Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
File:                     IodymNrl1aO-q8oW6S0aFB6Uhic.mft (raw, json)
Hash identifier:          2HSOhTY6O6YNProzPJrdex9627j44Au11kZX5TRPNio=
Subject key identifier:   9E:DD:B2:7B:0B:81:D5:C3:3A:C0:F3:46:21:89:A2:D9:1D:2A:FB:C8
Authority key identifier: 22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
Certificate issuer:       /CN=22877298dae5d5a3beabca16e92d1a141e948627
Certificate serial:       0194BC04CE749461F265B3C765B9E9CFE91E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
Manifest number:          0238
Signing time:             Fri 31 Jan 2025 11:00:19 +0000
Manifest this update:     Fri 31 Jan 2025 11:00:19 +0000
Manifest next update:     Sat 01 Feb 2025 11:00:19 +0000
Files and hashes:         1: IodymNrl1aO-q8oW6S0aFB6Uhic.crl (hash: +PQu3eU6avKTrW5QeSfTLLsANZq05SO9wdIlbC+hnZI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 11:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bc:04:ce:74:94:61:f2:65:b3:c7:65:b9:e9:cf:e9:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22877298dae5d5a3beabca16e92d1a141e948627
        Validity
            Not Before: Jan 31 11:00:19 2025 GMT
            Not After : Feb  1 11:00:19 2025 GMT
        Subject: CN=9eddb27b0b81d5c33ac0f3462189a2d91d2afbc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5c:3b:2d:9f:8a:db:9e:16:ee:f6:4e:a7:b7:
                    a2:90:1a:53:59:92:6c:eb:11:39:66:02:11:b2:84:
                    48:16:03:27:f3:bb:eb:0f:f5:df:23:87:0c:81:89:
                    7a:b5:a9:a8:80:45:b8:29:71:e6:66:3a:b1:79:6f:
                    fa:37:7d:c4:bf:c8:31:e2:96:c1:68:51:8f:bb:20:
                    55:d8:10:e4:bc:86:8d:4a:4c:9e:f0:56:27:3f:23:
                    a9:e8:79:18:44:2f:28:54:af:02:0c:b9:95:fa:62:
                    eb:74:80:85:07:03:81:a2:ef:45:af:03:8c:a2:f0:
                    32:ca:40:83:91:19:64:b2:00:d4:54:13:2d:85:0f:
                    61:2e:f5:08:f9:76:05:7e:00:02:4f:49:fa:5e:60:
                    09:b5:26:4b:dc:d4:b4:ab:d2:91:5b:69:b4:41:c9:
                    ac:05:ee:30:d6:5d:de:9a:eb:b9:ee:79:f3:36:7c:
                    e3:d5:eb:da:49:0d:10:f5:e1:10:2e:b5:13:6c:14:
                    35:8e:b1:1d:45:1f:01:09:96:9e:57:59:a9:03:fe:
                    6e:56:cc:37:8b:c6:ba:fe:37:90:37:91:30:23:b2:
                    25:20:ce:a1:60:6f:87:5d:4d:78:60:9d:7d:59:59:
                    36:37:61:c9:fb:4c:8d:fe:4f:48:09:2c:40:bd:92:
                    e3:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:DD:B2:7B:0B:81:D5:C3:3A:C0:F3:46:21:89:A2:D9:1D:2A:FB:C8
            X509v3 Authority Key Identifier:
                keyid:22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:0b:99:86:54:b0:b9:be:ec:3d:0b:f6:fc:b9:fb:f2:fe:70:
         b4:ec:42:c4:58:47:6e:44:67:8b:40:18:c3:ac:56:0b:28:d8:
         08:5c:4a:f8:3c:23:a0:64:a3:f8:ea:f3:76:d6:74:44:75:a2:
         e1:16:ef:00:3c:1f:d9:36:ee:54:ed:e8:14:29:f1:65:f2:b8:
         65:53:1a:d7:27:40:2c:97:a0:e0:2f:1c:7f:53:30:ed:23:32:
         23:b6:c2:de:a5:2e:cd:5d:a0:c5:63:f4:9e:c4:3e:ca:0d:cf:
         6b:27:a2:b6:3b:3d:cc:23:e3:41:00:20:92:f1:ec:1a:c6:55:
         f0:e6:ea:2f:af:c1:b5:bf:07:7f:a8:1b:35:ee:c2:dc:b3:7c:
         c3:d3:62:25:da:05:f1:ad:48:c9:74:aa:0e:ba:d8:86:7d:e5:
         75:d9:26:74:b4:30:e1:8f:2d:49:0f:f5:89:1b:8d:b6:4d:52:
         65:e2:f8:70:d3:d1:e3:75:77:86:29:13:40:b3:a2:77:9e:02:
         89:75:c1:cb:36:da:0c:f4:6e:20:9f:5e:fa:39:93:d7:26:7a:
         1e:16:de:40:76:fc:06:72:36:ca:22:14:91:f0:05:65:66:b1:
         2d:25:64:ad:7e:5d:cb:5a:5c:93:c0:68:8c:c0:18:48:1b:50:
         2d:f5:72:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8BM50lGHyZbPHZbnpz+keMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODc3Mjk4ZGFlNWQ1YTNiZWFiY2ExNmU5MmQxYTE0MWU5
NDg2MjcwHhcNMjUwMTMxMTEwMDE5WhcNMjUwMjAxMTEwMDE5WjAzMTEwLwYDVQQD
Eyg5ZWRkYjI3YjBiODFkNWMzM2FjMGYzNDYyMTg5YTJkOTFkMmFmYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFw7LZ+K254W7vZOp7eikBpTWZJs
6xE5ZgIRsoRIFgMn87vrD/XfI4cMgYl6tamogEW4KXHmZjqxeW/6N33Ev8gx4pbB
aFGPuyBV2BDkvIaNSkye8FYnPyOp6HkYRC8oVK8CDLmV+mLrdICFBwOBou9FrwOM
ovAyykCDkRlksgDUVBMthQ9hLvUI+XYFfgACT0n6XmAJtSZL3NS0q9KRW2m0Qcms
Be4w1l3emuu57nnzNnzj1evaSQ0Q9eEQLrUTbBQ1jrEdRR8BCZaeV1mpA/5uVsw3
i8a6/jeQN5EwI7IlIM6hYG+HXU14YJ19WVk2N2HJ+0yN/k9ICSxAvZLjrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7dsnsLgdXDOsDzRiGJotkdKvvIMB8GA1UdIwQY
MBaAFCKHcpja5dWjvqvKFuktGhQelIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYt
NTkzM2EwOWY3MmQxLzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYtNTkzM2EwOWY3MmQx
LzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAuZhlSw
ub7sPQv2/Ln78v5wtOxCxFhHbkRni0AYw6xWCyjYCFxK+DwjoGSj+OrzdtZ0RHWi
4RbvADwf2TbuVO3oFCnxZfK4ZVMa1ydALJeg4C8cf1Mw7SMyI7bC3qUuzV2gxWP0
nsQ+yg3Payeitjs9zCPjQQAgkvHsGsZV8ObqL6/Btb8Hf6gbNe7C3LN8w9NiJdoF
8a1IyXSqDrrYhn3lddkmdLQw4Y8tSQ/1iRuNtk1SZeL4cNPR43V3hikTQLOid54C
iXXByzbaDPRuIJ9e+jmT1yZ6HhbeQHb8BnI2yiIUkfAFZWaxLSVkrX5dy1pck8Bo
jMAYSBtQLfVysA==
-----END CERTIFICATE-----