Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          QSTRF4AD6tlJlG9xykeJfmJhmjPTA+nb+ZqvxsqbBaU=
Subject key identifier:   5B:91:F7:DF:C6:E2:C7:03:12:62:6D:11:63:AF:CF:D3:28:1A:1D:9C
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01964AEAE4DF2936E0FEAE9B1D9D7A000626
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0B8C
Signing time:             Fri 18 Apr 2025 22:00:29 +0000
Manifest this update:     Fri 18 Apr 2025 22:00:29 +0000
Manifest next update:     Sat 19 Apr 2025 22:00:29 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: b5oCUoMdpIAnP5QC3iwaEp1Eyq8ToGy9bWzbZjRHCE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:ea:e4:df:29:36:e0:fe:ae:9b:1d:9d:7a:00:06:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Apr 18 22:00:29 2025 GMT
            Not After : Apr 19 22:00:29 2025 GMT
        Subject: CN=5b91f7dfc6e2c70312626d1163afcfd3281a1d9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ee:37:c3:1f:33:8c:b6:62:df:65:a9:cb:be:
                    58:e5:c3:fb:a2:a4:e7:53:5b:9b:8c:4b:1a:ab:f5:
                    64:0a:57:cd:31:94:60:9e:60:ee:d7:52:24:d2:b7:
                    80:c4:9e:0d:04:f7:c6:c1:29:86:ee:c8:d4:41:dc:
                    a6:98:e7:31:3e:6d:0f:2f:63:a7:71:fd:12:3c:b4:
                    e7:95:41:c6:ed:6c:81:bd:4d:ae:7a:9d:12:b3:36:
                    a0:03:a7:72:99:d9:f0:ca:99:5a:21:95:16:5c:72:
                    3f:58:5f:82:90:ff:9b:c7:f0:1d:38:d8:8d:6e:0c:
                    45:20:4a:00:8d:16:48:ad:cb:1b:61:22:74:cf:6c:
                    e2:9f:af:9f:a1:4b:61:74:6c:8d:52:12:4e:e4:2b:
                    e6:cf:83:6b:b1:56:00:b5:cf:0a:eb:01:21:5d:97:
                    89:ca:ac:27:0b:15:51:f1:a0:2e:49:1b:db:93:16:
                    60:77:af:61:b1:4b:77:bd:52:3c:e3:06:03:6e:52:
                    43:3e:64:ae:cb:60:08:16:1d:7b:d3:7a:2f:cd:9f:
                    b5:2f:e9:d4:b1:46:01:f6:57:e4:ed:aa:b0:66:fa:
                    c0:b6:0a:ad:0d:29:b5:fd:68:08:8f:d8:1e:40:6d:
                    13:70:4c:36:16:ed:19:dc:9e:b4:61:86:06:e9:5a:
                    57:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:91:F7:DF:C6:E2:C7:03:12:62:6D:11:63:AF:CF:D3:28:1A:1D:9C
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:32:dc:d8:7a:af:7c:f9:18:33:fd:d1:00:22:1a:c1:89:51:
         4d:4a:fe:06:c8:eb:e8:88:2d:ee:7f:6b:04:5e:17:18:d3:b6:
         c7:e2:f6:5f:bb:c7:07:e4:ff:15:79:a9:8b:5d:c6:1f:c5:35:
         4f:72:d1:0a:6d:64:df:af:5c:bf:70:a7:9f:70:8e:62:49:5a:
         85:7e:9b:d4:f0:72:35:a7:b5:d8:78:98:7a:c4:a0:1e:1c:39:
         b8:ca:ac:90:ef:a9:29:c6:3d:47:73:6e:e6:5d:fe:fd:50:f9:
         a2:60:ea:81:9b:d2:f8:54:16:bf:fb:e8:a7:66:64:84:2a:28:
         cc:85:7e:ee:79:af:31:3e:8f:1a:6a:21:32:05:93:ec:ac:b7:
         6a:49:73:b1:20:61:7b:96:38:ef:10:fe:8c:e5:f5:d9:6b:ca:
         91:e8:f0:e2:53:31:00:0f:34:8f:c0:6e:90:a9:f7:1c:a1:e2:
         61:c1:6b:02:fb:ca:f6:67:95:e9:5f:4e:86:e2:bc:21:ab:75:
         83:e6:a5:22:bf:7c:eb:71:9b:8d:39:11:c7:c2:fb:25:f4:ed:
         ec:97:bd:43:24:b5:50:15:17:ca:bd:96:f8:e8:56:5c:75:28:
         e6:55:25:5a:57:87:34:6e:cc:62:f8:4e:9e:97:82:6f:8a:49:
         79:26:e0:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZK6uTfKTbg/q6bHZ16AAYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNDE4MjIwMDI5WhcNMjUwNDE5MjIwMDI5WjAzMTEwLwYDVQQD
Eyg1YjkxZjdkZmM2ZTJjNzAzMTI2MjZkMTE2M2FmY2ZkMzI4MWExZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+43wx8zjLZi32Wpy75Y5cP7oqTn
U1ubjEsaq/VkClfNMZRgnmDu11Ik0reAxJ4NBPfGwSmG7sjUQdymmOcxPm0PL2On
cf0SPLTnlUHG7WyBvU2uep0SszagA6dymdnwyplaIZUWXHI/WF+CkP+bx/AdONiN
bgxFIEoAjRZIrcsbYSJ0z2zin6+foUthdGyNUhJO5Cvmz4NrsVYAtc8K6wEhXZeJ
yqwnCxVR8aAuSRvbkxZgd69hsUt3vVI84wYDblJDPmSuy2AIFh1703ovzZ+1L+nU
sUYB9lfk7aqwZvrAtgqtDSm1/WgIj9geQG0TcEw2Fu0Z3J60YYYG6VpX5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuR99/G4scDEmJtEWOvz9MoGh2cMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzLc2Hqv
fPkYM/3RACIawYlRTUr+Bsjr6Igt7n9rBF4XGNO2x+L2X7vHB+T/FXmpi13GH8U1
T3LRCm1k369cv3Cnn3COYklahX6b1PByNae12HiYesSgHhw5uMqskO+pKcY9R3Nu
5l3+/VD5omDqgZvS+FQWv/vop2ZkhCoozIV+7nmvMT6PGmohMgWT7Ky3aklzsSBh
e5Y47xD+jOX12WvKkejw4lMxAA80j8BukKn3HKHiYcFrAvvK9meV6V9OhuK8Iat1
g+alIr9863GbjTkRx8L7JfTt7Je9QyS1UBUXyr2W+OhWXHUo5lUlWleHNG7MYvhO
npeCb4pJeSbgLw==
-----END CERTIFICATE-----