Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
File:                     jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json)
Hash identifier:          IcmtNYqYUXXqtafnKXBjHOKj6xgyKiINxWVCooGm2QE=
Subject key identifier:   BA:3B:F0:32:D6:32:8D:FD:BF:E0:EC:4A:86:78:DE:87:7F:D0:6B:94
Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36
Certificate issuer:       /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
Certificate serial:       0196C53A1157E0ADA2CDA0115AD7DE9E4D29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
Manifest number:          0A12
Signing time:             Mon 12 May 2025 16:00:39 +0000
Manifest this update:     Mon 12 May 2025 16:00:39 +0000
Manifest next update:     Tue 13 May 2025 16:00:39 +0000
Files and hashes:         1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: DXyBFt4XnNfMPQhL7iBKpaptiMKhMBJsb72qLr5QuZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:11:57:e0:ad:a2:cd:a0:11:5a:d7:de:9e:4d:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
        Validity
            Not Before: May 12 16:00:39 2025 GMT
            Not After : May 13 16:00:39 2025 GMT
        Subject: CN=ba3bf032d6328dfdbfe0ec4a8678de877fd06b94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:15:d0:5a:fd:01:d8:2d:21:91:f9:a8:92:a8:
                    5a:22:4a:b7:7d:1a:38:35:5b:e5:84:de:d7:aa:75:
                    33:a4:22:6d:1e:2d:e5:c4:77:bf:70:9b:41:89:57:
                    7f:88:10:35:f8:13:35:d6:99:84:f4:c6:2d:06:58:
                    72:f8:d4:2d:1e:1c:a2:7e:aa:b4:61:34:7c:6c:4a:
                    2b:55:59:b7:11:67:48:5f:4f:b6:86:67:60:ba:44:
                    71:1d:3a:4a:fb:0c:48:7f:7d:b7:6b:06:27:8a:51:
                    24:a5:9a:07:cb:10:cd:0d:3b:59:af:a8:31:3e:e1:
                    d6:d1:52:38:91:a5:ca:be:91:2f:c2:db:f4:5f:13:
                    38:fd:ee:c2:c1:f9:25:42:27:c1:1e:08:01:1a:87:
                    74:da:41:cd:c7:ed:bf:42:40:35:e6:53:b3:a8:ec:
                    3e:6d:4f:df:b4:25:cb:1e:18:16:5f:c0:38:6d:80:
                    30:8a:a4:2a:d2:b9:88:1d:28:8f:8a:58:4a:e1:63:
                    b7:8b:f3:9c:5d:b3:26:af:62:90:65:6d:c9:05:fd:
                    23:6c:eb:91:ca:88:13:f7:38:dd:0f:ee:4b:ba:75:
                    bc:0c:d5:67:df:3e:47:98:83:55:28:3c:d9:a7:d3:
                    28:a1:8a:15:05:37:c2:fb:71:61:af:4c:4b:42:d2:
                    a8:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:3B:F0:32:D6:32:8D:FD:BF:E0:EC:4A:86:78:DE:87:7F:D0:6B:94
            X509v3 Authority Key Identifier:
                keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:c0:64:27:c8:7b:f3:aa:c3:7d:ae:a0:21:1b:30:70:17:b5:
         58:dd:85:66:6c:8d:7c:ca:39:59:ad:b5:63:d9:45:e4:0c:ac:
         93:fb:ab:c2:f2:0b:cf:21:db:86:9d:d0:a6:a4:a5:10:8d:37:
         25:ea:ac:73:3e:2f:4f:56:30:d0:f4:da:8d:3f:0f:9c:fa:93:
         77:45:a5:42:6d:5d:f5:d4:d7:b8:2b:bd:07:05:40:15:af:87:
         dc:c3:8b:ea:e8:aa:bc:a8:cc:ee:42:a6:fc:7a:1a:91:83:c0:
         d0:7c:c7:fa:87:f9:94:d2:33:cd:95:25:47:00:fd:a5:e0:2b:
         e6:b1:92:b3:0a:16:7f:22:ce:9e:3f:ff:67:ac:95:3e:d6:95:
         6d:16:67:d9:42:b1:e1:7f:d2:30:29:1c:1d:c5:19:1f:48:ed:
         27:0a:37:ee:84:ba:80:58:a2:c2:3a:26:f1:cf:18:6b:89:3c:
         b9:13:14:2c:36:cb:3a:3a:30:f9:bc:38:c7:4a:09:91:d3:57:
         e0:e8:ce:d5:80:1e:9f:2b:17:61:4c:e3:07:ef:80:23:37:ed:
         4b:68:4f:42:10:13:d7:59:2d:86:a3:ff:c7:18:f2:c3:32:88:
         3c:71:9b:d4:b7:c0:5a:b6:5f:f1:31:b7:85:14:f6:88:9b:7c:
         d2:93:45:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOhFX4K2izaARWtfenk0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz
ODFkMzYwHhcNMjUwNTEyMTYwMDM5WhcNMjUwNTEzMTYwMDM5WjAzMTEwLwYDVQQD
EyhiYTNiZjAzMmQ2MzI4ZGZkYmZlMGVjNGE4Njc4ZGU4NzdmZDA2Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxXQWv0B2C0hkfmokqhaIkq3fRo4
NVvlhN7XqnUzpCJtHi3lxHe/cJtBiVd/iBA1+BM11pmE9MYtBlhy+NQtHhyifqq0
YTR8bEorVVm3EWdIX0+2hmdgukRxHTpK+wxIf323awYnilEkpZoHyxDNDTtZr6gx
PuHW0VI4kaXKvpEvwtv0XxM4/e7CwfklQifBHggBGod02kHNx+2/QkA15lOzqOw+
bU/ftCXLHhgWX8A4bYAwiqQq0rmIHSiPilhK4WO3i/OcXbMmr2KQZW3JBf0jbOuR
yogT9zjdD+5LunW8DNVn3z5HmINVKDzZp9MooYoVBTfC+3Fhr0xLQtKoLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLo78DLWMo39v+DsSoZ43od/0GuUMB8GA1UdIwQY
MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt
Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz
LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8BkJ8h7
86rDfa6gIRswcBe1WN2FZmyNfMo5Wa21Y9lF5Aysk/urwvILzyHbhp3QpqSlEI03
Jeqscz4vT1Yw0PTajT8PnPqTd0WlQm1d9dTXuCu9BwVAFa+H3MOL6uiqvKjM7kKm
/HoakYPA0HzH+of5lNIzzZUlRwD9peAr5rGSswoWfyLOnj//Z6yVPtaVbRZn2UKx
4X/SMCkcHcUZH0jtJwo37oS6gFiiwjom8c8Ya4k8uRMULDbLOjow+bw4x0oJkdNX
4OjO1YAenysXYUzjB++AIzftS2hPQhAT11kthqP/xxjywzKIPHGb1LfAWrZf8TG3
hRT2iJt80pNFGQ==
-----END CERTIFICATE-----