Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          SaPzYJYAGAgqlo1xSeGSfZBj0K97TIr9JGPgeklaBa4=
Subject key identifier:   EA:75:13:00:F6:36:CE:7E:72:D2:DD:D8:65:87:D9:5D:6C:25:66:74
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       0198D58359A7063D2FE37C84BF714DEF933C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          1385
Signing time:             Sat 23 Aug 2025 06:00:11 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:11 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:11 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: hLDshLNWHRiNw0S5BqnHXqQztavUyLZxi2OqWlKwTHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:59:a7:06:3d:2f:e3:7c:84:bf:71:4d:ef:93:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: Aug 23 06:00:11 2025 GMT
            Not After : Aug 24 06:00:11 2025 GMT
        Subject: CN=ea751300f636ce7e72d2ddd86587d95d6c256674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ed:87:c5:49:14:73:9c:d3:16:ed:55:83:00:
                    9c:5a:41:e1:d2:8a:8a:55:c1:a5:99:2a:8a:45:ea:
                    62:b8:8f:b2:dd:d7:63:8b:56:0b:29:53:bc:9c:2d:
                    04:c9:bb:ac:ed:d8:8b:60:2f:ca:10:3b:84:58:23:
                    17:34:e8:b3:8e:fe:05:82:30:5c:5a:13:aa:71:08:
                    5b:45:71:20:ca:38:17:ab:c1:c6:4d:10:d5:12:f1:
                    99:eb:4c:4c:e6:71:5f:ea:f6:a4:e6:9b:3e:4e:ff:
                    35:e7:9e:46:c3:4d:ec:76:da:76:eb:b6:f5:7e:b5:
                    5c:ff:7b:59:43:8d:cb:13:95:37:1f:2c:b5:15:4e:
                    15:65:0f:d5:dc:31:1f:a0:62:d7:c9:74:28:1b:76:
                    ff:f4:7c:f7:26:05:eb:a7:a6:fb:07:85:7c:b1:bb:
                    82:ac:bc:0a:e8:eb:61:f7:7d:85:df:1c:cf:fe:75:
                    ca:54:0f:69:ac:e6:bc:05:1e:87:70:0a:b4:86:e5:
                    b1:dd:d8:f1:fa:dc:7b:9f:10:88:79:3c:b4:62:3b:
                    a2:3a:4f:a9:0f:dd:b6:57:26:cd:fa:bd:7a:66:5b:
                    fd:51:d4:3c:b2:28:c2:54:15:04:4c:41:8c:6c:0a:
                    2b:72:ff:c1:a9:81:5b:f4:9c:da:5b:3a:ee:b0:8d:
                    0a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:75:13:00:F6:36:CE:7E:72:D2:DD:D8:65:87:D9:5D:6C:25:66:74
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:33:78:89:8e:8d:1f:8f:5c:b6:a9:c2:cd:d6:19:ba:99:4c:
         8d:0d:5a:14:55:2f:72:fc:93:fb:8c:54:2a:69:16:6c:5a:2d:
         30:6e:3b:11:96:59:ea:40:5a:c1:56:ab:43:a9:41:27:3b:6c:
         60:fd:ee:9c:ff:31:0f:52:6f:5f:e2:71:49:2b:30:9c:b9:aa:
         00:42:18:b3:83:e6:d3:bb:6d:e6:6c:98:bb:27:cd:82:2e:c3:
         5d:b3:b6:88:b1:9c:20:b1:24:13:4b:98:68:c4:80:38:2b:37:
         0d:31:0f:60:eb:44:e9:eb:93:6a:93:1b:a5:70:d0:c3:b5:ca:
         aa:0a:86:57:ff:ef:c6:78:06:43:70:9f:5e:f5:d6:a2:98:48:
         47:9f:d1:28:a2:a3:5e:34:07:36:ab:83:b4:45:46:81:dd:e8:
         a1:d1:94:b7:c3:cc:a6:34:3c:ca:cb:58:d3:82:ff:f8:fd:f0:
         a5:d6:db:f8:c7:39:66:3d:89:d7:75:51:c3:3e:4a:a2:1c:d3:
         c4:f2:48:2b:f3:d0:d4:c6:c3:17:7d:f5:b8:6c:44:92:1b:77:
         1e:e7:c6:6a:88:7d:1d:80:cc:7d:a0:cd:af:aa:df:49:98:8e:
         59:d5:79:5c:71:77:00:58:95:a7:51:36:0c:02:5f:77:72:b7:
         5b:ce:5f:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg1mnBj0v43yEv3FN75M8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjUwODIzMDYwMDExWhcNMjUwODI0MDYwMDExWjAzMTEwLwYDVQQD
EyhlYTc1MTMwMGY2MzZjZTdlNzJkMmRkZDg2NTg3ZDk1ZDZjMjU2Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO2HxUkUc5zTFu1VgwCcWkHh0oqK
VcGlmSqKRepiuI+y3ddji1YLKVO8nC0Eybus7diLYC/KEDuEWCMXNOizjv4FgjBc
WhOqcQhbRXEgyjgXq8HGTRDVEvGZ60xM5nFf6vak5ps+Tv81555Gw03sdtp267b1
frVc/3tZQ43LE5U3Hyy1FU4VZQ/V3DEfoGLXyXQoG3b/9Hz3JgXrp6b7B4V8sbuC
rLwK6Oth932F3xzP/nXKVA9prOa8BR6HcAq0huWx3djx+tx7nxCIeTy0YjuiOk+p
D922VybN+r16Zlv9UdQ8sijCVBUETEGMbAorcv/BqYFb9JzaWzrusI0KlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOp1EwD2Ns5+ctLd2GWH2V1sJWZ0MB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALDN4iY6N
H49ctqnCzdYZuplMjQ1aFFUvcvyT+4xUKmkWbFotMG47EZZZ6kBawVarQ6lBJzts
YP3unP8xD1JvX+JxSSswnLmqAEIYs4Pm07tt5myYuyfNgi7DXbO2iLGcILEkE0uY
aMSAOCs3DTEPYOtE6euTapMbpXDQw7XKqgqGV//vxngGQ3CfXvXWophIR5/RKKKj
XjQHNquDtEVGgd3oodGUt8PMpjQ8ystY04L/+P3wpdbb+Mc5Zj2J13VRwz5KohzT
xPJIK/PQ1MbDF331uGxEkht3HufGaoh9HYDMfaDNr6rfSZiOWdV5XHF3AFiVp1E2
DAJfd3K3W85fEA==
-----END CERTIFICATE-----