Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
File:                     IsOFEHH5YIjHtxGcteFGPLq5jFk.mft (raw, json)
Hash identifier:          PaDTTC8sEOT2AMUZaiAeWRY/2qk1O9iI2p6bKo5zkIM=
Subject key identifier:   97:47:2F:B8:AA:30:75:7A:50:F8:28:59:FD:71:AD:D4:34:81:89:3F
Authority key identifier: 22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59
Certificate issuer:       /CN=22c3851071f96088c7b7119cb5e1463cbab98c59
Certificate serial:       0196515AEBA50ECAC0950A0E977CE1FEA0D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
Manifest number:          0F49
Signing time:             Sun 20 Apr 2025 04:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:35 +0000
Files and hashes:         1: IsOFEHH5YIjHtxGcteFGPLq5jFk.crl (hash: BJoh8xAabRWnrccMF0cRWe8v0SX1aOhS/8LNckyuQBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5a:eb:a5:0e:ca:c0:95:0a:0e:97:7c:e1:fe:a0:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c3851071f96088c7b7119cb5e1463cbab98c59
        Validity
            Not Before: Apr 20 04:00:35 2025 GMT
            Not After : Apr 21 04:00:35 2025 GMT
        Subject: CN=97472fb8aa30757a50f82859fd71add43481893f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a9:98:19:15:cb:31:e3:78:09:c8:40:9c:ba:
                    c0:3e:ad:72:c0:89:4a:07:44:c9:05:92:5a:5c:ed:
                    d3:ca:a7:46:be:ca:a8:af:32:c9:36:ff:41:35:83:
                    5c:59:f3:a3:07:e1:81:cb:fa:6a:38:fb:4a:a8:78:
                    e6:cf:ec:fa:63:ca:9c:68:d0:28:8a:96:ef:3b:27:
                    ac:2f:02:13:61:36:54:74:c9:32:53:f1:65:f5:98:
                    3f:ef:68:af:54:49:c3:fd:08:92:cd:5f:67:ed:30:
                    cb:1f:00:da:ed:8e:69:43:99:4e:6c:f7:93:4a:c2:
                    cf:12:03:af:93:7e:93:9f:0d:a8:05:89:11:b0:4e:
                    64:de:c0:8c:e2:5c:fd:80:2f:11:ba:66:ef:73:48:
                    b0:49:0e:ae:3f:c6:f1:9d:5f:52:08:6e:fe:0c:bf:
                    b9:86:4b:8a:fe:8e:a0:b9:21:cb:64:6d:b9:31:45:
                    18:b7:34:de:28:24:36:44:9c:d1:9b:aa:df:87:61:
                    3b:e2:fe:b2:79:e5:02:70:cc:42:37:0b:4a:92:8b:
                    3e:a8:15:33:34:b3:b3:5b:11:fd:0b:75:f2:a4:78:
                    ed:c8:f7:b3:ee:84:4f:71:a4:b4:ae:e3:9b:dd:d9:
                    e7:fb:de:55:70:d1:d5:39:23:45:80:0e:ba:77:c8:
                    31:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:47:2F:B8:AA:30:75:7A:50:F8:28:59:FD:71:AD:D4:34:81:89:3F
            X509v3 Authority Key Identifier:
                keyid:22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:ea:58:fd:fe:6f:e8:e3:71:f3:a2:4c:1b:77:ad:bd:9b:56:
         3a:00:c9:50:ec:6d:9f:44:2b:2d:62:f2:12:8f:63:95:0c:82:
         b9:c1:2a:be:99:5a:ed:35:77:ba:98:35:97:93:9b:da:f9:29:
         4a:ad:a7:6d:d8:f1:f3:7d:45:21:23:e7:ef:ad:f7:b5:54:24:
         9f:90:3e:22:18:03:ab:df:90:7f:a0:fb:28:0e:15:04:fb:1a:
         b6:5a:2e:e8:1b:d7:84:69:fe:e2:55:a3:01:f8:6c:e4:7d:49:
         b6:51:ba:d8:7b:02:8d:d5:ac:da:aa:53:33:90:fa:25:67:a0:
         24:96:fe:6c:ee:14:ab:2b:9e:35:d3:a4:34:be:9d:ba:53:34:
         0a:e2:a2:67:f4:21:90:41:c8:21:9f:b9:f3:90:5c:eb:bd:0e:
         d9:94:6f:8f:a6:7e:a6:6b:39:03:bd:d7:6a:09:b8:2f:7e:4a:
         25:e8:41:10:0e:60:c8:1d:77:c8:03:fb:93:19:a6:6e:c0:bd:
         10:f6:cc:14:ee:d5:f3:e3:fc:34:e5:15:fb:01:56:52:66:8c:
         be:b0:80:b4:d2:69:d3:e0:78:45:06:b2:20:7d:73:d7:c1:51:
         c5:c5:fe:80:f4:ce:31:d8:6b:94:d9:a0:c0:11:10:5f:2f:ff:
         a6:26:d0:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWuulDsrAlQoOl3zh/qDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzM4NTEwNzFmOTYwODhjN2I3MTE5Y2I1ZTE0NjNjYmFi
OThjNTkwHhcNMjUwNDIwMDQwMDM1WhcNMjUwNDIxMDQwMDM1WjAzMTEwLwYDVQQD
Eyg5NzQ3MmZiOGFhMzA3NTdhNTBmODI4NTlmZDcxYWRkNDM0ODE4OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKmYGRXLMeN4CchAnLrAPq1ywIlK
B0TJBZJaXO3TyqdGvsqorzLJNv9BNYNcWfOjB+GBy/pqOPtKqHjmz+z6Y8qcaNAo
ipbvOyesLwITYTZUdMkyU/Fl9Zg/72ivVEnD/QiSzV9n7TDLHwDa7Y5pQ5lObPeT
SsLPEgOvk36Tnw2oBYkRsE5k3sCM4lz9gC8Rumbvc0iwSQ6uP8bxnV9SCG7+DL+5
hkuK/o6guSHLZG25MUUYtzTeKCQ2RJzRm6rfh2E74v6yeeUCcMxCNwtKkos+qBUz
NLOzWxH9C3XypHjtyPez7oRPcaS0ruOb3dnn+95VcNHVOSNFgA66d8gxfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdHL7iqMHV6UPgoWf1xrdQ0gYk/MB8GA1UdIwQY
MBaAFCLDhRBx+WCIx7cRnLXhRjy6uYxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTIt
Y2JmZGUwMjkwNzA4LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTItY2JmZGUwMjkwNzA4
LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXepY/f5v
6ONx86JMG3etvZtWOgDJUOxtn0QrLWLyEo9jlQyCucEqvpla7TV3upg1l5Ob2vkp
Sq2nbdjx831FISPn7633tVQkn5A+IhgDq9+Qf6D7KA4VBPsatlou6BvXhGn+4lWj
Afhs5H1JtlG62HsCjdWs2qpTM5D6JWegJJb+bO4UqyueNdOkNL6dulM0CuKiZ/Qh
kEHIIZ+585Bc670O2ZRvj6Z+pms5A73Xagm4L35KJehBEA5gyB13yAP7kxmmbsC9
EPbMFO7V8+P8NOUV+wFWUmaMvrCAtNJp0+B4RQayIH1z18FRxcX+gPTOMdhrlNmg
wBEQXy//pibQ4Q==
-----END CERTIFICATE-----