Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          12bOKwcZ/1cSIGIKs6rxz/PLlMKqxh1cV/WPDGAmXyA=
Subject key identifier:   87:C0:E3:41:03:B3:90:C6:43:C0:9D:52:BA:9B:DB:47:E7:1C:F9:4A
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       0197556C3306FA4EC8A709246955546DDBC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0C16
Signing time:             Mon 09 Jun 2025 16:00:43 +0000
Manifest this update:     Mon 09 Jun 2025 16:00:43 +0000
Manifest next update:     Tue 10 Jun 2025 16:00:43 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: kDfp+6XS3j3YLFSJX4aGeMHVeJulnDM888JCoqTxLtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:55:6c:33:06:fa:4e:c8:a7:09:24:69:55:54:6d:db:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Jun  9 16:00:43 2025 GMT
            Not After : Jun 10 16:00:43 2025 GMT
        Subject: CN=87c0e34103b390c643c09d52ba9bdb47e71cf94a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:14:f0:bb:1a:67:52:b5:c4:a9:90:40:8b:b3:
                    23:b1:aa:79:92:7a:e0:d9:6a:ad:5b:ca:60:13:25:
                    26:95:ee:2f:64:76:d2:ca:84:6a:a1:91:d3:ea:f4:
                    db:23:ce:34:73:8f:05:88:f3:a3:9f:cb:98:bf:85:
                    d9:f3:2f:3d:5e:91:c6:26:39:00:a1:bb:ee:16:20:
                    30:69:8f:ad:11:cf:10:41:74:b8:79:c7:44:68:18:
                    a5:66:1a:95:c6:a7:72:6f:cc:e4:15:cb:74:5c:a9:
                    4b:46:4b:85:e4:33:95:50:f8:c0:28:ba:34:42:e6:
                    a5:42:e0:fb:2b:98:86:74:ca:09:68:7e:43:76:e9:
                    02:f1:c8:1c:30:8e:ef:32:cf:0b:58:b0:df:1a:67:
                    57:85:61:8f:82:9f:72:b2:75:f6:32:79:45:91:f5:
                    dd:cc:37:e2:93:62:9f:83:37:0d:30:af:3d:bb:12:
                    63:c7:9c:5f:ef:f2:f8:68:ff:c0:22:22:6e:77:d5:
                    78:13:97:63:ef:57:5a:fa:4c:e0:1e:bc:d4:bc:d7:
                    d3:a1:9f:e1:fa:d7:d3:c8:be:8b:c2:8e:e4:9f:ff:
                    3d:3d:e0:17:e4:1b:00:56:3d:77:e6:ce:08:1a:32:
                    c8:dd:31:66:63:7a:26:5a:d0:db:2f:8e:d0:b4:c8:
                    c3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C0:E3:41:03:B3:90:C6:43:C0:9D:52:BA:9B:DB:47:E7:1C:F9:4A
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:0e:9e:fe:e0:2f:dc:de:dd:bf:c1:bd:a9:29:47:f5:ec:35:
         0c:ff:4a:7f:22:22:b9:a5:d4:ef:39:96:4a:fe:41:12:64:e4:
         39:5d:17:59:76:28:66:e2:1e:49:ec:bb:d2:6f:0a:e0:1c:6a:
         2a:5f:2c:f2:65:d6:d1:e0:a3:7d:7c:4e:7c:53:4b:80:24:76:
         d0:19:a6:fe:ff:3f:af:b0:df:a3:67:9a:5e:8d:34:b6:2e:03:
         ac:d6:09:76:ca:61:74:5c:8b:f4:df:2e:e6:33:dc:8d:27:44:
         23:10:38:02:91:81:c6:f0:92:10:f2:7a:9d:2c:f5:9a:5d:f0:
         1c:1d:e7:c9:fe:af:31:db:1f:b8:86:5f:7d:aa:cf:59:08:39:
         2a:ff:d3:e4:ec:d7:3e:a7:95:5a:6f:40:29:5b:2e:fa:9a:e5:
         32:50:4b:dd:86:92:72:ca:51:3d:17:9f:4e:fe:66:72:75:a0:
         32:10:46:85:ce:5b:cb:a3:1b:ae:81:f4:14:9a:06:32:8a:10:
         50:c3:d1:fa:f3:ea:80:88:56:85:72:a8:b9:09:f6:51:bf:e6:
         fc:9d:0b:dc:90:a0:38:1f:35:87:0b:80:ef:d9:32:8d:d2:15:
         b6:f2:ea:27:d1:1f:ef:b1:e6:77:0a:f8:01:aa:67:92:08:e1:
         8c:4a:79:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdVbDMG+k7IpwkkaVVUbdvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNjA5MTYwMDQzWhcNMjUwNjEwMTYwMDQzWjAzMTEwLwYDVQQD
Eyg4N2MwZTM0MTAzYjM5MGM2NDNjMDlkNTJiYTliZGI0N2U3MWNmOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxTwuxpnUrXEqZBAi7Mjsap5knrg
2WqtW8pgEyUmle4vZHbSyoRqoZHT6vTbI840c48FiPOjn8uYv4XZ8y89XpHGJjkA
obvuFiAwaY+tEc8QQXS4ecdEaBilZhqVxqdyb8zkFct0XKlLRkuF5DOVUPjAKLo0
QualQuD7K5iGdMoJaH5DdukC8cgcMI7vMs8LWLDfGmdXhWGPgp9ysnX2MnlFkfXd
zDfik2KfgzcNMK89uxJjx5xf7/L4aP/AIiJud9V4E5dj71da+kzgHrzUvNfToZ/h
+tfTyL6Lwo7kn/89PeAX5BsAVj135s4IGjLI3TFmY3omWtDbL47QtMjD7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfA40EDs5DGQ8CdUrqb20fnHPlKMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANw6e/uAv
3N7dv8G9qSlH9ew1DP9KfyIiuaXU7zmWSv5BEmTkOV0XWXYoZuIeSey70m8K4Bxq
Kl8s8mXW0eCjfXxOfFNLgCR20Bmm/v8/r7Dfo2eaXo00ti4DrNYJdsphdFyL9N8u
5jPcjSdEIxA4ApGBxvCSEPJ6nSz1ml3wHB3nyf6vMdsfuIZffarPWQg5Kv/T5OzX
PqeVWm9AKVsu+prlMlBL3YaScspRPRefTv5mcnWgMhBGhc5by6MbroH0FJoGMooQ
UMPR+vPqgIhWhXKouQn2Ub/m/J0L3JCgOB81hwuA79kyjdIVtvLqJ9Ef77Hmdwr4
AapnkgjhjEp58Q==
-----END CERTIFICATE-----