Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          eJFePwH2P9aNIf0cWTA1HvF/0zYRG97nc/pxRFcVPJo=
Subject key identifier:   6D:C5:0F:C0:67:45:EA:26:33:21:83:60:06:1D:C6:60:93:9A:1C:77
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019652A4A74F73A7BCA9B19AE17C014976CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 10:00:44 +0000
Manifest this update:     Sun 20 Apr 2025 10:00:44 +0000
Manifest next update:     Mon 21 Apr 2025 10:00:44 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: jxCn5U01+eIclKBaSo8yrjpqSK+e1a5bZ1YivreE1Dc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:a7:4f:73:a7:bc:a9:b1:9a:e1:7c:01:49:76:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Apr 20 10:00:44 2025 GMT
            Not After : Apr 21 10:00:44 2025 GMT
        Subject: CN=6dc50fc06745ea2633218360061dc660939a1c77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9e:4a:6f:c6:bd:f6:b8:55:bc:f5:16:3d:0e:
                    9f:e7:e9:0b:6b:0b:0f:d4:2c:17:03:95:95:dd:13:
                    ed:78:1f:6c:7c:71:d0:88:5b:72:e5:ba:4c:81:a8:
                    01:cc:41:77:e7:3a:e2:f7:3f:8a:e4:b6:d7:3d:52:
                    e0:e5:57:9c:6f:a7:87:b8:2d:b9:88:3e:42:41:4d:
                    11:fd:0c:ea:91:20:b8:06:93:02:a9:b4:4c:c0:84:
                    21:e3:8e:fa:4c:90:77:43:00:2a:0d:c5:6a:57:2e:
                    64:f1:ec:08:05:8d:7d:99:36:52:94:a1:c4:67:7d:
                    01:16:45:c1:e9:02:1c:39:b2:aa:58:c0:de:f0:1a:
                    33:35:45:a1:c6:cc:4a:6f:70:11:89:1d:3e:30:fa:
                    b6:72:c4:53:c1:bc:3e:0d:3d:ea:6b:77:5a:4e:86:
                    79:53:68:ca:81:d9:c4:fb:a6:c1:30:c5:3d:c1:2b:
                    25:e8:f0:17:79:4f:70:6c:48:c5:9a:13:49:00:43:
                    38:be:12:c0:04:95:2d:25:fc:7a:03:15:63:46:47:
                    21:1f:42:88:a0:aa:62:f4:71:c2:7f:bc:5a:cb:2b:
                    95:a1:1d:1a:62:29:9d:7f:14:59:9d:69:d5:51:61:
                    7d:13:1b:5c:00:9c:3a:b7:f2:d9:d5:96:25:cf:ee:
                    bb:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:C5:0F:C0:67:45:EA:26:33:21:83:60:06:1D:C6:60:93:9A:1C:77
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:c8:42:9f:69:7c:03:ad:e6:97:2c:be:33:9b:2d:41:5b:98:
         ed:35:28:36:4f:95:ab:f0:19:09:a2:3a:be:6f:54:38:49:90:
         ea:e4:44:07:aa:12:f4:c8:c7:4d:2b:91:51:3a:98:a8:ef:65:
         09:8d:cc:95:e6:23:99:29:1f:49:84:f9:01:c6:3c:9e:de:40:
         db:ef:52:50:de:f2:17:4d:64:82:4a:4b:7d:21:6d:3f:0e:ce:
         b5:3e:f9:5b:c8:25:33:7c:ce:32:2c:1d:3c:6e:54:68:42:89:
         57:b1:57:7c:10:c0:68:69:a7:60:cb:c3:3b:03:69:a1:af:15:
         7a:a2:c3:0e:ac:be:20:04:ea:c4:2c:21:b9:8d:c8:6e:c2:d7:
         19:6b:63:64:84:96:72:a1:5f:6f:55:17:75:23:2a:52:5d:7e:
         52:dc:25:8c:2a:c2:d5:0e:44:68:03:c6:db:05:04:a2:a7:34:
         cf:57:1e:50:2a:d8:4a:fb:d7:7b:e0:2e:2c:0f:82:08:d2:bf:
         fd:9d:55:fe:9c:a8:8a:4b:72:f9:a1:81:75:62:5f:cd:61:18:
         d2:95:aa:ee:30:37:66:7e:06:69:2d:fe:8f:ba:5b:8e:f8:e5:
         5b:1b:10:c8:7a:72:54:66:f2:f9:25:34:35:dd:fc:34:41:22:
         46:06:a1:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpKdPc6e8qbGa4XwBSXbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjUwNDIwMTAwMDQ0WhcNMjUwNDIxMTAwMDQ0WjAzMTEwLwYDVQQD
Eyg2ZGM1MGZjMDY3NDVlYTI2MzMyMTgzNjAwNjFkYzY2MDkzOWExYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6J5Kb8a99rhVvPUWPQ6f5+kLawsP
1CwXA5WV3RPteB9sfHHQiFty5bpMgagBzEF35zri9z+K5LbXPVLg5Vecb6eHuC25
iD5CQU0R/QzqkSC4BpMCqbRMwIQh4476TJB3QwAqDcVqVy5k8ewIBY19mTZSlKHE
Z30BFkXB6QIcObKqWMDe8BozNUWhxsxKb3ARiR0+MPq2csRTwbw+DT3qa3daToZ5
U2jKgdnE+6bBMMU9wSsl6PAXeU9wbEjFmhNJAEM4vhLABJUtJfx6AxVjRkchH0KI
oKpi9HHCf7xayyuVoR0aYimdfxRZnWnVUWF9ExtcAJw6t/LZ1ZYlz+67GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG3FD8BnReomMyGDYAYdxmCTmhx3MB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp8hCn2l8
A63mlyy+M5stQVuY7TUoNk+Vq/AZCaI6vm9UOEmQ6uREB6oS9MjHTSuRUTqYqO9l
CY3MleYjmSkfSYT5AcY8nt5A2+9SUN7yF01kgkpLfSFtPw7OtT75W8glM3zOMiwd
PG5UaEKJV7FXfBDAaGmnYMvDOwNpoa8VeqLDDqy+IATqxCwhuY3IbsLXGWtjZISW
cqFfb1UXdSMqUl1+UtwljCrC1Q5EaAPG2wUEoqc0z1ceUCrYSvvXe+AuLA+CCNK/
/Z1V/pyoikty+aGBdWJfzWEY0pWq7jA3Zn4GaS3+j7pbjvjlWxsQyHpyVGby+SU0
Nd38NEEiRgah6A==
-----END CERTIFICATE-----