Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
File:                     jDJOtM17M3hJro0yb8iZAvUDpMY.mft (raw, json)
Hash identifier:          6Q9xSZSRKU+CbMR6AXdg/ZJKHSWwhotC0ozPUkPCqVU=
Subject key identifier:   28:C5:25:E7:D3:31:55:34:67:F6:F7:8C:9C:5F:66:D3:56:46:26:1C
Authority key identifier: 8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6
Certificate issuer:       /CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
Certificate serial:       0197B8210DFB1313376E965B2F94E5DBD11D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
Manifest number:          6C
Signing time:             Sat 28 Jun 2025 20:01:03 +0000
Manifest this update:     Sat 28 Jun 2025 20:01:03 +0000
Manifest next update:     Sun 29 Jun 2025 20:01:03 +0000
Files and hashes:         1: jDJOtM17M3hJro0yb8iZAvUDpMY.crl (hash: 9+UGSF0I8U6kR1zyVnOy/zKTHA7Ak0zYpqWXfYhXmxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:21:0d:fb:13:13:37:6e:96:5b:2f:94:e5:db:d1:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
        Validity
            Not Before: Jun 28 20:01:03 2025 GMT
            Not After : Jun 29 20:01:03 2025 GMT
        Subject: CN=28c525e7d331553467f6f78c9c5f66d35646261c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c4:59:9a:67:a0:f4:99:ca:b3:63:c9:a5:c9:
                    05:9e:88:79:80:76:6a:70:19:bb:c7:e7:f4:f7:71:
                    14:37:29:7c:4f:b0:d1:e7:d4:01:d6:e4:ac:14:74:
                    72:f1:f9:9f:69:c6:1c:93:c8:75:77:e2:a1:27:11:
                    9d:41:e6:91:da:f4:c8:6b:15:86:49:4d:f1:d4:49:
                    ad:9c:ea:3d:e4:be:3c:eb:38:87:52:8c:cb:f6:4f:
                    1c:88:06:07:15:7b:5e:2f:4e:ac:77:3e:51:82:f3:
                    0e:96:1d:59:71:30:74:14:1e:5f:de:91:ee:38:c0:
                    57:41:1f:de:b3:b5:f0:cd:08:67:bd:b2:3c:86:d5:
                    56:37:62:57:75:80:66:36:96:74:c7:29:10:69:2d:
                    0d:06:59:67:97:e5:9c:2a:30:aa:2a:96:4d:35:df:
                    4c:e2:a4:ee:16:a5:84:55:63:32:2a:86:b5:13:5c:
                    a1:d5:19:86:bd:d6:93:0f:83:e7:f5:80:37:a7:20:
                    1e:95:7a:a8:1b:6d:c6:d3:e6:47:b5:ad:ec:26:c0:
                    6d:27:d0:b4:13:09:87:31:97:93:56:9c:62:76:6c:
                    e8:42:b9:dd:62:f6:b5:57:c2:59:ac:b8:2d:d8:44:
                    d7:6d:15:a3:97:db:54:d4:d9:e2:1b:cf:1a:81:c1:
                    51:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C5:25:E7:D3:31:55:34:67:F6:F7:8C:9C:5F:66:D3:56:46:26:1C
            X509v3 Authority Key Identifier:
                keyid:8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:fd:03:e3:97:6e:cc:5c:eb:98:4c:ed:52:14:ec:0a:5c:96:
         1a:ea:1b:17:e7:41:a6:08:7d:c9:41:ac:b1:cf:11:44:40:7c:
         78:5b:b8:7d:59:23:81:83:21:97:39:e5:ac:19:71:c0:62:08:
         30:66:5d:92:99:e6:aa:0e:2c:15:f8:f0:ed:9b:58:ed:07:92:
         95:32:c1:af:ff:db:02:10:49:f4:f2:5a:59:c0:0e:ae:26:16:
         1d:e3:55:83:4f:33:c9:78:0e:38:40:d4:8c:fd:14:84:4a:f6:
         f7:85:8d:67:5b:c1:68:b7:4f:fb:27:4a:3a:33:82:88:13:31:
         41:82:7c:2a:22:b9:8f:e5:ba:bb:07:b9:bb:80:27:13:cc:91:
         01:e3:3d:34:62:1e:cf:61:11:75:da:72:37:12:9a:1e:6a:f4:
         f3:fb:b2:7d:a2:79:4e:1f:4a:c1:68:e2:93:3d:5d:cb:ce:91:
         fb:c9:6a:d1:3f:ed:3b:14:e2:3a:1a:7e:cb:14:36:83:46:40:
         ff:fc:08:a0:97:b7:1b:29:d1:24:89:de:4c:bc:1d:be:d9:2c:
         d1:6f:ff:95:e0:16:40:f2:f5:e7:d8:9e:22:d3:90:96:f7:3e:
         2e:64:70:d5:cd:65:b4:38:53:18:53:b9:1e:b1:27:54:12:dc:
         94:30:7f:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IQ37ExM3bpZbL5Tl29EdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzI0ZWI0Y2Q3YjMzNzg0OWFlOGQzMjZmYzg5OTAyZjUw
M2E0YzYwHhcNMjUwNjI4MjAwMTAzWhcNMjUwNjI5MjAwMTAzWjAzMTEwLwYDVQQD
EygyOGM1MjVlN2QzMzE1NTM0NjdmNmY3OGM5YzVmNjZkMzU2NDYyNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8RZmmeg9JnKs2PJpckFnoh5gHZq
cBm7x+f093EUNyl8T7DR59QB1uSsFHRy8fmfacYck8h1d+KhJxGdQeaR2vTIaxWG
SU3x1EmtnOo95L486ziHUozL9k8ciAYHFXteL06sdz5RgvMOlh1ZcTB0FB5f3pHu
OMBXQR/es7XwzQhnvbI8htVWN2JXdYBmNpZ0xykQaS0NBllnl+WcKjCqKpZNNd9M
4qTuFqWEVWMyKoa1E1yh1RmGvdaTD4Pn9YA3pyAelXqoG23G0+ZHta3sJsBtJ9C0
EwmHMZeTVpxidmzoQrndYva1V8JZrLgt2ETXbRWjl9tU1NniG88agcFRyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjFJefTMVU0Z/b3jJxfZtNWRiYcMB8GA1UdIwQY
MBaAFIwyTrTNezN4Sa6NMm/ImQL1A6TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQt
MTM5NjM2YjFlMjYzLzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQtMTM5NjM2YjFlMjYz
LzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhP0D45du
zFzrmEztUhTsClyWGuobF+dBpgh9yUGssc8RREB8eFu4fVkjgYMhlznlrBlxwGII
MGZdkpnmqg4sFfjw7ZtY7QeSlTLBr//bAhBJ9PJaWcAOriYWHeNVg08zyXgOOEDU
jP0UhEr294WNZ1vBaLdP+ydKOjOCiBMxQYJ8KiK5j+W6uwe5u4AnE8yRAeM9NGIe
z2ERddpyNxKaHmr08/uyfaJ5Th9KwWjikz1dy86R+8lq0T/tOxTiOhp+yxQ2g0ZA
//wIoJe3GynRJIneTLwdvtks0W//leAWQPL159ieItOQlvc+LmRw1c1ltDhTGFO5
HrEnVBLclDB/rg==
-----END CERTIFICATE-----