Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          u6ay+2/oCT2Tnv2M0dZ93a6eAvjF7JO4oANUySoTjSY=
Subject key identifier:   DD:F3:FF:92:E1:40:CA:E0:F7:9F:87:73:92:B6:10:AF:BA:8A:93:C8
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       019511D98C63A6C5F5780F2EE5496BA4ED81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          1192
Signing time:             Mon 17 Feb 2025 03:00:24 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:24 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:24 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: TnX8qotNPrfVrGgv7EW7dgADf5BgOT4L8SW2Ji2uT6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:8c:63:a6:c5:f5:78:0f:2e:e5:49:6b:a4:ed:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: Feb 17 03:00:24 2025 GMT
            Not After : Feb 18 03:00:24 2025 GMT
        Subject: CN=ddf3ff92e140cae0f79f877392b610afba8a93c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e8:2c:53:7f:9b:28:18:5f:4c:6a:2b:a0:05:
                    4f:5f:fd:a0:79:fb:54:72:80:44:94:a8:66:b0:a4:
                    84:97:b8:b7:8a:46:12:78:0a:87:7b:a8:4a:8c:b4:
                    52:45:f9:c6:54:74:6a:00:ee:16:9e:83:20:ef:26:
                    67:df:f0:46:85:7b:3f:93:ea:f3:bd:8c:09:f9:e4:
                    c6:9d:3f:8e:53:2a:46:83:91:c8:40:d4:a6:0e:3d:
                    85:9a:f8:d6:20:49:b0:c0:26:52:b2:68:80:4e:a4:
                    9a:b7:bc:07:52:de:30:0d:7b:a3:9c:d4:4c:9d:51:
                    84:12:ea:8a:bf:00:a5:d1:e6:41:17:91:bd:d4:84:
                    67:c1:03:97:e3:97:96:ec:08:6a:4b:c7:11:52:88:
                    ac:5d:80:9f:18:4d:a1:2e:e2:3a:2c:17:95:c9:69:
                    2c:51:e9:35:d2:a6:93:04:42:2d:74:4d:09:fd:15:
                    5a:1c:42:52:96:69:b4:b5:03:68:ba:b9:ec:49:47:
                    1b:3f:db:36:3b:80:d4:e6:d4:9b:41:7f:11:9b:22:
                    b3:04:7f:fa:9c:e3:75:55:e1:b8:db:19:ae:56:ec:
                    59:c3:3e:7e:9f:4d:2e:3b:9f:b4:2a:d5:ea:80:fc:
                    37:4e:db:09:25:4c:8c:00:5c:38:67:47:43:13:f2:
                    c2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F3:FF:92:E1:40:CA:E0:F7:9F:87:73:92:B6:10:AF:BA:8A:93:C8
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:6e:27:67:89:3f:b0:88:48:30:50:1a:52:4b:74:95:dd:53:
         c2:4b:a0:7c:08:cf:f2:6b:9c:03:77:74:0e:5d:8a:5d:45:af:
         67:97:dd:e2:4f:84:97:92:79:f9:55:e8:59:71:63:50:af:25:
         13:3d:09:4d:4f:91:47:fc:6c:e2:d7:3a:19:0a:73:c1:e3:9b:
         7f:85:ae:fc:47:91:c0:97:98:5b:12:f3:53:b9:e8:23:67:3b:
         c1:59:4d:56:6b:f5:68:47:c7:76:40:f1:07:77:4c:28:82:e1:
         c9:ef:82:39:6a:d1:04:1b:67:d9:f2:dd:01:3f:49:e3:10:db:
         77:e8:d3:73:0e:a0:54:35:6a:ba:37:b1:5d:1e:28:6e:bf:21:
         66:ac:54:87:3e:a6:76:d6:3f:83:e6:86:d9:e0:9b:f2:06:dd:
         da:1c:34:a4:95:03:31:26:6c:e3:fd:67:82:6f:3c:f0:1b:45:
         34:5b:93:84:39:b7:5b:5b:3d:c7:b3:f0:9a:92:9f:f6:3f:1b:
         b7:1a:da:86:79:4f:70:d0:bb:19:d2:17:e3:a3:9c:c9:dd:16:
         5a:8f:7b:a9:98:93:d7:5d:55:5b:44:a4:4b:ac:26:4f:a9:0b:
         5e:d5:fe:38:33:d9:9a:1a:09:4c:ad:ae:97:f6:15:01:61:01:
         9d:06:e7:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2YxjpsX1eA8u5UlrpO2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjUwMjE3MDMwMDI0WhcNMjUwMjE4MDMwMDI0WjAzMTEwLwYDVQQD
EyhkZGYzZmY5MmUxNDBjYWUwZjc5Zjg3NzM5MmI2MTBhZmJhOGE5M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsugsU3+bKBhfTGoroAVPX/2geftU
coBElKhmsKSEl7i3ikYSeAqHe6hKjLRSRfnGVHRqAO4WnoMg7yZn3/BGhXs/k+rz
vYwJ+eTGnT+OUypGg5HIQNSmDj2FmvjWIEmwwCZSsmiATqSat7wHUt4wDXujnNRM
nVGEEuqKvwCl0eZBF5G91IRnwQOX45eW7AhqS8cRUoisXYCfGE2hLuI6LBeVyWks
Uek10qaTBEItdE0J/RVaHEJSlmm0tQNournsSUcbP9s2O4DU5tSbQX8RmyKzBH/6
nON1VeG42xmuVuxZwz5+n00uO5+0KtXqgPw3TtsJJUyMAFw4Z0dDE/LCxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3z/5LhQMrg95+Hc5K2EK+6ipPIMB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACm4nZ4k/
sIhIMFAaUkt0ld1TwkugfAjP8mucA3d0Dl2KXUWvZ5fd4k+El5J5+VXoWXFjUK8l
Ez0JTU+RR/xs4tc6GQpzweObf4Wu/EeRwJeYWxLzU7noI2c7wVlNVmv1aEfHdkDx
B3dMKILhye+COWrRBBtn2fLdAT9J4xDbd+jTcw6gVDVqujexXR4obr8hZqxUhz6m
dtY/g+aG2eCb8gbd2hw0pJUDMSZs4/1ngm888BtFNFuThDm3W1s9x7PwmpKf9j8b
txrahnlPcNC7GdIX46Ocyd0WWo97qZiT111VW0SkS6wmT6kLXtX+ODPZmhoJTK2u
l/YVAWEBnQbnCA==
-----END CERTIFICATE-----