Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
File:                     j_QxWS3s8oXDMtMGJTHA589hAsA.mft (raw, json)
Hash identifier:          O4L35ZD9msMpoQtbz6Utg4TKV520sC3i8cfVhzbVFl4=
Subject key identifier:   68:36:C7:F8:2E:2B:CA:9C:D8:C4:AD:01:A8:36:FC:F0:02:3A:5F:1D
Authority key identifier: 8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0
Certificate issuer:       /CN=8ff431592decf285c332d3062531c0e7cf6102c0
Certificate serial:       0196A389D0DB23CAA360BBD063D3A9DE39AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
Manifest number:          1525
Signing time:             Tue 06 May 2025 03:00:40 +0000
Manifest this update:     Tue 06 May 2025 03:00:40 +0000
Manifest next update:     Wed 07 May 2025 03:00:40 +0000
Files and hashes:         1: j_QxWS3s8oXDMtMGJTHA589hAsA.crl (hash: HYt7z5yvy0M6M2w5qJZ9eIxsdFNE5hsJ0qsW4dxsdxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 03:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:89:d0:db:23:ca:a3:60:bb:d0:63:d3:a9:de:39:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ff431592decf285c332d3062531c0e7cf6102c0
        Validity
            Not Before: May  6 03:00:40 2025 GMT
            Not After : May  7 03:00:40 2025 GMT
        Subject: CN=6836c7f82e2bca9cd8c4ad01a836fcf0023a5f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:32:8d:42:0b:b1:94:06:11:35:62:e0:c8:0c:
                    33:91:ab:da:31:b0:e3:92:34:71:55:fd:43:bc:5a:
                    52:a0:a2:31:26:94:20:46:92:d7:65:5b:84:d2:9e:
                    08:c6:13:df:a7:fc:16:30:a0:7b:36:c5:0e:8d:1e:
                    f7:12:da:f3:e2:45:d2:34:ef:ab:a5:77:88:1e:a8:
                    69:69:42:bd:04:af:48:03:56:10:14:a3:18:70:01:
                    bf:c1:7d:aa:4c:f7:34:39:5d:e4:fe:66:59:23:51:
                    3a:98:3f:6e:f2:e6:f2:1e:17:dd:08:60:6c:dd:b8:
                    99:36:dc:a1:34:f2:2e:61:68:6f:a9:fa:38:b5:43:
                    2d:d6:0b:17:74:b8:89:07:05:02:ce:38:7e:35:d2:
                    a2:fb:03:67:c3:32:be:66:9a:38:89:d8:dc:a1:14:
                    2e:04:ef:36:e3:aa:12:a2:87:bc:b5:56:a0:a9:36:
                    49:09:aa:d6:41:1b:49:f6:3c:79:b9:8b:73:a8:c3:
                    85:ce:9c:d3:2c:62:ee:43:29:2b:75:c8:82:9d:37:
                    b6:84:16:b5:b1:a5:07:c2:64:d9:d7:5c:48:23:0c:
                    e7:f5:f0:1c:c1:2b:b0:27:db:f6:15:52:21:3f:98:
                    72:7e:45:77:0c:6f:88:49:0d:17:66:18:b4:de:f4:
                    3a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:36:C7:F8:2E:2B:CA:9C:D8:C4:AD:01:A8:36:FC:F0:02:3A:5F:1D
            X509v3 Authority Key Identifier:
                keyid:8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:74:84:ba:ce:ea:58:dd:f7:9d:25:2d:31:6e:98:28:b2:4d:
         f1:95:69:87:d0:ec:ab:75:03:5c:a2:b9:5e:e2:f5:4e:58:5e:
         e7:35:e5:4a:76:4a:73:3d:24:6f:7d:d2:b5:ad:a2:c6:ad:fc:
         de:92:a8:cf:47:62:15:32:11:cf:c7:6e:90:59:e3:a8:b8:c6:
         10:c3:71:4b:c0:ee:97:b9:b8:1e:5b:cf:56:11:0e:0a:a4:12:
         0b:8f:37:da:08:8b:4e:1f:f2:4d:23:04:e3:e1:75:40:a6:b4:
         1b:85:bc:4b:65:4c:4f:3e:cd:f0:31:8b:50:f1:e7:53:f9:95:
         6e:d0:80:47:d6:76:cc:b2:31:27:7d:51:48:14:33:61:b3:de:
         b1:fb:0b:8a:7e:c8:10:ae:7a:3b:8c:c8:82:f3:07:37:b3:50:
         36:be:26:b1:83:b4:26:84:71:7e:1e:21:14:26:76:f0:f7:50:
         95:de:44:61:19:00:d6:c8:b8:66:37:54:d5:af:3a:3f:a1:cf:
         9d:f0:70:21:ed:ea:e2:f7:04:05:78:54:49:c6:94:bd:d2:6e:
         b2:85:b0:78:49:30:bb:40:05:a7:f1:31:7b:04:54:e0:f2:e4:
         7e:f7:ad:9f:1a:9c:e1:31:67:b5:39:67:82:e5:fe:78:38:4f:
         5c:ad:a6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajidDbI8qjYLvQY9Op3jmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZjQzMTU5MmRlY2YyODVjMzMyZDMwNjI1MzFjMGU3Y2Y2
MTAyYzAwHhcNMjUwNTA2MDMwMDQwWhcNMjUwNTA3MDMwMDQwWjAzMTEwLwYDVQQD
Eyg2ODM2YzdmODJlMmJjYTljZDhjNGFkMDFhODM2ZmNmMDAyM2E1ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTKNQguxlAYRNWLgyAwzkavaMbDj
kjRxVf1DvFpSoKIxJpQgRpLXZVuE0p4IxhPfp/wWMKB7NsUOjR73Etrz4kXSNO+r
pXeIHqhpaUK9BK9IA1YQFKMYcAG/wX2qTPc0OV3k/mZZI1E6mD9u8ubyHhfdCGBs
3biZNtyhNPIuYWhvqfo4tUMt1gsXdLiJBwUCzjh+NdKi+wNnwzK+Zpo4idjcoRQu
BO8246oSooe8tVagqTZJCarWQRtJ9jx5uYtzqMOFzpzTLGLuQykrdciCnTe2hBa1
saUHwmTZ11xIIwzn9fAcwSuwJ9v2FVIhP5hyfkV3DG+ISQ0XZhi03vQ69wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGg2x/guK8qc2MStAag2/PACOl8dMB8GA1UdIwQY
MBaAFI/0MVkt7PKFwzLTBiUxwOfPYQLAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjct
NDRiNzhlNzg4ZGViLzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjctNDRiNzhlNzg4ZGVi
LzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAHSEus7q
WN33nSUtMW6YKLJN8ZVph9Dsq3UDXKK5XuL1Tlhe5zXlSnZKcz0kb33Sta2ixq38
3pKoz0diFTIRz8dukFnjqLjGEMNxS8Dul7m4HlvPVhEOCqQSC4832giLTh/yTSME
4+F1QKa0G4W8S2VMTz7N8DGLUPHnU/mVbtCAR9Z2zLIxJ31RSBQzYbPesfsLin7I
EK56O4zIgvMHN7NQNr4msYO0JoRxfh4hFCZ28PdQld5EYRkA1si4ZjdU1a86P6HP
nfBwIe3q4vcEBXhUScaUvdJusoWweEkwu0AFp/ExewRU4PLkfvetnxqc4TFntTln
guX+eDhPXK2m3Q==
-----END CERTIFICATE-----