Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
File:                     IhQgnik48W3KWTVwH6aG2Q_De54.mft (raw, json)
Hash identifier:          PUo61Iay/q+CS1lgZdOP4yLpV465EK9roKMyfyNcrHM=
Subject key identifier:   CD:A0:EE:1F:F4:D9:15:D5:96:A4:BC:5F:8B:9B:B7:B1:99:88:15:0E
Authority key identifier: 22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E
Certificate issuer:       /CN=2214209e2938f16dca5935701fa686d90fc37b9e
Certificate serial:       019655381BE21FAA3F7A6E3D475A2EAE3E1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
Manifest number:          038A
Signing time:             Sun 20 Apr 2025 22:01:02 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:02 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:02 +0000
Files and hashes:         1: IhQgnik48W3KWTVwH6aG2Q_De54.crl (hash: Bo7kmXwdBbo5KEtvMRbRSqf+TH1x/D+ACoUFVfjtv+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:1b:e2:1f:aa:3f:7a:6e:3d:47:5a:2e:ae:3e:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2214209e2938f16dca5935701fa686d90fc37b9e
        Validity
            Not Before: Apr 20 22:01:02 2025 GMT
            Not After : Apr 21 22:01:02 2025 GMT
        Subject: CN=cda0ee1ff4d915d596a4bc5f8b9bb7b19988150e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6c:cf:f0:71:b3:4f:a6:0d:72:3d:79:5c:13:
                    36:23:89:8e:7b:04:63:3a:61:0f:44:c5:d5:38:17:
                    78:ed:3f:a6:23:cb:11:19:28:a5:75:2e:16:5d:be:
                    b1:24:7c:f8:d4:63:76:b1:8f:cd:35:2a:51:3d:61:
                    e7:0e:51:7c:0b:67:5a:58:90:92:85:12:d6:d0:36:
                    01:1d:73:3b:9d:75:1d:e8:48:0a:a2:26:88:35:4d:
                    f4:ed:3f:3c:7e:cc:a8:8f:06:3f:2c:5e:ba:3f:de:
                    15:fc:2a:fd:f4:ab:98:14:74:8b:aa:14:03:a1:37:
                    75:46:c1:7c:b2:80:28:19:75:4f:bd:1c:5c:03:48:
                    5f:da:14:87:62:15:50:6d:0f:66:4e:38:df:98:23:
                    40:4a:e3:49:79:25:03:c7:00:cc:0a:a6:fe:65:1f:
                    a0:88:01:38:a1:46:14:29:30:fc:a6:4d:94:43:23:
                    9b:e1:41:b2:6f:8d:f9:d5:86:85:6e:2a:b9:27:77:
                    0f:70:39:c8:9c:f1:b6:db:be:2d:d9:64:6c:b1:e4:
                    47:30:1e:93:80:e0:3f:e0:00:c5:e2:43:c8:5d:62:
                    5b:51:1f:af:13:8f:3a:a6:1f:5e:cc:a0:fb:c8:b0:
                    a8:a9:b9:9d:19:58:3b:9f:e2:c3:a1:b2:fe:03:1e:
                    f7:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A0:EE:1F:F4:D9:15:D5:96:A4:BC:5F:8B:9B:B7:B1:99:88:15:0E
            X509v3 Authority Key Identifier:
                keyid:22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:a4:25:3d:f8:1b:84:9a:74:f4:8d:6b:af:45:ab:a9:e3:23:
         45:64:4f:75:56:a7:00:46:ac:7c:9c:df:8b:7e:d3:85:d0:eb:
         4c:29:0d:fa:30:fc:2b:a5:d1:da:22:0f:e6:bb:ee:a1:21:e9:
         d7:b0:7f:be:8e:62:1b:6c:2a:b5:71:d8:88:9b:e6:24:d0:58:
         d6:b5:1e:7a:26:25:79:57:92:7c:64:64:3d:69:72:0d:b7:c0:
         15:a8:7d:3b:13:85:6e:91:a0:d1:ea:17:93:41:a2:b0:9e:72:
         20:fc:a9:ee:41:9d:14:b3:68:66:e2:9c:c5:42:e9:6f:e1:9e:
         f5:45:f3:75:71:f4:77:30:30:1a:66:9d:62:82:d3:91:c1:2a:
         21:76:89:71:1d:39:9a:e0:02:1e:54:3a:ba:c7:65:67:4d:96:
         2a:26:5d:f8:68:33:51:18:7a:0d:7b:06:ca:b0:c2:77:e9:ed:
         e9:fa:e2:38:37:a3:e5:12:70:de:d3:6e:36:6f:fa:48:32:3c:
         eb:a5:dd:94:48:2d:34:b5:40:aa:9b:07:ca:a9:b5:59:0c:e6:
         c7:23:39:3b:f8:a7:79:1b:0d:d6:52:bf:d0:f6:b6:1d:16:81:
         67:52:da:54:35:82:ba:94:42:9f:11:de:88:55:04:f1:cc:a8:
         c0:59:63:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOBviH6o/em49R1ourj4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTQyMDllMjkzOGYxNmRjYTU5MzU3MDFmYTY4NmQ5MGZj
MzdiOWUwHhcNMjUwNDIwMjIwMTAyWhcNMjUwNDIxMjIwMTAyWjAzMTEwLwYDVQQD
EyhjZGEwZWUxZmY0ZDkxNWQ1OTZhNGJjNWY4YjliYjdiMTk5ODgxNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2zP8HGzT6YNcj15XBM2I4mOewRj
OmEPRMXVOBd47T+mI8sRGSildS4WXb6xJHz41GN2sY/NNSpRPWHnDlF8C2daWJCS
hRLW0DYBHXM7nXUd6EgKoiaINU307T88fsyojwY/LF66P94V/Cr99KuYFHSLqhQD
oTd1RsF8soAoGXVPvRxcA0hf2hSHYhVQbQ9mTjjfmCNASuNJeSUDxwDMCqb+ZR+g
iAE4oUYUKTD8pk2UQyOb4UGyb4351YaFbiq5J3cPcDnInPG2274t2WRsseRHMB6T
gOA/4ADF4kPIXWJbUR+vE486ph9ezKD7yLCoqbmdGVg7n+LDobL+Ax73VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2g7h/02RXVlqS8X4ubt7GZiBUOMB8GA1UdIwQY
MBaAFCIUIJ4pOPFtylk1cB+mhtkPw3ueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQt
NGFkZDM5M2E3MjNlLzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQtNGFkZDM5M2E3MjNl
LzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFaQlPfgb
hJp09I1rr0WrqeMjRWRPdVanAEasfJzfi37ThdDrTCkN+jD8K6XR2iIP5rvuoSHp
17B/vo5iG2wqtXHYiJvmJNBY1rUeeiYleVeSfGRkPWlyDbfAFah9OxOFbpGg0eoX
k0GisJ5yIPyp7kGdFLNoZuKcxULpb+Ge9UXzdXH0dzAwGmadYoLTkcEqIXaJcR05
muACHlQ6usdlZ02WKiZd+GgzURh6DXsGyrDCd+nt6friODej5RJw3tNuNm/6SDI8
66XdlEgtNLVAqpsHyqm1WQzmxyM5O/ineRsN1lK/0Pa2HRaBZ1LaVDWCupRCnxHe
iFUE8cyowFljfA==
-----END CERTIFICATE-----