Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          QRgJT54svHYVyq/dlTri/q5JGQosqcNXXm8f+EisFbA=
Subject key identifier:   DD:D2:AB:15:35:0D:3A:FB:2B:6E:0C:DA:05:C9:CC:C4:59:C5:79:60
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       0199239FEC089C7A2E646F96AF1100D7BEDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          151C
Signing time:             Sun 07 Sep 2025 10:01:47 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:47 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:47 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: oG55zoCdkHKgK8kIEeAH/zNHyWWnXFDHtgoG/A/zwQo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:ec:08:9c:7a:2e:64:6f:96:af:11:00:d7:be:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Sep  7 10:01:47 2025 GMT
            Not After : Sep  8 10:01:47 2025 GMT
        Subject: CN=ddd2ab15350d3afb2b6e0cda05c9ccc459c57960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:25:f8:2f:f0:bc:11:4e:24:b2:a3:8f:ca:d5:
                    ac:1a:27:93:99:83:3b:c3:63:29:91:1c:8c:ec:94:
                    49:cb:0e:46:3f:4f:09:00:fd:5f:b6:e9:fc:fc:81:
                    f4:aa:ec:97:24:fb:a1:e1:bf:6f:0e:78:6f:bd:a7:
                    0e:19:93:8c:0d:3e:7b:ed:84:68:a9:52:c2:03:63:
                    f1:96:b3:83:38:4b:07:5e:70:8f:39:3e:e2:aa:f1:
                    70:07:a2:64:05:b2:37:cf:01:22:55:7b:cc:b6:ff:
                    7d:d5:99:04:17:c0:62:a6:fe:91:af:ee:ed:84:32:
                    aa:36:66:51:b0:f4:61:d0:28:37:a7:91:59:76:c4:
                    6d:7d:60:b2:d7:18:1f:06:38:12:30:5b:e0:66:16:
                    40:d4:a7:da:fc:58:76:49:2f:40:b3:01:8a:43:fe:
                    d3:4e:9b:dd:4f:71:ba:d0:60:fc:07:85:81:cd:db:
                    71:4a:b2:87:9e:56:e4:1e:e8:96:eb:7a:42:24:f8:
                    91:f0:0e:84:80:b2:63:09:1f:5a:ac:93:a5:31:ae:
                    6c:85:7b:01:29:b0:5e:37:85:c7:ae:40:6d:d4:35:
                    36:7b:c2:a8:c6:c0:70:b8:13:da:56:d5:37:eb:40:
                    e8:54:20:1b:cf:53:ae:32:99:95:2e:b8:4a:d5:9f:
                    c3:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:D2:AB:15:35:0D:3A:FB:2B:6E:0C:DA:05:C9:CC:C4:59:C5:79:60
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:e2:3e:c2:b8:dd:ea:91:95:3e:ef:bb:6c:9e:cc:05:39:1a:
         54:5b:61:b0:ef:37:a6:63:c5:41:81:2c:c3:e6:e0:d9:73:9e:
         5f:ba:73:e6:b3:e5:43:5a:cc:6d:02:b8:a6:db:15:21:ca:af:
         06:40:08:ef:b8:0e:8e:0e:9e:e0:70:0f:2a:f1:df:da:5e:e5:
         72:cb:99:c8:cb:6d:6e:fe:32:40:79:04:f9:d3:78:ac:5c:c1:
         55:6b:25:bd:15:3e:f3:25:0d:20:24:aa:0f:86:7c:a2:cc:f7:
         80:9f:e9:76:b8:7c:c9:e3:78:e1:37:99:99:e4:1c:3d:b6:56:
         e6:df:cc:9c:3c:fe:07:dc:5b:e2:98:18:11:42:72:4b:41:7b:
         ab:3c:e3:2a:53:6a:d5:ef:ae:8f:de:7d:97:ff:f5:57:d3:b5:
         f6:33:81:90:6c:6e:1a:7a:c2:4b:6c:42:4e:bd:19:5f:68:df:
         8f:0e:f1:38:5e:2b:e3:1f:98:38:3e:7a:ec:96:c0:6a:96:27:
         ee:7d:f2:cf:f9:4d:c5:23:ab:f9:1b:3a:2c:24:48:8b:99:60:
         d1:e8:51:6d:2c:d8:bf:fe:0f:a5:fa:0e:89:b8:9e:48:6a:b4:
         7c:ae:f8:54:27:02:0b:19:c7:5a:a9:31:7e:6e:c8:7b:bd:f1:
         89:62:94:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn+wInHouZG+WrxEA177aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjUwOTA3MTAwMTQ3WhcNMjUwOTA4MTAwMTQ3WjAzMTEwLwYDVQQD
EyhkZGQyYWIxNTM1MGQzYWZiMmI2ZTBjZGEwNWM5Y2NjNDU5YzU3OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yX4L/C8EU4ksqOPytWsGieTmYM7
w2MpkRyM7JRJyw5GP08JAP1ftun8/IH0quyXJPuh4b9vDnhvvacOGZOMDT577YRo
qVLCA2PxlrODOEsHXnCPOT7iqvFwB6JkBbI3zwEiVXvMtv991ZkEF8Bipv6Rr+7t
hDKqNmZRsPRh0Cg3p5FZdsRtfWCy1xgfBjgSMFvgZhZA1Kfa/Fh2SS9AswGKQ/7T
TpvdT3G60GD8B4WBzdtxSrKHnlbkHuiW63pCJPiR8A6EgLJjCR9arJOlMa5shXsB
KbBeN4XHrkBt1DU2e8KoxsBwuBPaVtU360DoVCAbz1OuMpmVLrhK1Z/DoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3SqxU1DTr7K24M2gXJzMRZxXlgMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgeI+wrjd
6pGVPu+7bJ7MBTkaVFthsO83pmPFQYEsw+bg2XOeX7pz5rPlQ1rMbQK4ptsVIcqv
BkAI77gOjg6e4HAPKvHf2l7lcsuZyMttbv4yQHkE+dN4rFzBVWslvRU+8yUNICSq
D4Z8osz3gJ/pdrh8yeN44TeZmeQcPbZW5t/MnDz+B9xb4pgYEUJyS0F7qzzjKlNq
1e+uj959l//1V9O19jOBkGxuGnrCS2xCTr0ZX2jfjw7xOF4r4x+YOD567JbAapYn
7n3yz/lNxSOr+Rs6LCRIi5lg0ehRbSzYv/4PpfoOibieSGq0fK74VCcCCxnHWqkx
fm7Ie73xiWKUgQ==
-----END CERTIFICATE-----