Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          kqyPWJSQGXeduCwM50Q2zMXEEYxHgnrtl7Xuqzz+Vaw=
Subject key identifier:   E7:8E:1D:C8:B5:E2:2F:EA:6B:F3:AD:54:0D:E8:D9:2C:27:96:BC:18
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       01965726C91D928041D1EEEC5171C55F952E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0961
Signing time:             Mon 21 Apr 2025 07:01:21 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:21 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:21 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: TipDcmmg89ovH1bsfGSNOVlzDdVGvGXN4qxpHZ789es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:c9:1d:92:80:41:d1:ee:ec:51:71:c5:5f:95:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Apr 21 07:01:21 2025 GMT
            Not After : Apr 22 07:01:21 2025 GMT
        Subject: CN=e78e1dc8b5e22fea6bf3ad540de8d92c2796bc18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7f:3e:1e:f9:eb:b9:e7:b8:60:22:d5:86:32:
                    45:65:8e:74:90:b0:8a:8f:48:91:2a:4d:11:9f:a3:
                    7c:ee:c8:84:ed:75:6e:39:1a:86:2f:d9:c6:94:52:
                    8f:38:b0:bf:a9:ed:20:5c:3b:a0:fd:ad:65:47:ae:
                    1f:c1:47:ab:71:f7:2b:59:f4:23:74:91:61:80:e6:
                    6b:7b:3e:71:65:1d:ba:c6:de:47:7c:c4:d2:df:55:
                    91:58:bb:6d:e4:90:6f:a8:27:eb:4e:ee:16:83:a6:
                    59:6e:ce:11:8c:fa:12:b2:7b:56:b6:2b:f1:86:41:
                    ba:78:de:02:35:54:c9:f9:fe:92:95:23:68:fa:04:
                    52:ac:11:13:c2:ab:3f:2a:50:11:7f:d0:b9:fc:00:
                    ec:ac:fe:67:06:f8:75:8b:db:69:64:07:0e:24:df:
                    ab:d7:25:d7:46:47:e1:3f:2b:ef:28:94:da:f3:ad:
                    4d:dc:86:83:32:61:bf:fd:7f:eb:23:8b:7f:6d:cc:
                    59:fe:fe:76:65:6d:14:72:bb:ba:e4:47:50:a0:a8:
                    85:ff:33:b3:0d:06:b0:e4:a1:42:7a:c7:22:00:df:
                    c4:6f:d8:72:ee:2a:02:c3:4a:0b:ae:96:b8:29:71:
                    dd:46:4b:e3:9d:51:9a:8b:9a:3b:13:5c:e0:f7:5b:
                    8b:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:8E:1D:C8:B5:E2:2F:EA:6B:F3:AD:54:0D:E8:D9:2C:27:96:BC:18
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:37:49:ca:21:94:03:24:b3:6e:46:9c:71:e7:9e:e3:20:ea:
         35:71:06:af:12:4a:09:af:48:0e:c8:59:77:c5:90:0e:93:2d:
         21:cd:8a:37:7d:69:71:dc:5c:08:1a:6c:f3:03:ae:df:d6:fc:
         26:77:87:4a:6a:24:56:ff:8d:86:c0:c7:8a:5b:bb:2e:39:27:
         e9:d8:02:a5:0e:66:93:28:c3:c5:aa:ba:97:53:08:0a:3b:96:
         4e:2d:94:71:3c:c3:e4:65:2c:34:1a:56:b6:8a:ca:a5:4a:3e:
         eb:63:08:83:3c:48:80:da:b2:2e:54:85:38:ef:8d:93:23:32:
         6e:a9:23:b6:90:dc:d0:b3:93:b5:16:5a:de:8b:3e:3d:e8:6e:
         c2:30:57:1e:87:55:20:0d:c3:ff:b1:46:d8:51:69:6e:69:9e:
         07:47:d9:f1:32:9d:b8:1e:28:c3:58:b5:3e:b3:9f:a4:9d:4c:
         09:73:54:67:a1:b4:db:e7:0d:74:8b:87:b0:82:40:b0:ab:4d:
         a7:f5:3c:3b:13:28:c6:7f:7a:76:98:6b:25:fd:63:cd:cd:e7:
         dd:6a:2d:58:0e:1d:bd:6b:c1:c8:57:0a:f1:24:cc:90:70:72:
         e0:57:0e:91:57:13:92:44:c2:5b:62:76:29:fb:57:c9:0a:71:
         e7:e7:8c:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJskdkoBB0e7sUXHFX5UuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUwNDIxMDcwMTIxWhcNMjUwNDIyMDcwMTIxWjAzMTEwLwYDVQQD
EyhlNzhlMWRjOGI1ZTIyZmVhNmJmM2FkNTQwZGU4ZDkyYzI3OTZiYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH8+Hvnruee4YCLVhjJFZY50kLCK
j0iRKk0Rn6N87siE7XVuORqGL9nGlFKPOLC/qe0gXDug/a1lR64fwUercfcrWfQj
dJFhgOZrez5xZR26xt5HfMTS31WRWLtt5JBvqCfrTu4Wg6ZZbs4RjPoSsntWtivx
hkG6eN4CNVTJ+f6SlSNo+gRSrBETwqs/KlARf9C5/ADsrP5nBvh1i9tpZAcOJN+r
1yXXRkfhPyvvKJTa861N3IaDMmG//X/rI4t/bcxZ/v52ZW0Ucru65EdQoKiF/zOz
DQaw5KFCesciAN/Eb9hy7ioCw0oLrpa4KXHdRkvjnVGai5o7E1zg91uLawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeOHci14i/qa/OtVA3o2SwnlrwYMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADzdJyiGU
AySzbkacceee4yDqNXEGrxJKCa9IDshZd8WQDpMtIc2KN31pcdxcCBps8wOu39b8
JneHSmokVv+NhsDHilu7Ljkn6dgCpQ5mkyjDxaq6l1MICjuWTi2UcTzD5GUsNBpW
torKpUo+62MIgzxIgNqyLlSFOO+NkyMybqkjtpDc0LOTtRZa3os+PehuwjBXHodV
IA3D/7FG2FFpbmmeB0fZ8TKduB4ow1i1PrOfpJ1MCXNUZ6G02+cNdIuHsIJAsKtN
p/U8OxMoxn96dphrJf1jzc3n3WotWA4dvWvByFcK8STMkHBy4FcOkVcTkkTCW2J2
KftXyQpx5+eMXA==
-----END CERTIFICATE-----