Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
File:                     JlNDThz2kK0m1HoDs_w1qAKnm1g.mft (raw, json)
Hash identifier:          G5EniHAR0V6OOJi2WWotMyvsXC62AQzllr8RrsZKIes=
Subject key identifier:   9D:0E:9B:4D:6D:07:78:DE:D2:00:AF:0C:1A:07:95:CB:6B:AE:A8:3B
Authority key identifier: 26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
Certificate issuer:       /CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Certificate serial:       019655375026308E91CFF31FBA95B591DB2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
Manifest number:          07EC
Signing time:             Sun 20 Apr 2025 22:00:10 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:10 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:10 +0000
Files and hashes:         1: JlNDThz2kK0m1HoDs_w1qAKnm1g.crl (hash: UxwUbQPXynv7FWvNE7NE7qDaBlgOxGBLoc9E6IQP9s4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:50:26:30:8e:91:cf:f3:1f:ba:95:b5:91:db:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
        Validity
            Not Before: Apr 20 22:00:10 2025 GMT
            Not After : Apr 21 22:00:10 2025 GMT
        Subject: CN=9d0e9b4d6d0778ded200af0c1a0795cb6baea83b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d8:ee:cd:32:84:12:40:ef:be:08:62:fe:f2:
                    49:9f:0e:61:21:66:fd:2a:f6:e3:ba:42:4f:53:bf:
                    de:ff:f9:25:ce:60:5e:23:91:67:05:01:9a:07:ef:
                    ec:72:0c:18:17:33:09:06:2e:a0:81:41:0e:2f:21:
                    76:77:3e:e7:78:f5:6f:d6:7d:ad:7c:86:83:4b:cb:
                    1f:81:17:19:80:00:95:24:9c:24:7b:e3:cf:60:36:
                    61:ca:df:1d:3a:5b:69:78:e6:42:57:84:9a:2c:de:
                    f4:e5:41:63:55:f9:3a:54:1f:36:e1:d4:81:71:05:
                    1a:76:a4:c5:76:81:51:d4:73:8e:77:98:58:63:5a:
                    e3:86:e9:f4:e3:01:2e:fe:37:c8:ff:41:ab:d6:2d:
                    5d:55:ba:d6:70:2d:9e:f3:81:d4:4a:40:ae:44:1e:
                    36:b3:ff:4d:8e:6f:c0:84:de:cc:e7:c5:2a:f6:b8:
                    04:85:70:52:f6:45:c2:f1:a9:aa:a8:4d:ea:be:9f:
                    dc:df:f7:55:19:62:1b:8c:b1:9f:0f:e1:ce:1d:b3:
                    46:13:3d:2b:d9:81:c3:87:c0:70:64:78:1e:c3:31:
                    9f:e7:1c:62:62:3d:9f:d0:39:79:45:d2:b9:d7:58:
                    03:16:dc:ac:14:95:8e:c0:d1:af:70:90:3c:93:0e:
                    2f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:0E:9B:4D:6D:07:78:DE:D2:00:AF:0C:1A:07:95:CB:6B:AE:A8:3B
            X509v3 Authority Key Identifier:
                keyid:26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:87:dd:23:35:ed:e7:f4:4a:e1:8f:31:c2:9d:4f:d6:b4:43:
         d9:35:50:1e:1b:f7:a5:1d:ba:d6:34:5d:74:93:d9:2c:40:27:
         b4:1b:ad:1d:b4:24:3d:5b:68:12:e2:b6:69:72:f5:22:23:54:
         eb:bb:90:bd:24:a4:9e:e0:22:ed:c4:11:02:41:3d:cc:19:e4:
         86:22:34:50:07:12:77:e5:61:62:36:2a:50:74:85:2f:d7:cb:
         03:4a:6d:21:13:6c:b0:45:4e:01:09:c8:56:b5:0c:7f:cf:c0:
         2d:ec:73:b7:66:25:44:f0:84:fd:41:93:89:e3:4d:e7:c1:89:
         3d:e0:e1:cf:61:39:4b:e7:66:99:d7:5e:eb:9f:a7:04:ed:ed:
         d6:e3:b2:46:ed:2b:17:7b:2f:7a:a9:39:79:0f:89:ba:1a:49:
         65:f4:bc:68:1c:96:dc:7b:ad:ac:82:a2:90:f7:fd:a6:22:30:
         81:29:49:fa:75:b1:cf:9f:66:9b:db:83:92:5b:7f:a2:be:df:
         e7:fa:29:0c:7f:65:2f:e3:72:71:df:77:70:4e:0a:33:2d:76:
         86:4d:c7:0e:7a:c2:ec:da:fb:8f:97:bb:6c:31:86:65:f2:75:
         c1:be:28:68:f2:8c:b2:76:61:62:fc:4c:18:30:21:46:12:76:
         db:dc:e0:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN1AmMI6Rz/MfupW1kdsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTM0MzRlMWNmNjkwYWQyNmQ0N2EwM2IzZmMzNWE4MDJh
NzliNTgwHhcNMjUwNDIwMjIwMDEwWhcNMjUwNDIxMjIwMDEwWjAzMTEwLwYDVQQD
Eyg5ZDBlOWI0ZDZkMDc3OGRlZDIwMGFmMGMxYTA3OTVjYjZiYWVhODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tjuzTKEEkDvvghi/vJJnw5hIWb9
KvbjukJPU7/e//klzmBeI5FnBQGaB+/scgwYFzMJBi6ggUEOLyF2dz7nePVv1n2t
fIaDS8sfgRcZgACVJJwke+PPYDZhyt8dOltpeOZCV4SaLN705UFjVfk6VB824dSB
cQUadqTFdoFR1HOOd5hYY1rjhun04wEu/jfI/0Gr1i1dVbrWcC2e84HUSkCuRB42
s/9Njm/AhN7M58Uq9rgEhXBS9kXC8amqqE3qvp/c3/dVGWIbjLGfD+HOHbNGEz0r
2YHDh8BwZHgewzGf5xxiYj2f0Dl5RdK511gDFtysFJWOwNGvcJA8kw4veQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0Om01tB3je0gCvDBoHlctrrqg7MB8GA1UdIwQY
MBaAFCZTQ04c9pCtJtR6A7P8NagCp5tYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUt
Y2JhNWQ5NzhmMzcxLzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUtY2JhNWQ5NzhmMzcx
LzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkofdIzXt
5/RK4Y8xwp1P1rRD2TVQHhv3pR261jRddJPZLEAntButHbQkPVtoEuK2aXL1IiNU
67uQvSSknuAi7cQRAkE9zBnkhiI0UAcSd+VhYjYqUHSFL9fLA0ptIRNssEVOAQnI
VrUMf8/ALexzt2YlRPCE/UGTieNN58GJPeDhz2E5S+dmmdde65+nBO3t1uOyRu0r
F3sveqk5eQ+JuhpJZfS8aByW3HutrIKikPf9piIwgSlJ+nWxz59mm9uDklt/or7f
5/opDH9lL+Nycd93cE4KMy12hk3HDnrC7Nr7j5e7bDGGZfJ1wb4oaPKMsnZhYvxM
GDAhRhJ229zgQQ==
-----END CERTIFICATE-----