Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
File:                     jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft (raw, json)
Hash identifier:          2+jIVKVy+2piBFpyHN8Ga9ZMAYi+SHpgHOkVxCExfvk=
Subject key identifier:   43:91:D6:A3:9A:48:03:D5:D3:A8:9C:EC:0B:E3:D7:76:2D:13:73:0C
Authority key identifier: 8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F
Certificate issuer:       /CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
Certificate serial:       0196BE254FD205B4EEBCA6FD1537AE9CBD9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
Manifest number:          036B
Signing time:             Sun 11 May 2025 07:00:38 +0000
Manifest this update:     Sun 11 May 2025 07:00:38 +0000
Manifest next update:     Mon 12 May 2025 07:00:38 +0000
Files and hashes:         1: jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl (hash: L0D9gWt6CH0uszMmHrOy9IVFhydUfuVE8RiH5K4X1Gc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:25:4f:d2:05:b4:ee:bc:a6:fd:15:37:ae:9c:bd:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
        Validity
            Not Before: May 11 07:00:38 2025 GMT
            Not After : May 12 07:00:38 2025 GMT
        Subject: CN=4391d6a39a4803d5d3a89cec0be3d7762d13730c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fb:5c:b8:ce:f7:2c:f1:13:70:37:20:0a:83:
                    5e:e1:b5:6d:62:59:ae:5c:0e:63:ff:c8:38:e0:e4:
                    e5:e9:3c:ca:3a:e0:b9:65:6d:29:4d:c3:9d:41:3f:
                    73:e6:3e:9e:29:b0:f0:fd:fa:67:61:90:3c:a7:59:
                    e1:88:91:b2:25:8e:8d:09:81:d4:e0:7e:c9:50:cd:
                    69:fa:66:11:9c:f4:6c:9c:b3:e4:cb:67:a7:64:58:
                    de:b3:8c:63:c4:ce:bc:19:46:fe:0c:08:20:17:06:
                    6d:4d:5f:8d:cf:4f:e0:3a:98:c7:22:63:fe:d2:dc:
                    45:4f:20:67:6f:a5:d2:23:6f:a1:4a:8d:52:32:f1:
                    08:85:72:5d:a2:82:b1:0a:b0:b9:36:38:b7:bb:b7:
                    20:28:b1:12:47:16:0b:fb:96:50:09:19:44:67:26:
                    bd:b8:29:f2:fa:61:0b:67:9b:6a:35:ee:dc:17:f1:
                    d5:57:6c:6b:14:08:f6:78:55:17:63:3e:b8:69:23:
                    5c:ea:da:1f:68:12:8c:a0:cb:ea:43:d4:c5:41:e6:
                    b6:ff:bc:67:16:5c:4b:ff:09:24:4e:27:6f:5c:38:
                    6a:8e:c1:c9:bc:4e:39:d0:78:b0:97:4d:39:ed:f3:
                    4d:26:47:c2:50:b4:7c:23:22:30:12:de:31:18:19:
                    c8:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:91:D6:A3:9A:48:03:D5:D3:A8:9C:EC:0B:E3:D7:76:2D:13:73:0C
            X509v3 Authority Key Identifier:
                keyid:8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:96:42:d9:fb:8e:c1:2f:dd:6a:d8:63:97:98:43:19:14:bb:
         49:72:de:42:34:4c:71:bc:8c:7d:59:39:f1:95:2d:71:80:3d:
         a2:dd:5d:58:4f:39:1e:3b:a1:28:21:05:0d:04:94:08:1a:65:
         c6:de:32:6b:c3:78:b2:b4:1a:28:d4:3e:9d:a3:80:e4:28:2c:
         df:0c:46:c5:09:b4:bb:0f:0d:a6:1e:45:8c:29:f0:99:21:e9:
         a5:7f:7b:62:ae:99:2f:1a:69:9f:b1:53:bc:d9:d8:c8:39:73:
         61:01:d7:38:bc:e9:29:33:14:c0:60:90:6c:be:7e:13:c7:65:
         c3:b5:e1:98:a1:cd:ec:da:25:60:03:c9:e3:74:83:ce:c6:b3:
         7f:89:4d:bc:56:d6:e7:e9:96:b8:43:c9:74:b2:e8:94:38:33:
         83:2f:bb:7e:f2:1d:62:ca:bf:44:56:8a:59:40:8b:b5:82:53:
         1e:76:4c:0f:bf:fd:ab:bd:5b:9c:d8:bb:8f:44:bb:aa:15:00:
         d9:7e:d0:2e:0c:2d:aa:49:dc:e5:37:c4:05:2c:15:4c:93:1d:
         9a:34:d6:e3:55:cf:0f:2f:ce:b9:9d:f5:c8:e2:a0:1a:46:94:
         13:0b:37:40:aa:0b:5c:a0:e1:86:a9:57:28:4f:54:df:70:19:
         27:ee:1d:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JU/SBbTuvKb9FTeunL2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkOWMwN2U3ZThkZTg1OGIyZTY4MTNkMDBmOWIzOTkyZGY1
MzgyN2YwHhcNMjUwNTExMDcwMDM4WhcNMjUwNTEyMDcwMDM4WjAzMTEwLwYDVQQD
Eyg0MzkxZDZhMzlhNDgwM2Q1ZDNhODljZWMwYmUzZDc3NjJkMTM3MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPtcuM73LPETcDcgCoNe4bVtYlmu
XA5j/8g44OTl6TzKOuC5ZW0pTcOdQT9z5j6eKbDw/fpnYZA8p1nhiJGyJY6NCYHU
4H7JUM1p+mYRnPRsnLPky2enZFjes4xjxM68GUb+DAggFwZtTV+Nz0/gOpjHImP+
0txFTyBnb6XSI2+hSo1SMvEIhXJdooKxCrC5Nji3u7cgKLESRxYL+5ZQCRlEZya9
uCny+mELZ5tqNe7cF/HVV2xrFAj2eFUXYz64aSNc6tofaBKMoMvqQ9TFQea2/7xn
FlxL/wkkTidvXDhqjsHJvE450Hiwl0057fNNJkfCULR8IyIwEt4xGBnIkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOR1qOaSAPV06ic7Avj13YtE3MMMB8GA1UdIwQY
MBaAFI2cB+fo3oWLLmgT0A+bOZLfU4J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lMTRlMmEtYTBlYS00M2Q5LWIwNWYt
ZjM2M2M1MTM4NzAyLzEvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lMTRlMmEtYTBlYS00M2Q5LWIwNWYtZjM2M2M1MTM4NzAy
LzEvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5ZC2fuO
wS/dathjl5hDGRS7SXLeQjRMcbyMfVk58ZUtcYA9ot1dWE85HjuhKCEFDQSUCBpl
xt4ya8N4srQaKNQ+naOA5Cgs3wxGxQm0uw8Nph5FjCnwmSHppX97Yq6ZLxppn7FT
vNnYyDlzYQHXOLzpKTMUwGCQbL5+E8dlw7XhmKHN7NolYAPJ43SDzsazf4lNvFbW
5+mWuEPJdLLolDgzgy+7fvIdYsq/RFaKWUCLtYJTHnZMD7/9q71bnNi7j0S7qhUA
2X7QLgwtqknc5TfEBSwVTJMdmjTW41XPDy/OuZ31yOKgGkaUEws3QKoLXKDhhqlX
KE9U33AZJ+4d0g==
-----END CERTIFICATE-----