Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          SMX4OcO1DhZMX0gv5j0pfxjgzc4MvAffNLOaqWnAefs=
Subject key identifier:   39:0A:78:28:47:E0:4A:C1:5C:C2:38:9D:13:CD:40:07:5B:0F:41:75
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       019643D625315C034E56DFEAB8F5B1DEA3DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          0519
Signing time:             Thu 17 Apr 2025 13:00:29 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:29 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:29 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: 36s9Bhdls4BjgVraYMFDp6PlkPjktTpsNqr6lzJvi4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:25:31:5c:03:4e:56:df:ea:b8:f5:b1:de:a3:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Apr 17 13:00:29 2025 GMT
            Not After : Apr 18 13:00:29 2025 GMT
        Subject: CN=390a782847e04ac15cc2389d13cd40075b0f4175
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6b:45:16:f2:17:91:ec:34:73:42:92:b0:31:
                    6a:2a:4c:5a:a9:de:48:13:fa:0e:cb:d7:fa:32:6f:
                    28:73:3a:89:13:8c:07:8f:3c:70:59:c4:19:2f:90:
                    db:38:aa:53:05:28:4d:de:cb:15:bf:7a:d5:89:7e:
                    54:7d:a8:e7:bc:ee:68:d9:4c:fa:cf:1b:13:37:52:
                    4a:25:2e:7d:46:d7:8a:18:48:45:32:02:ab:e1:af:
                    5b:05:07:e2:a7:cc:5f:f6:cc:42:a0:8d:eb:61:61:
                    d8:5e:ba:dc:0f:74:8b:f3:ff:72:60:3d:0b:dc:b6:
                    24:37:5b:23:c5:c1:d9:e5:23:8a:c0:73:9c:11:30:
                    2d:a3:7c:36:24:50:4b:63:f2:4a:38:82:4e:10:ad:
                    fc:c7:1c:3b:5e:c2:d2:af:fa:a5:4e:2d:04:5f:f2:
                    a2:a3:fb:59:ef:fa:d0:1d:ef:df:7e:73:af:ce:44:
                    28:bd:b7:17:db:e2:bf:fd:7e:71:a6:8c:b3:3f:19:
                    13:f3:41:3e:58:a2:74:41:5a:44:3d:2f:f6:e9:69:
                    a7:8c:24:98:5d:5b:16:cf:05:53:fd:6a:23:b5:c0:
                    ee:b8:ce:56:ed:8d:d2:d6:fb:c0:bb:6a:ed:b7:52:
                    43:d1:20:37:33:b1:9b:eb:c6:b7:b6:5d:cd:ff:03:
                    df:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:0A:78:28:47:E0:4A:C1:5C:C2:38:9D:13:CD:40:07:5B:0F:41:75
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:6d:27:a5:9a:0d:b2:a7:64:92:46:7f:a3:21:bf:aa:7a:88:
         6c:ff:47:79:5e:3d:d8:a6:89:e6:58:43:b4:6d:ad:3e:73:ca:
         5e:39:d2:50:49:bd:c5:bd:0c:3e:6e:27:93:3e:32:4f:f4:dc:
         bd:8c:f5:94:99:5e:e6:c7:fd:bf:e0:a9:b5:06:98:c3:83:f0:
         2a:de:8b:16:a0:62:91:d0:8c:29:8a:d1:30:28:60:3e:40:99:
         e6:54:33:c9:27:a2:0f:5f:ba:c1:74:1e:2c:ec:48:1d:7c:c8:
         50:b0:fa:64:4d:cf:84:f0:4e:c0:0a:92:88:2f:0f:10:94:48:
         6a:48:67:75:7b:97:1e:0f:2a:0d:e5:8a:75:22:5b:5b:3c:35:
         d8:6a:a1:0e:8d:ab:15:83:6a:bf:e8:f7:f7:35:e5:37:f7:6f:
         ed:92:cb:ea:13:36:34:ac:ff:0e:12:d5:f2:37:8c:a3:af:1f:
         a6:56:c0:07:cb:04:57:a3:8c:77:b9:f7:fa:92:f4:0e:51:7d:
         ef:cb:99:c9:54:6a:d1:12:b5:e9:fa:f2:90:71:e3:cd:1c:ff:
         68:32:fd:c0:e0:1e:66:f7:ae:5a:c6:a8:e9:82:d5:9b:d2:05:
         04:50:d6:4f:e4:88:9f:db:26:b0:bf:a7:45:01:d6:82:9b:3b:
         4b:cd:81:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1iUxXANOVt/quPWx3qPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwNDE3MTMwMDI5WhcNMjUwNDE4MTMwMDI5WjAzMTEwLwYDVQQD
EygzOTBhNzgyODQ3ZTA0YWMxNWNjMjM4OWQxM2NkNDAwNzViMGY0MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmtFFvIXkew0c0KSsDFqKkxaqd5I
E/oOy9f6Mm8oczqJE4wHjzxwWcQZL5DbOKpTBShN3ssVv3rViX5UfajnvO5o2Uz6
zxsTN1JKJS59RteKGEhFMgKr4a9bBQfip8xf9sxCoI3rYWHYXrrcD3SL8/9yYD0L
3LYkN1sjxcHZ5SOKwHOcETAto3w2JFBLY/JKOIJOEK38xxw7XsLSr/qlTi0EX/Ki
o/tZ7/rQHe/ffnOvzkQovbcX2+K//X5xpoyzPxkT80E+WKJ0QVpEPS/26WmnjCSY
XVsWzwVT/WojtcDuuM5W7Y3S1vvAu2rtt1JD0SA3M7Gb68a3tl3N/wPfxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkKeChH4ErBXMI4nRPNQAdbD0F1MB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARG0npZoN
sqdkkkZ/oyG/qnqIbP9HeV492KaJ5lhDtG2tPnPKXjnSUEm9xb0MPm4nkz4yT/Tc
vYz1lJle5sf9v+CptQaYw4PwKt6LFqBikdCMKYrRMChgPkCZ5lQzySeiD1+6wXQe
LOxIHXzIULD6ZE3PhPBOwAqSiC8PEJRIakhndXuXHg8qDeWKdSJbWzw12GqhDo2r
FYNqv+j39zXlN/dv7ZLL6hM2NKz/DhLV8jeMo68fplbAB8sEV6OMd7n3+pL0DlF9
78uZyVRq0RK16frykHHjzRz/aDL9wOAeZveuWsao6YLVm9IFBFDWT+SIn9smsL+n
RQHWgps7S82B2w==
-----END CERTIFICATE-----