01:f5:
                    e8:de:84:86:83:1a:58:c5:13:13:66:49:79:8b:94:
                    db:9c:b1:bd:c1:67:bb:23:71:0a:f0:2f:a5:f4:d8:
                    df:24:14:d6:4a:80:36:7f:97:ca:63:26:f5:bd:e6:
                    3b:b6:70:da:c0:a1:9c:9b:24:c2:d7:87:ef:63:7c:
                    0b:3f:a9:ea:fe:54:09:c5:2d:b0:d8:0c:c8:9f:35:
                    96:db:7e:70:8f:e7:e1:87:3a:01:01:d9:53:c2:26:
                    84:65:c1:8d:11:51:70:fe:1c:3b:94:a4:33:87:03:
                    76:70:92:42:98:ec:ec:f0:d4:58:dd:ed:d9:58:27:
                    87:cc:61:4a:6f:d5:4a:94:7a:c0:88:8c:6f:c8:1b:
                    88:d5:f3:aa:8a:ff:19:a3:88:b3:88:02:12:cc:ad:
                    68:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:BD:14:4D:2F:21:1B:14:C2:38:9D:D9:05:64:8A:16:86:34:4D:19
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:cf:e7:73:4a:fe:b1:d5:a2:9e:ed:8c:fd:81:60:ba:dc:90:
         fd:d7:f1:16:6f:a7:4b:b2:a2:9f:2e:03:2f:d0:ec:87:e3:a5:
         10:1e:7f:11:35:c6:23:a0:b6:cd:1a:ae:fd:31:b7:38:75:a4:
         b4:33:09:3f:86:6b:75:61:1f:3b:6f:f7:fb:84:ed:db:92:d7:
         ef:2f:a5:4c:d6:f9:8f:61:5a:15:3a:91:a7:37:c1:ad:a9:45:
         a4:c5:01:d1:15:b7:b6:16:df:1b:a3:dd:f3:59:ba:d5:50:70:
         8a:c5:da:86:41:5f:29:fc:1f:01:d4:e5:fc:92:03:78:ad:aa:
         38:00:b1:13:57:62:1e:a2:13:32:20:40:70:9b:e3:b9:e6:de:
         5d:a8:a6:21:09:9f:92:97:c2:85:3c:9a:39:e7:07:cc:1e:44:
         05:94:9d:bc:f2:88:36:c2:4c:a3:ef:05:04:ed:a8:f5:fd:c0:
         9e:f3:74:b1:87:42:50:46:ae:31:16:7b:be:12:36:1e:03:dc:
         6b:1d:c0:7f:b7:f8:fa:ee:91:be:08:d9:9e:4b:8a:bf:d7:89:
         68:e2:cc:b0:7a:96:e9:c4:eb:a8:ba:ef:b7:fc:e5:39:bd:f3:
         9f:08:3e:bf:f6:90:b5:2d:ef:40:0b:98:4e:68:39:56:1b:39:
         8e:3a:b8:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJhIPRRnfe243KtBOXmqPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUwNTEzMTIwMDI2WhcNMjUwNTE0MTIwMDI2WjAzMTEwLwYDVQQD
Eyg4NWJkMTQ0ZDJmMjExYjE0YzIzODlkZDkwNTY0OGExNjg2MzQ0ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+xhMLb4ayuD3F/w6rxyjk3GtYwE
TtDpFpAOFbx1UvXzL9+F4eX43ngqVJfsW6kiEG4GVWiVKRA85Ppf27Q/zmAbHCpQ
ZaeddxDhR+7Y9liG1uJjgYY1OhLN0VQ54E2nZpjKdFdfAfXo3oSGgxpYxRMTZkl5
i5TbnLG9wWe7I3EK8C+l9NjfJBTWSoA2f5fKYyb1veY7tnDawKGcmyTC14fvY3wL
P6nq/lQJxS2w2AzInzWW235wj+fhhzoBAdlTwiaEZcGNEVFw/hw7lKQzhwN2cJJC
mOzs8NRY3e3ZWCeHzGFKb9VKlHrAiIxvyBuI1fOqiv8Zo4iziAISzK1oqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIW9FE0vIRsUwjid2QVkihaGNE0ZMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhs/nc0r+
sdWinu2M/YFgutyQ/dfxFm+nS7Kiny4DL9Dsh+OlEB5/ETXGI6C2zRqu/TG3OHWk
tDMJP4ZrdWEfO2/3+4Tt25LX7y+lTNb5j2FaFTqRpzfBralFpMUB0RW3thbfG6Pd
81m61VBwisXahkFfKfwfAdTl/JIDeK2qOACxE1diHqITMiBAcJvjuebeXaimIQmf
kpfChTyaOecHzB5EBZSdvPKINsJMo+8FBO2o9f3AnvN0sYdCUEauMRZ7vhI2HgPc
ax3Af7f4+u6RvgjZnkuKv9eJaOLMsHqW6cTrqLrvt/zlOb3znwg+v/aQtS3vQAuY
Tmg5Vhs5jjq4+Q==
-----END CERTIFICATE-----