Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          JfDTcDyeL3bzOHaB+7N5KQPdZNx87S8aYCueDknL1LU=
Subject key identifier:   5A:20:9B:BE:F6:F4:A3:FB:B1:EF:F0:B8:43:C7:44:2D:C6:C4:45:F2
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       0196A8B00167BD478E6A1689C2A646BF5CB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          1272
Signing time:             Wed 07 May 2025 03:00:29 +0000
Manifest this update:     Wed 07 May 2025 03:00:29 +0000
Manifest next update:     Thu 08 May 2025 03:00:29 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: wxJklTuvGoKsgg9HLeLdA09sEEj/Y437sBGXiIV7mwI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:b0:01:67:bd:47:8e:6a:16:89:c2:a6:46:bf:5c:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: May  7 03:00:29 2025 GMT
            Not After : May  8 03:00:29 2025 GMT
        Subject: CN=5a209bbef6f4a3fbb1eff0b843c7442dc6c445f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:00:9e:a1:44:83:78:38:0a:d3:6e:5f:18:61:
                    c0:b8:f8:e8:1f:74:a5:bd:10:1a:d8:69:03:79:7b:
                    a8:75:25:1a:17:33:51:da:02:23:74:b7:7e:41:83:
                    9f:66:f8:aa:d4:28:c4:0d:f8:97:87:d3:0f:4d:3f:
                    ab:84:a8:a1:fe:aa:62:d1:92:89:b8:e4:33:2d:52:
                    6a:27:30:d2:9f:91:3c:a5:66:91:2e:21:b0:32:f1:
                    33:35:12:ab:07:a0:27:c3:10:9b:c0:cb:c2:57:a1:
                    f5:5b:40:3e:48:75:62:ad:c9:de:a8:ce:29:52:8b:
                    97:46:71:e7:55:50:d3:26:70:3d:8f:7b:27:86:c5:
                    09:d9:fd:65:ce:83:65:56:ec:0f:36:09:7a:4f:c7:
                    31:73:9e:9d:02:87:52:61:74:83:89:da:ba:38:0a:
                    21:e6:8f:df:ed:3d:b6:0b:48:a4:cb:d0:47:86:65:
                    be:21:6c:48:3e:74:25:92:ca:39:f7:cd:a6:8d:b2:
                    57:28:c6:55:fe:34:ca:ca:aa:f4:b8:5f:c1:e1:f7:
                    7e:bd:f7:9c:06:e7:1b:6c:d8:54:d0:b6:0e:83:50:
                    88:e8:30:5f:82:c0:49:36:ac:fc:a6:31:56:c7:56:
                    b7:e6:7c:e0:2f:e7:df:8f:46:0b:be:d1:13:89:c3:
                    c5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:20:9B:BE:F6:F4:A3:FB:B1:EF:F0:B8:43:C7:44:2D:C6:C4:45:F2
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:f2:a4:16:10:a1:1c:ca:1c:31:8f:02:a2:63:22:1a:97:d6:
         92:cd:e5:9b:c5:56:02:46:27:0e:d9:f3:f3:c3:6d:0a:19:f1:
         f7:c0:84:96:ee:4e:24:a7:82:7e:6a:7a:cf:ab:e5:14:fa:28:
         85:62:5e:04:12:ae:97:51:c7:45:b0:bc:e3:60:00:0f:d9:4f:
         c7:9d:ee:19:73:83:62:83:9b:6b:2d:f9:fe:83:59:64:af:31:
         81:0c:b8:2b:f9:b1:87:4e:88:56:61:e9:91:5f:13:68:c9:d1:
         6d:fc:eb:73:f1:1f:40:02:ec:a0:e7:53:ca:c8:93:f7:40:8e:
         86:c2:1a:54:71:95:94:78:98:d0:97:13:d9:a6:b8:35:7d:09:
         4e:c4:1b:55:a2:2c:60:30:f3:84:2f:df:73:b8:96:5a:5c:bf:
         a1:0c:f2:e1:d5:a0:f8:a2:4e:2d:0e:0c:be:7d:e0:47:f3:d5:
         33:06:85:8d:40:4d:b2:63:02:68:b5:5a:54:09:7c:47:25:63:
         9f:2d:8d:36:02:ab:da:87:3e:e1:a7:08:93:e0:73:69:0e:28:
         d5:9b:a1:eb:d9:ef:52:61:dd:89:f0:0b:ac:ef:dd:53:1f:bd:
         d5:e8:da:62:94:5c:8c:2d:a6:d9:5a:ed:17:b4:f4:a3:6e:b2:
         fc:16:c1:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaosAFnvUeOahaJwqZGv1yxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUwNTA3MDMwMDI5WhcNMjUwNTA4MDMwMDI5WjAzMTEwLwYDVQQD
Eyg1YTIwOWJiZWY2ZjRhM2ZiYjFlZmYwYjg0M2M3NDQyZGM2YzQ0NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgCeoUSDeDgK025fGGHAuPjoH3Sl
vRAa2GkDeXuodSUaFzNR2gIjdLd+QYOfZviq1CjEDfiXh9MPTT+rhKih/qpi0ZKJ
uOQzLVJqJzDSn5E8pWaRLiGwMvEzNRKrB6AnwxCbwMvCV6H1W0A+SHVircneqM4p
UouXRnHnVVDTJnA9j3snhsUJ2f1lzoNlVuwPNgl6T8cxc56dAodSYXSDidq6OAoh
5o/f7T22C0iky9BHhmW+IWxIPnQlkso5982mjbJXKMZV/jTKyqr0uF/B4fd+vfec
BucbbNhU0LYOg1CI6DBfgsBJNqz8pjFWx1a35nzgL+ffj0YLvtETicPFxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFogm7729KP7se/wuEPHRC3GxEXyMB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKvKkFhCh
HMocMY8ComMiGpfWks3lm8VWAkYnDtnz88NtChnx98CElu5OJKeCfmp6z6vlFPoo
hWJeBBKul1HHRbC842AAD9lPx53uGXODYoObay35/oNZZK8xgQy4K/mxh06IVmHp
kV8TaMnRbfzrc/EfQALsoOdTysiT90COhsIaVHGVlHiY0JcT2aa4NX0JTsQbVaIs
YDDzhC/fc7iWWly/oQzy4dWg+KJOLQ4Mvn3gR/PVMwaFjUBNsmMCaLVaVAl8RyVj
ny2NNgKr2oc+4acIk+BzaQ4o1Zuh69nvUmHdifALrO/dUx+91ejaYpRcjC2m2Vrt
F7T0o26y/BbBiw==
-----END CERTIFICATE-----