Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
File:                     jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json)
Hash identifier:          ktCJzuWhGJF4mOaM2HCMfVyQtuRf5vs6ZNVhxfu8IaY=
Subject key identifier:   D3:40:0F:9B:4B:39:2C:5C:1B:2B:A5:D2:22:EC:08:1E:15:87:3A:6D
Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36
Certificate issuer:       /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
Certificate serial:       0197C80314E2A27E7BD8D6795140533CF794
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
Manifest number:          0A98
Signing time:             Tue 01 Jul 2025 22:02:14 +0000
Manifest this update:     Tue 01 Jul 2025 22:02:14 +0000
Manifest next update:     Wed 02 Jul 2025 22:02:14 +0000
Files and hashes:         1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: nWEnaLVzj7afGEllRdBAbLKFuAIPhnlIYwvBIqMYzGM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 16:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c8:03:14:e2:a2:7e:7b:d8:d6:79:51:40:53:3c:f7:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
        Validity
            Not Before: Jul  1 22:02:14 2025 GMT
            Not After : Jul  2 22:02:14 2025 GMT
        Subject: CN=d3400f9b4b392c5c1b2ba5d222ec081e15873a6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5b:ab:e3:c0:3d:21:33:81:74:69:e4:a8:66:
                    8f:cf:4b:bf:9d:a5:f2:2c:b8:62:9d:be:50:1a:b1:
                    72:53:76:bb:9b:7a:9c:43:2e:8b:31:f4:c5:6b:92:
                    c9:0c:0a:c5:5f:ba:25:f2:8f:36:f0:85:a4:bd:df:
                    72:96:1a:25:38:14:1f:3d:36:1f:63:48:31:14:dd:
                    95:44:85:6e:61:76:e5:14:11:f8:66:0e:4e:7a:ab:
                    64:9a:fb:c9:f3:57:57:9e:3d:36:48:76:57:7a:02:
                    61:fe:bb:35:4d:d3:c8:e3:71:37:b5:29:0a:30:0f:
                    c5:0f:18:30:69:94:4e:33:d5:16:7f:04:ee:c7:dc:
                    f2:1c:3e:b8:d8:3f:45:64:3e:78:1b:32:6d:52:6a:
                    f8:71:c2:49:36:a3:2f:ec:00:4f:73:80:5a:db:e6:
                    e9:f4:db:0e:ee:7a:bb:84:bf:76:71:24:12:d3:6e:
                    e4:70:7e:7d:45:e6:77:8b:f8:22:b5:03:04:87:47:
                    28:d8:5e:94:86:d8:c2:09:21:c4:b5:96:64:ab:5e:
                    52:17:3a:45:cd:9f:78:55:ff:64:fd:8b:2b:ec:a4:
                    30:b3:5c:f1:5a:97:cc:27:50:a0:86:a6:72:1a:d9:
                    da:66:33:36:72:97:b8:42:e3:a0:1b:c0:cd:f0:31:
                    c4:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:40:0F:9B:4B:39:2C:5C:1B:2B:A5:D2:22:EC:08:1E:15:87:3A:6D
            X509v3 Authority Key Identifier:
                keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:ad:81:e6:4f:97:5b:5a:13:34:d1:41:0a:5b:14:82:7c:fe:
         4a:58:0d:85:23:b7:28:e0:e3:f4:e0:8c:1e:3f:de:0b:1a:01:
         00:66:7d:88:47:a2:ef:e8:15:e6:f8:2d:5d:a9:28:ea:16:2b:
         7d:81:01:d0:9b:45:03:e3:03:70:d1:6a:3b:d9:a9:af:a5:2d:
         b4:e3:86:e6:ab:da:cc:b9:5c:d2:06:74:db:91:0b:e1:46:64:
         c0:34:af:c3:ee:9d:28:c9:52:22:cc:cc:76:27:00:7a:86:c6:
         d9:b7:90:e2:48:73:7f:a9:1d:15:ab:cf:1d:e3:7c:74:7c:49:
         71:52:26:69:36:2c:7d:e4:1c:09:90:dd:a9:35:c2:82:a7:00:
         ea:ce:7c:9c:c1:b0:bb:d2:7d:2e:96:1d:85:5a:29:ad:57:40:
         80:a1:19:a3:3d:bd:18:33:e5:a1:1a:ec:fd:6c:ff:89:46:66:
         0a:f8:9d:23:90:d9:8d:c9:70:7a:1b:80:b8:d1:a9:cd:af:34:
         7c:a5:0c:25:bf:2d:27:26:a0:98:72:4b:cf:c5:22:b5:ce:e7:
         0e:70:42:28:04:19:3e:61:59:14:a3:fa:23:6f:49:5a:c2:3f:
         71:2f:fb:bf:2f:00:ac:37:9c:c8:86:99:8f:0e:43:ff:49:00:
         fd:a2:36:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfIAxTion572NZ5UUBTPPeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz
ODFkMzYwHhcNMjUwNzAxMjIwMjE0WhcNMjUwNzAyMjIwMjE0WjAzMTEwLwYDVQQD
EyhkMzQwMGY5YjRiMzkyYzVjMWIyYmE1ZDIyMmVjMDgxZTE1ODczYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlur48A9ITOBdGnkqGaPz0u/naXy
LLhinb5QGrFyU3a7m3qcQy6LMfTFa5LJDArFX7ol8o828IWkvd9ylholOBQfPTYf
Y0gxFN2VRIVuYXblFBH4Zg5OeqtkmvvJ81dXnj02SHZXegJh/rs1TdPI43E3tSkK
MA/FDxgwaZROM9UWfwTux9zyHD642D9FZD54GzJtUmr4ccJJNqMv7ABPc4Ba2+bp
9NsO7nq7hL92cSQS027kcH59ReZ3i/gitQMEh0co2F6UhtjCCSHEtZZkq15SFzpF
zZ94Vf9k/Ysr7KQws1zxWpfMJ1CghqZyGtnaZjM2cpe4QuOgG8DN8DHEXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNAD5tLOSxcGyul0iLsCB4VhzptMB8GA1UdIwQY
MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt
Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz
LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJa2B5k+X
W1oTNNFBClsUgnz+SlgNhSO3KODj9OCMHj/eCxoBAGZ9iEei7+gV5vgtXako6hYr
fYEB0JtFA+MDcNFqO9mpr6UttOOG5qvazLlc0gZ025EL4UZkwDSvw+6dKMlSIszM
dicAeobG2beQ4khzf6kdFavPHeN8dHxJcVImaTYsfeQcCZDdqTXCgqcA6s58nMGw
u9J9LpYdhVoprVdAgKEZoz29GDPloRrs/Wz/iUZmCvidI5DZjclwehuAuNGpza80
fKUMJb8tJyagmHJLz8Uitc7nDnBCKAQZPmFZFKP6I29JWsI/cS/7vy8ArDecyIaZ
jw5D/0kA/aI2gw==
-----END CERTIFICATE-----