Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File:                     jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier:          onnv9yfaSu49p1f171lqGqXXawzFXsQJkFuPm1EcXuI=
Subject key identifier:   26:26:C7:05:09:DC:EE:E2:F7:2B:3D:04:0C:B5:05:BE:33:C4:7A:82
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer:       /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial:       0196C683DBB0E05419945F112B4C790D367F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number:          04E8
Signing time:             Mon 12 May 2025 22:00:52 +0000
Manifest this update:     Mon 12 May 2025 22:00:52 +0000
Manifest next update:     Tue 13 May 2025 22:00:52 +0000
Files and hashes:         1: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: SuUKfiIADrSthJu5MPAPrtcWG9XEzMFUwtTdaNqqWhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 20:47:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:83:db:b0:e0:54:19:94:5f:11:2b:4c:79:0d:36:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
        Validity
            Not Before: May 12 22:00:52 2025 GMT
            Not After : May 13 22:00:52 2025 GMT
        Subject: CN=2626c70509dceee2f72b3d040cb505be33c47a82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d1:63:76:c3:73:71:18:9a:f0:78:0b:97:2b:
                    1d:08:02:a3:84:48:7e:99:82:5d:ad:12:86:1d:30:
                    4d:6d:f6:da:09:e4:52:24:e2:af:34:f0:67:26:25:
                    ed:d7:e8:df:ec:19:24:f2:68:af:16:0d:bb:53:70:
                    33:97:82:d3:a2:e6:5f:d6:12:6d:a8:f5:a1:6a:3b:
                    44:38:cf:b3:e0:1a:81:19:bc:79:ee:87:53:d2:b4:
                    71:fc:d3:b1:20:6f:9b:f9:1d:6c:aa:b9:5b:d0:fa:
                    97:0f:53:76:98:c0:f4:62:08:36:96:a4:a3:11:ac:
                    3a:64:67:79:df:58:83:bc:b1:cb:98:59:1c:e5:41:
                    72:3e:fd:25:0a:d4:1c:dc:c1:7b:a6:d7:44:87:48:
                    b7:f0:49:b1:0a:65:de:3f:26:e8:1a:30:89:30:5e:
                    bd:14:6c:3c:8f:a8:0d:9f:5b:b9:b6:95:7e:ce:84:
                    8e:f4:c6:33:6a:8d:c2:46:84:3c:96:9f:c7:00:7b:
                    fa:8a:f3:7a:78:d0:73:de:f6:0c:56:bd:5a:78:c6:
                    a0:9f:13:87:da:28:73:24:b3:f6:65:14:d2:69:a5:
                    e0:ca:e6:44:2b:6c:65:e1:e5:90:2a:34:2d:06:a2:
                    6a:5c:1d:23:4e:45:3d:c5:0c:9e:6f:f8:c1:7e:04:
                    17:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:26:C7:05:09:DC:EE:E2:F7:2B:3D:04:0C:B5:05:BE:33:C4:7A:82
            X509v3 Authority Key Identifier:
                keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:54:e5:17:8a:85:10:ff:89:32:bf:a7:e8:62:83:ea:6e:13:
         02:a9:ad:d7:5d:a3:c7:71:20:2f:80:00:b8:0d:18:db:a5:2f:
         d8:b6:ee:7d:60:64:6e:a6:aa:0f:f8:6a:93:a3:27:f9:1e:67:
         63:f4:a6:8d:94:73:84:aa:6b:4d:27:eb:99:10:e5:0d:84:d1:
         62:0f:c5:72:1c:79:d2:f7:ae:50:92:8d:cd:7a:6e:8b:ed:a1:
         1e:8c:a9:e6:dc:e8:3e:37:a0:50:e8:72:ea:9a:a6:15:e3:4b:
         13:dd:68:a8:7e:bc:2b:20:ee:57:57:97:b8:e3:1d:ce:5f:cf:
         55:d1:18:43:e8:ab:06:b2:01:a9:ba:ca:cf:ef:47:8f:3f:d9:
         c6:b0:a5:a9:4e:65:f7:dd:10:1b:c9:19:e3:ea:f4:95:e3:fd:
         76:37:a5:a9:1d:97:72:5e:0d:79:1f:a3:0b:d6:fd:cf:0b:d5:
         4a:d3:8f:56:4a:e4:73:46:31:08:d7:b9:fe:71:96:dd:2b:06:
         1d:61:38:7f:01:37:58:1c:c6:da:63:bd:74:71:56:a3:71:87:
         a1:9b:11:bb:69:7a:14:74:31:bf:ac:a1:4d:99:8c:37:b7:5b:
         14:b5:99:9a:a4:e7:5a:3d:16:7a:d5:ba:d3:d1:3f:d1:17:4c:
         f3:12:1d:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbGg9uw4FQZlF8RK0x5DTZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjUwNTEyMjIwMDUyWhcNMjUwNTEzMjIwMDUyWjAzMTEwLwYDVQQD
EygyNjI2YzcwNTA5ZGNlZWUyZjcyYjNkMDQwY2I1MDViZTMzYzQ3YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdFjdsNzcRia8HgLlysdCAKjhEh+
mYJdrRKGHTBNbfbaCeRSJOKvNPBnJiXt1+jf7Bkk8mivFg27U3Azl4LTouZf1hJt
qPWhajtEOM+z4BqBGbx57odT0rRx/NOxIG+b+R1sqrlb0PqXD1N2mMD0Ygg2lqSj
Eaw6ZGd531iDvLHLmFkc5UFyPv0lCtQc3MF7ptdEh0i38EmxCmXePyboGjCJMF69
FGw8j6gNn1u5tpV+zoSO9MYzao3CRoQ8lp/HAHv6ivN6eNBz3vYMVr1aeMagnxOH
2ihzJLP2ZRTSaaXgyuZEK2xl4eWQKjQtBqJqXB0jTkU9xQyeb/jBfgQXaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYmxwUJ3O7i9ys9BAy1Bb4zxHqCMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVFTlF4qF
EP+JMr+n6GKD6m4TAqmt112jx3EgL4AAuA0Y26Uv2LbufWBkbqaqD/hqk6Mn+R5n
Y/SmjZRzhKprTSfrmRDlDYTRYg/Fchx50veuUJKNzXpui+2hHoyp5tzoPjegUOhy
6pqmFeNLE91oqH68KyDuV1eXuOMdzl/PVdEYQ+irBrIBqbrKz+9Hjz/ZxrClqU5l
990QG8kZ4+r0leP9djelqR2Xcl4NeR+jC9b9zwvVStOPVkrkc0YxCNe5/nGW3SsG
HWE4fwE3WBzG2mO9dHFWo3GHoZsRu2l6FHQxv6yhTZmMN7dbFLWZmqTnWj0WetW6
09E/0RdM8xIdJw==
-----END CERTIFICATE-----