Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File:                     iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier:          /dtJyaPNxaGB+x+7orQl/3aw4gAsqCLw8Wksdc/PfvM=
Subject key identifier:   AD:37:BE:7D:C7:0C:99:C0:6F:99:A1:0A:89:C3:89:7B:A8:4C:7E:F2
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer:       /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial:       01965F8439D72F51F4B9EF09B054FDCC1102
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number:          0295
Signing time:             Tue 22 Apr 2025 22:00:23 +0000
Manifest this update:     Tue 22 Apr 2025 22:00:23 +0000
Manifest next update:     Wed 23 Apr 2025 22:00:23 +0000
Files and hashes:         1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: V/+yAOL/ktv5i6asGxvTQ61nd4l5+aI3v7abdfBbU1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 22:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5f:84:39:d7:2f:51:f4:b9:ef:09:b0:54:fd:cc:11:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
        Validity
            Not Before: Apr 22 22:00:23 2025 GMT
            Not After : Apr 23 22:00:23 2025 GMT
        Subject: CN=ad37be7dc70c99c06f99a10a89c3897ba84c7ef2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a7:41:87:6e:28:34:df:99:1c:00:da:36:73:
                    41:06:06:e0:b4:05:2f:a3:d9:e4:b8:bf:f6:2e:f1:
                    35:f1:2f:c9:dd:07:bf:e3:43:75:2c:41:67:e7:c7:
                    d8:09:d1:3c:76:99:30:d7:63:f6:ee:a1:46:ee:f0:
                    7d:35:c4:fb:24:ce:e8:43:26:34:15:4c:cd:80:fc:
                    75:01:c2:ec:6e:e7:3e:cf:64:0d:7b:2c:07:0e:82:
                    38:52:36:58:c3:f9:84:4b:2e:24:62:07:e6:72:6f:
                    de:80:a4:18:29:56:da:90:14:b9:72:fc:81:f0:e1:
                    ee:08:d6:e9:95:95:64:bd:5d:c3:72:a2:0f:5f:c4:
                    49:55:8c:2d:6f:6b:97:c4:1a:10:76:17:72:47:3b:
                    31:ad:3a:ab:e4:f2:58:da:26:9e:20:13:3e:62:a8:
                    eb:de:bd:c3:77:f7:7b:16:c5:fe:6f:f3:3c:43:6d:
                    9c:61:4c:a3:e8:81:a1:f8:02:d5:fe:26:55:3a:e6:
                    60:aa:d5:80:4b:d5:33:35:72:90:34:96:e4:8a:e6:
                    b6:82:24:4c:d1:c6:7d:88:96:ba:f1:96:50:ba:72:
                    e4:74:25:9b:23:76:39:aa:83:3c:d4:a8:68:02:d1:
                    db:56:87:9e:db:89:50:53:e9:1f:0d:b7:f7:44:71:
                    5f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:37:BE:7D:C7:0C:99:C0:6F:99:A1:0A:89:C3:89:7B:A8:4C:7E:F2
            X509v3 Authority Key Identifier:
                keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:93:32:89:e8:23:56:57:ba:52:f0:2b:30:c6:1a:cd:0d:7d:
         e1:95:75:0a:bd:2e:d7:30:6f:db:02:5a:a4:bd:d7:a3:19:1d:
         62:7d:45:6b:41:eb:f6:f8:91:5a:15:58:6d:8f:47:29:83:b1:
         0e:19:b0:35:38:7d:84:d9:0c:e4:70:c9:db:80:24:85:32:a7:
         d4:b9:f6:26:c9:4d:b1:71:de:d2:f7:2c:87:cf:d5:b4:88:82:
         74:7b:85:77:1f:66:cc:45:12:0e:39:5e:3f:f0:06:5d:01:85:
         58:14:dd:9e:e5:42:d9:68:ed:16:72:9f:04:2a:81:6d:9f:14:
         fa:39:e8:9d:62:85:3a:a2:c3:d2:05:ec:71:26:1a:55:79:11:
         cd:81:09:01:1e:b1:24:fe:36:7a:88:0b:91:e2:51:74:2b:3d:
         83:c3:e6:a2:02:1b:1c:5f:52:45:0e:f5:cf:be:0d:44:5c:b2:
         26:e9:6a:72:28:c7:b4:44:09:b8:86:15:71:db:49:71:74:72:
         4b:87:32:c8:55:93:4b:27:8a:9f:5b:a1:62:5f:56:ed:b1:cd:
         1e:ee:cf:4a:f9:dc:09:6a:e8:ce:81:f0:8a:de:75:37:2a:cd:
         70:7d:91:e9:de:56:de:e5:51:f8:01:a3:79:5b:dc:89:c3:4b:
         a1:f3:b4:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZfhDnXL1H0ue8JsFT9zBECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjUwNDIyMjIwMDIzWhcNMjUwNDIzMjIwMDIzWjAzMTEwLwYDVQQD
EyhhZDM3YmU3ZGM3MGM5OWMwNmY5OWExMGE4OWMzODk3YmE4NGM3ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnadBh24oNN+ZHADaNnNBBgbgtAUv
o9nkuL/2LvE18S/J3Qe/40N1LEFn58fYCdE8dpkw12P27qFG7vB9NcT7JM7oQyY0
FUzNgPx1AcLsbuc+z2QNeywHDoI4UjZYw/mESy4kYgfmcm/egKQYKVbakBS5cvyB
8OHuCNbplZVkvV3DcqIPX8RJVYwtb2uXxBoQdhdyRzsxrTqr5PJY2iaeIBM+Yqjr
3r3Dd/d7FsX+b/M8Q22cYUyj6IGh+ALV/iZVOuZgqtWAS9UzNXKQNJbkiua2giRM
0cZ9iJa68ZZQunLkdCWbI3Y5qoM81KhoAtHbVoee24lQU+kfDbf3RHFfCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK03vn3HDJnAb5mhConDiXuoTH7yMB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZMyiegj
Vle6UvArMMYazQ194ZV1Cr0u1zBv2wJapL3XoxkdYn1Fa0Hr9viRWhVYbY9HKYOx
DhmwNTh9hNkM5HDJ24AkhTKn1Ln2JslNsXHe0vcsh8/VtIiCdHuFdx9mzEUSDjle
P/AGXQGFWBTdnuVC2WjtFnKfBCqBbZ8U+jnonWKFOqLD0gXscSYaVXkRzYEJAR6x
JP42eogLkeJRdCs9g8PmogIbHF9SRQ71z74NRFyyJulqcijHtEQJuIYVcdtJcXRy
S4cyyFWTSyeKn1uhYl9W7bHNHu7PSvncCWrozoHwit51NyrNcH2R6d5W3uVR+AGj
eVvcicNLofO0xg==
-----END CERTIFICATE-----