Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
File:                     jDJOtM17M3hJro0yb8iZAvUDpMY.mft (raw, json)
Hash identifier:          +Np7FPLef0tlNfDGhInQKz9fp6PmFcFhA0YgcMA+aQg=
Subject key identifier:   B4:87:9E:1F:8C:10:BB:AA:6F:7C:C8:56:9E:D9:51:2F:36:11:68:9E
Authority key identifier: 8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6
Certificate issuer:       /CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
Certificate serial:       019A01480732F0647F714DE105A82A36E1A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
Manifest number:          019B
Signing time:             Mon 20 Oct 2025 11:01:28 +0000
Manifest this update:     Mon 20 Oct 2025 11:01:28 +0000
Manifest next update:     Tue 21 Oct 2025 11:01:28 +0000
Files and hashes:         1: jDJOtM17M3hJro0yb8iZAvUDpMY.crl (hash: O9Wc19na8vJd1dHMBoUvfzJ85mZQ7MORxe9GB763oUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 11:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:48:07:32:f0:64:7f:71:4d:e1:05:a8:2a:36:e1:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
        Validity
            Not Before: Oct 20 11:01:28 2025 GMT
            Not After : Oct 21 11:01:28 2025 GMT
        Subject: CN=b4879e1f8c10bbaa6f7cc8569ed9512f3611689e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:25:1d:d5:cb:50:2d:45:28:03:68:26:dc:28:
                    85:52:b9:77:b3:6b:5e:70:64:c2:0f:c5:8d:11:4b:
                    5c:e5:09:c0:87:a7:7c:fb:f0:4c:4f:31:e7:24:2f:
                    87:cc:eb:11:ac:ae:32:84:6e:d6:e2:89:a6:7d:e7:
                    5c:74:28:1b:c8:15:6a:e1:14:1b:51:de:75:85:39:
                    7a:25:74:3a:bd:96:dc:f2:22:82:2d:72:27:20:c6:
                    cc:3e:25:d5:b3:d3:bd:87:c4:43:fb:aa:b0:a3:0a:
                    ea:a4:3a:bc:a0:50:df:2f:d0:c9:95:ac:0b:b6:7b:
                    2b:da:2c:4c:32:d2:19:3b:a8:e2:44:21:a1:60:86:
                    0e:24:4c:ed:71:2a:91:9a:f2:42:08:f7:64:83:c6:
                    10:7c:53:c9:d7:7a:7b:5c:0e:69:56:1a:f4:75:95:
                    a0:6b:93:b8:9c:d4:9c:05:de:91:53:62:94:9c:0a:
                    8d:b7:3b:4e:9b:a2:9b:d5:ff:e5:f8:8a:e5:68:7e:
                    50:d9:bf:39:ad:f1:9c:99:d6:cf:dd:08:f6:a8:fe:
                    63:b6:75:6f:22:41:8b:1a:b5:82:44:0a:73:e4:81:
                    af:e4:83:66:e4:7f:7f:26:3e:bc:19:ea:75:7b:68:
                    27:b7:28:48:77:08:b0:05:84:2e:0e:0c:f6:54:11:
                    80:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:87:9E:1F:8C:10:BB:AA:6F:7C:C8:56:9E:D9:51:2F:36:11:68:9E
            X509v3 Authority Key Identifier:
                keyid:8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:98:62:2d:ef:33:b4:c4:12:19:65:79:bb:10:3c:32:1d:54:
         5d:3f:77:53:aa:10:9b:b3:f2:66:7d:73:76:e0:9e:81:85:5d:
         7a:58:8e:57:3a:2b:0b:57:33:31:c4:6d:19:57:d7:28:46:e0:
         18:ca:f3:ff:1d:64:89:93:f0:91:39:13:09:b0:c9:8c:51:49:
         b1:e0:f9:8d:ec:81:a9:40:10:49:71:18:5b:1e:ac:50:ab:e2:
         76:fb:ee:19:8c:1c:be:3b:95:0e:10:fe:d0:13:45:84:d4:ec:
         0a:74:c0:85:bd:19:fe:d4:d5:31:de:fb:09:97:6e:c6:cd:ff:
         6b:1e:5d:5f:6f:c4:a5:5d:6f:81:3d:09:63:f4:70:d9:54:38:
         49:8e:45:fd:00:e9:2c:86:2f:1f:d3:6e:f2:c4:43:9c:aa:50:
         ae:73:55:67:51:41:bd:41:95:57:ba:29:f4:78:ed:3a:c8:ab:
         a6:99:57:1d:35:6c:43:14:55:fa:0b:1f:10:08:34:c3:74:59:
         04:4b:b5:b8:40:c5:8b:cc:00:26:26:57:ce:ed:f0:26:81:75:
         ac:7b:44:32:47:55:23:c0:46:b4:31:22:c5:57:4c:f7:39:aa:
         ae:d0:4a:00:8b:6e:8d:40:d6:75:92:7c:fa:32:87:73:ab:f9:
         39:59:aa:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBSAcy8GR/cU3hBagqNuGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzI0ZWI0Y2Q3YjMzNzg0OWFlOGQzMjZmYzg5OTAyZjUw
M2E0YzYwHhcNMjUxMDIwMTEwMTI4WhcNMjUxMDIxMTEwMTI4WjAzMTEwLwYDVQQD
EyhiNDg3OWUxZjhjMTBiYmFhNmY3Y2M4NTY5ZWQ5NTEyZjM2MTE2ODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9iUd1ctQLUUoA2gm3CiFUrl3s2te
cGTCD8WNEUtc5QnAh6d8+/BMTzHnJC+HzOsRrK4yhG7W4ommfedcdCgbyBVq4RQb
Ud51hTl6JXQ6vZbc8iKCLXInIMbMPiXVs9O9h8RD+6qwowrqpDq8oFDfL9DJlawL
tnsr2ixMMtIZO6jiRCGhYIYOJEztcSqRmvJCCPdkg8YQfFPJ13p7XA5pVhr0dZWg
a5O4nNScBd6RU2KUnAqNtztOm6Kb1f/l+IrlaH5Q2b85rfGcmdbP3Qj2qP5jtnVv
IkGLGrWCRApz5IGv5INm5H9/Jj68Gep1e2gntyhIdwiwBYQuDgz2VBGAvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSHnh+MELuqb3zIVp7ZUS82EWieMB8GA1UdIwQY
MBaAFIwyTrTNezN4Sa6NMm/ImQL1A6TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQt
MTM5NjM2YjFlMjYzLzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQtMTM5NjM2YjFlMjYz
LzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIphiLe8z
tMQSGWV5uxA8Mh1UXT93U6oQm7PyZn1zduCegYVdeliOVzorC1czMcRtGVfXKEbg
GMrz/x1kiZPwkTkTCbDJjFFJseD5jeyBqUAQSXEYWx6sUKvidvvuGYwcvjuVDhD+
0BNFhNTsCnTAhb0Z/tTVMd77CZduxs3/ax5dX2/EpV1vgT0JY/Rw2VQ4SY5F/QDp
LIYvH9Nu8sRDnKpQrnNVZ1FBvUGVV7op9HjtOsirpplXHTVsQxRV+gsfEAg0w3RZ
BEu1uEDFi8wAJiZXzu3wJoF1rHtEMkdVI8BGtDEixVdM9zmqrtBKAItujUDWdZJ8
+jKHc6v5OVmqCw==
-----END CERTIFICATE-----