Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
File:                     IsOFEHH5YIjHtxGcteFGPLq5jFk.mft (raw, json)
Hash identifier:          sI2hWzW6m3PNfMiDd2wBFU5L25X7hMvIBxT/JKksFaw=
Subject key identifier:   2A:12:DF:37:86:37:03:2B:2D:A5:CB:C6:9B:6E:B5:64:48:B9:84:59
Authority key identifier: 22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59
Certificate issuer:       /CN=22c3851071f96088c7b7119cb5e1463cbab98c59
Certificate serial:       01958C604B65ED3A28B124580C62E491DF85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
Manifest number:          0EE3
Signing time:             Wed 12 Mar 2025 22:01:15 +0000
Manifest this update:     Wed 12 Mar 2025 22:01:15 +0000
Manifest next update:     Thu 13 Mar 2025 22:01:15 +0000
Files and hashes:         1: IsOFEHH5YIjHtxGcteFGPLq5jFk.crl (hash: /pWHbUy6Pxfz3EUi8329tr4U0Y5n3Zpvv74anO2RSzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:60:4b:65:ed:3a:28:b1:24:58:0c:62:e4:91:df:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c3851071f96088c7b7119cb5e1463cbab98c59
        Validity
            Not Before: Mar 12 22:01:15 2025 GMT
            Not After : Mar 13 22:01:15 2025 GMT
        Subject: CN=2a12df378637032b2da5cbc69b6eb56448b98459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:33:70:b6:a8:1b:65:36:4b:a4:a6:1c:a9:e7:
                    a7:2a:35:4a:6f:68:98:6d:f5:26:06:0a:43:61:40:
                    74:fb:1a:20:d2:42:f0:29:3b:97:b3:34:3f:54:a9:
                    52:f0:d7:71:22:41:13:d2:a3:a5:ec:78:6b:4b:46:
                    eb:27:9a:e3:c8:e6:a9:10:f1:ba:46:a0:d4:f3:04:
                    02:5e:5b:23:c7:0c:6a:b2:9f:1c:b4:03:15:74:ca:
                    50:7e:91:ce:4e:95:25:83:88:dd:ce:0d:29:de:6b:
                    1a:3d:24:dd:7c:a5:60:f6:5e:6c:ce:72:0e:d1:99:
                    7f:74:5d:70:31:f9:7e:0d:4d:94:70:27:7f:29:19:
                    e2:04:13:3e:d8:69:a8:25:6e:78:57:72:ba:a9:aa:
                    80:82:11:0a:63:af:b4:4c:35:f6:1b:5b:39:e7:8d:
                    93:9f:48:8d:e8:9a:aa:45:b0:fe:a9:01:ba:a0:4a:
                    4d:76:2c:b3:fd:1a:e9:27:bf:df:98:51:d7:b4:0e:
                    2e:d7:ae:3e:c6:6b:b5:92:cb:0d:32:e0:51:c6:6d:
                    e4:84:9a:c0:d2:05:d5:ba:57:7d:b6:b9:30:37:b3:
                    3e:f1:06:86:00:34:d6:12:45:35:45:ab:e9:37:ca:
                    cf:95:f2:a9:14:8e:e1:fc:d8:04:8e:c7:e5:f8:98:
                    ba:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:12:DF:37:86:37:03:2B:2D:A5:CB:C6:9B:6E:B5:64:48:B9:84:59
            X509v3 Authority Key Identifier:
                keyid:22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:82:62:06:a6:c2:1c:fb:e0:af:f6:57:2b:a7:3c:00:a4:a0:
         4f:51:31:3f:41:f7:f6:f2:d5:78:b7:fc:9b:3d:3c:2a:dc:ae:
         42:48:1c:0d:1c:93:96:8d:6c:db:c9:c6:61:6c:b1:52:5b:00:
         56:b6:ae:0b:39:f4:e0:c8:1a:9a:b5:cd:9b:24:ad:df:fe:19:
         c8:15:d2:b8:20:ee:a5:d2:f5:88:7e:58:18:9c:02:1b:7b:25:
         3d:52:8b:18:e0:54:22:07:67:08:c6:c4:e9:8d:a8:ec:f8:52:
         50:0f:57:ea:ff:63:d4:22:3d:dd:08:e1:13:a0:86:fb:66:eb:
         4d:ec:b1:72:9f:1c:c3:49:91:fa:e8:5d:d3:e6:23:6f:d5:7b:
         e3:17:4b:5c:d3:b1:8a:45:19:fc:d9:e4:fd:60:51:e4:1c:75:
         0b:a6:5d:e0:a0:b1:6b:78:9f:28:3b:d0:c9:3f:1f:ef:69:f3:
         3a:eb:57:bd:b6:50:30:b5:b1:64:23:0f:10:0e:92:ed:cc:93:
         e5:f4:7a:7c:10:d2:80:98:69:66:1a:1a:a4:6b:6c:03:6a:2c:
         a1:57:0a:c2:be:42:de:27:7e:a5:50:24:41:88:23:56:14:17:
         b3:d0:43:bd:49:85:57:67:70:1a:72:5e:bc:08:c0:ba:53:b7:
         c5:4e:64:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYEtl7ToosSRYDGLkkd+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzM4NTEwNzFmOTYwODhjN2I3MTE5Y2I1ZTE0NjNjYmFi
OThjNTkwHhcNMjUwMzEyMjIwMTE1WhcNMjUwMzEzMjIwMTE1WjAzMTEwLwYDVQQD
EygyYTEyZGYzNzg2MzcwMzJiMmRhNWNiYzY5YjZlYjU2NDQ4Yjk4NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDNwtqgbZTZLpKYcqeenKjVKb2iY
bfUmBgpDYUB0+xog0kLwKTuXszQ/VKlS8NdxIkET0qOl7HhrS0brJ5rjyOapEPG6
RqDU8wQCXlsjxwxqsp8ctAMVdMpQfpHOTpUlg4jdzg0p3msaPSTdfKVg9l5sznIO
0Zl/dF1wMfl+DU2UcCd/KRniBBM+2GmoJW54V3K6qaqAghEKY6+0TDX2G1s5542T
n0iN6JqqRbD+qQG6oEpNdiyz/RrpJ7/fmFHXtA4u164+xmu1kssNMuBRxm3khJrA
0gXVuld9trkwN7M+8QaGADTWEkU1RavpN8rPlfKpFI7h/NgEjsfl+Ji6mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoS3zeGNwMrLaXLxptutWRIuYRZMB8GA1UdIwQY
MBaAFCLDhRBx+WCIx7cRnLXhRjy6uYxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTIt
Y2JmZGUwMjkwNzA4LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTItY2JmZGUwMjkwNzA4
LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYJiBqbC
HPvgr/ZXK6c8AKSgT1ExP0H39vLVeLf8mz08KtyuQkgcDRyTlo1s28nGYWyxUlsA
VrauCzn04MgamrXNmySt3/4ZyBXSuCDupdL1iH5YGJwCG3slPVKLGOBUIgdnCMbE
6Y2o7PhSUA9X6v9j1CI93QjhE6CG+2brTeyxcp8cw0mR+uhd0+Yjb9V74xdLXNOx
ikUZ/Nnk/WBR5Bx1C6Zd4KCxa3ifKDvQyT8f72nzOutXvbZQMLWxZCMPEA6S7cyT
5fR6fBDSgJhpZhoapGtsA2osoVcKwr5C3id+pVAkQYgjVhQXs9BDvUmFV2dwGnJe
vAjAulO3xU5kQg==
-----END CERTIFICATE-----