Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          Irlz796KRAdUcXr+FfJF3DvzBhLFXmJG+JKPCjqSv3U=
Subject key identifier:   42:2F:AE:D6:15:D0:29:B1:6D:A7:6E:0A:3C:2A:8B:C0:1C:05:7C:C1
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       01974A7B5821D74316A3982B58E6ADF53A81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          0A21
Signing time:             Sat 07 Jun 2025 13:01:26 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:26 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:26 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: Mije89s5xJaDtpNzch8dHdatmssMfRKdLWAFD7VG8fI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:58:21:d7:43:16:a3:98:2b:58:e6:ad:f5:3a:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: Jun  7 13:01:26 2025 GMT
            Not After : Jun  8 13:01:26 2025 GMT
        Subject: CN=422faed615d029b16da76e0a3c2a8bc01c057cc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:56:38:a9:b9:be:ce:70:e0:97:ed:24:f1:3a:
                    c4:74:1e:3c:96:2a:85:0c:bc:9e:fa:c3:74:e6:fc:
                    a8:e8:14:b9:89:b6:7c:51:c6:8a:51:c7:37:67:a4:
                    ea:a5:68:65:1a:62:20:b0:7c:1f:c1:7d:89:d9:3b:
                    b9:34:2a:3e:9b:6a:5d:ad:90:ba:67:fc:ff:f6:e7:
                    f9:fd:fa:67:c3:e0:6e:a1:70:7f:3c:f0:f2:6b:75:
                    e8:9b:b1:ca:49:90:54:1c:15:57:2f:53:f4:fd:dc:
                    ad:28:42:03:1f:c7:75:8f:a0:a9:0d:c6:11:d8:7f:
                    fe:ae:b6:dc:4c:5e:8f:94:0c:db:07:25:3e:ea:a2:
                    c2:66:b2:a9:4a:41:c2:21:d7:0b:80:68:28:f7:c6:
                    c2:08:ef:97:5b:da:24:4c:fe:14:24:7f:63:d3:9d:
                    96:b1:48:8d:cf:19:38:30:fd:7e:29:5b:71:ce:20:
                    66:4e:8b:65:9f:f0:77:0a:08:51:fd:9d:fa:f2:3f:
                    be:a2:78:76:40:fa:81:02:20:f3:ee:49:e5:73:80:
                    e8:b6:b4:3a:ac:9f:f2:c4:d2:c1:9a:1b:21:2f:75:
                    4a:98:29:fc:83:4f:1a:5b:d7:03:d2:95:44:47:4f:
                    42:69:cb:14:79:eb:98:46:a4:b3:e8:3a:75:8d:32:
                    0f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:2F:AE:D6:15:D0:29:B1:6D:A7:6E:0A:3C:2A:8B:C0:1C:05:7C:C1
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:39:03:44:8f:17:8b:f9:8b:31:5a:b9:f5:7d:92:4b:58:2a:
         49:38:10:83:90:81:dc:06:d8:ab:cb:1b:8a:de:58:ce:03:03:
         e7:38:05:6e:8f:6a:18:78:53:a5:02:44:61:c6:bc:9c:01:43:
         4e:f6:75:29:b1:d4:d9:e9:c9:c0:c1:92:ad:33:ca:d9:48:7c:
         00:1e:09:6c:71:01:da:b8:d8:ff:fd:3c:fb:8c:87:bb:2a:b0:
         e8:2f:68:c3:19:5f:97:7d:ef:75:4a:e0:6d:1f:d7:76:b5:08:
         f1:ac:ad:b4:36:5d:e6:36:b6:f2:56:9a:99:64:3c:ac:57:7b:
         fd:6c:5a:f4:d7:63:dd:ff:b8:48:cc:ad:af:4f:b0:d4:90:d9:
         51:0a:30:c0:d7:c9:b7:3e:ff:93:7d:01:56:f7:4d:79:b0:72:
         ba:f4:71:6e:31:c6:68:80:df:55:11:5b:39:8d:7a:0d:4c:db:
         5d:3d:6a:54:80:9e:8a:ba:44:c6:00:99:55:e0:1d:f4:55:24:
         7b:97:cb:11:f7:42:c3:40:31:4f:e5:4a:20:7e:19:cf:47:08:
         9d:97:35:75:13:ec:0a:3a:36:16:26:96:78:2c:9f:ec:dc:42:
         77:f7:a6:c4:76:64:6b:f3:b9:d3:1b:a6:39:53:d0:f5:31:03:
         35:0d:ab:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe1gh10MWo5grWOat9TqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjUwNjA3MTMwMTI2WhcNMjUwNjA4MTMwMTI2WjAzMTEwLwYDVQQD
Eyg0MjJmYWVkNjE1ZDAyOWIxNmRhNzZlMGEzYzJhOGJjMDFjMDU3Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFY4qbm+znDgl+0k8TrEdB48liqF
DLye+sN05vyo6BS5ibZ8UcaKUcc3Z6TqpWhlGmIgsHwfwX2J2Tu5NCo+m2pdrZC6
Z/z/9uf5/fpnw+BuoXB/PPDya3Xom7HKSZBUHBVXL1P0/dytKEIDH8d1j6CpDcYR
2H/+rrbcTF6PlAzbByU+6qLCZrKpSkHCIdcLgGgo98bCCO+XW9okTP4UJH9j052W
sUiNzxk4MP1+KVtxziBmTotln/B3CghR/Z368j++onh2QPqBAiDz7knlc4DotrQ6
rJ/yxNLBmhshL3VKmCn8g08aW9cD0pVER09CacsUeeuYRqSz6Dp1jTIPywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIvrtYV0CmxbaduCjwqi8AcBXzBMB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUjkDRI8X
i/mLMVq59X2SS1gqSTgQg5CB3AbYq8sbit5YzgMD5zgFbo9qGHhTpQJEYca8nAFD
TvZ1KbHU2enJwMGSrTPK2Uh8AB4JbHEB2rjY//08+4yHuyqw6C9owxlfl33vdUrg
bR/XdrUI8ayttDZd5ja28laamWQ8rFd7/Wxa9Ndj3f+4SMytr0+w1JDZUQowwNfJ
tz7/k30BVvdNebByuvRxbjHGaIDfVRFbOY16DUzbXT1qVICeirpExgCZVeAd9FUk
e5fLEfdCw0AxT+VKIH4Zz0cInZc1dRPsCjo2FiaWeCyf7NxCd/emxHZka/O50xum
OVPQ9TEDNQ2rFQ==
-----END CERTIFICATE-----