Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File:                     jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier:          B0bjLsitcel7F8FYbS7HT48TCGy/oU7D3uOgGWnbrhQ=
Subject key identifier:   D4:10:C8:7A:AF:B5:86:74:5E:C6:A6:15:EA:6B:16:00:BA:10:91:12
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer:       /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial:       0197B7EA9B64525E6ED71C20C0198FA69B89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number:          0565
Signing time:             Sat 28 Jun 2025 19:01:35 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:35 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:35 +0000
Files and hashes:         1: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: ffIj/lO1p/2NT/ccbV2lrl9xd9h9nrMvwMTPfmq6GZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:9b:64:52:5e:6e:d7:1c:20:c0:19:8f:a6:9b:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
        Validity
            Not Before: Jun 28 19:01:35 2025 GMT
            Not After : Jun 29 19:01:35 2025 GMT
        Subject: CN=d410c87aafb586745ec6a615ea6b1600ba109112
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6d:4d:c2:56:2e:57:30:2f:6c:31:69:0d:5c:
                    c6:b5:af:ae:67:9b:05:82:8d:0e:3d:d8:a6:58:4c:
                    e1:f9:4d:a2:b8:37:d4:c9:26:35:72:2f:22:c3:8e:
                    7e:08:4b:78:74:76:d1:cc:92:56:73:16:11:27:90:
                    48:24:02:99:89:5d:1d:7e:13:96:cf:ce:00:b1:ca:
                    07:2e:1c:6d:20:83:ef:96:41:73:14:f7:43:11:60:
                    b8:c9:aa:a9:64:dd:fa:bf:b4:e2:b2:8e:73:88:e9:
                    d3:4e:c3:c0:bb:81:61:73:c0:91:67:22:20:54:7e:
                    49:4b:33:c5:c9:68:52:02:bf:64:c9:e1:a7:16:43:
                    87:43:ac:40:bb:86:8f:9c:e1:92:19:f4:4c:58:ed:
                    de:b0:96:24:4a:d2:21:d0:a9:50:cc:85:ea:9b:df:
                    0b:c7:18:5f:82:5f:4c:c1:7f:ed:83:f5:56:ed:38:
                    36:f6:82:f8:b0:ab:7e:d6:80:3c:9e:a8:76:ce:1e:
                    6a:03:bb:8b:0a:27:be:96:eb:98:02:de:5f:ef:f7:
                    64:d0:e4:65:f9:97:40:e1:a6:80:c1:7e:ba:e5:b9:
                    ae:e1:c4:fa:7f:b3:af:4b:c4:35:89:7f:b4:e7:c9:
                    23:98:8f:84:24:ed:8a:9d:e8:2e:c2:45:94:7d:5c:
                    6e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:10:C8:7A:AF:B5:86:74:5E:C6:A6:15:EA:6B:16:00:BA:10:91:12
            X509v3 Authority Key Identifier:
                keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:40:0b:1a:19:fc:06:13:8b:b6:e1:96:a3:43:1f:3b:91:b8:
         91:d7:f1:57:29:07:c6:20:96:0c:6f:17:f9:5e:1b:6f:0d:08:
         3f:a9:be:98:66:50:1f:84:1a:32:81:87:32:ab:99:d0:10:91:
         75:0f:ea:91:a8:22:88:3a:3a:69:0c:fc:fd:f2:17:0a:95:d3:
         34:8c:51:f9:6d:29:9c:d8:5f:22:8f:ca:c8:b4:67:2b:f6:1a:
         83:ab:e9:8e:81:1a:b8:97:7a:26:d5:b8:72:56:29:f6:92:3b:
         c3:da:4a:ab:50:85:24:3a:44:86:01:bc:34:28:87:2d:2d:d8:
         cc:3d:da:b7:3c:8e:24:dd:8c:2f:d2:a1:2f:3d:d5:53:c9:82:
         6b:55:fa:2b:e9:e9:ee:da:22:e9:78:4a:72:16:8c:6b:55:4d:
         37:e0:22:79:f9:a7:6e:84:df:a6:b0:02:5b:74:ca:96:2a:86:
         aa:6d:ac:dc:2c:37:d0:e4:e6:99:f0:db:46:29:b5:e8:2a:29:
         ee:50:1b:a1:bc:55:13:09:6a:d8:2f:7b:ab:5f:fe:3d:f5:22:
         a7:cc:90:59:de:03:c4:d1:2d:9c:5f:ed:ae:18:8e:c8:ee:b7:
         f4:a7:0e:93:ec:0e:26:71:4d:e9:97:cc:5e:ac:75:53:2d:99:
         42:bf:35:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36ptkUl5u1xwgwBmPppuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjUwNjI4MTkwMTM1WhcNMjUwNjI5MTkwMTM1WjAzMTEwLwYDVQQD
EyhkNDEwYzg3YWFmYjU4Njc0NWVjNmE2MTVlYTZiMTYwMGJhMTA5MTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW1NwlYuVzAvbDFpDVzGta+uZ5sF
go0OPdimWEzh+U2iuDfUySY1ci8iw45+CEt4dHbRzJJWcxYRJ5BIJAKZiV0dfhOW
z84AscoHLhxtIIPvlkFzFPdDEWC4yaqpZN36v7Tiso5ziOnTTsPAu4Fhc8CRZyIg
VH5JSzPFyWhSAr9kyeGnFkOHQ6xAu4aPnOGSGfRMWO3esJYkStIh0KlQzIXqm98L
xxhfgl9MwX/tg/VW7Tg29oL4sKt+1oA8nqh2zh5qA7uLCie+luuYAt5f7/dk0ORl
+ZdA4aaAwX665bmu4cT6f7OvS8Q1iX+058kjmI+EJO2KneguwkWUfVxulwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQQyHqvtYZ0XsamFeprFgC6EJESMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApkALGhn8
BhOLtuGWo0MfO5G4kdfxVykHxiCWDG8X+V4bbw0IP6m+mGZQH4QaMoGHMquZ0BCR
dQ/qkagiiDo6aQz8/fIXCpXTNIxR+W0pnNhfIo/KyLRnK/Yag6vpjoEauJd6JtW4
clYp9pI7w9pKq1CFJDpEhgG8NCiHLS3YzD3atzyOJN2ML9KhLz3VU8mCa1X6K+np
7toi6XhKchaMa1VNN+AiefmnboTfprACW3TKliqGqm2s3Cw30OTmmfDbRim16Cop
7lAbobxVEwlq2C97q1/+PfUip8yQWd4DxNEtnF/trhiOyO639KcOk+wOJnFN6ZfM
Xqx1Uy2ZQr81RA==
-----END CERTIFICATE-----