Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          qZj7eKg4xYsPUYp6awcAmWwphX/EMQARQYZ22bJVjtA=
Subject key identifier:   38:A2:A9:2D:8F:40:05:29:08:65:4A:EC:70:93:AE:2D:09:B2:CB:6F
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       01974E57DEA9FE1DCC5111E0A20D8F9F7548
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          1429
Signing time:             Sun 08 Jun 2025 07:01:10 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:10 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:10 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: IUVDxSTgZ9arYnz9UbLltYC0Jkq6J2lON4KcJn5hYx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:de:a9:fe:1d:cc:51:11:e0:a2:0d:8f:9f:75:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Jun  8 07:01:10 2025 GMT
            Not After : Jun  9 07:01:10 2025 GMT
        Subject: CN=38a2a92d8f40052908654aec7093ae2d09b2cb6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:46:8f:a2:0b:52:8d:45:84:27:09:f0:21:54:
                    ec:cd:9a:39:47:e6:2c:cf:95:fa:6b:29:29:76:8c:
                    f9:f1:56:cd:46:44:ca:59:a2:1b:91:b3:8e:3a:41:
                    07:d3:e7:bd:32:4f:d5:d6:6f:eb:3e:fd:f7:35:45:
                    36:26:23:e5:e9:47:fa:c5:56:2c:fd:e8:b2:49:5c:
                    72:8e:c6:99:60:36:d7:03:cf:c2:06:50:98:c7:34:
                    ee:56:ba:52:52:51:0a:0e:60:0a:d9:6e:e2:cb:b0:
                    c9:0d:d7:74:8e:89:74:51:bb:da:4f:a7:33:a8:ac:
                    b5:b9:60:84:24:9b:4c:b1:20:21:93:9b:47:0c:eb:
                    3b:f7:c1:33:d2:88:25:75:26:33:37:83:1d:e5:23:
                    42:bd:9f:f2:bd:ba:04:7a:1a:32:91:71:02:25:3c:
                    50:3b:3d:24:d4:57:3d:20:19:d4:5f:d8:c1:33:74:
                    b1:45:ee:cf:82:60:dc:9d:9b:1e:b1:98:fb:2f:a4:
                    6f:f8:37:e8:10:82:25:e3:06:3e:4d:07:f0:62:85:
                    ef:d0:27:83:59:32:55:82:2e:e5:6c:fb:8f:4e:29:
                    a8:21:de:86:42:95:c4:c8:2c:ae:b3:2f:0f:55:29:
                    78:e8:f6:e9:77:ab:3f:1e:7b:e4:59:2a:98:0a:91:
                    6b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:A2:A9:2D:8F:40:05:29:08:65:4A:EC:70:93:AE:2D:09:B2:CB:6F
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:3b:43:ed:93:2a:99:38:ff:18:4e:3b:a6:e3:72:3c:e7:3b:
         9b:32:dd:37:2c:fa:9f:d6:6f:64:a6:ff:62:ef:cf:9a:68:a2:
         33:a5:6f:9f:bb:d6:a2:df:f7:cc:96:18:54:2d:91:a2:ca:70:
         6f:e4:65:93:e6:46:36:32:b6:b3:09:6c:0c:63:18:5c:75:d1:
         14:aa:3a:17:56:56:3c:ed:36:12:f9:bd:72:cf:0d:ee:12:94:
         8e:09:0e:9e:a9:12:b8:02:36:eb:4e:9d:ff:3a:cd:ca:8b:86:
         e6:51:1e:1e:f5:60:32:93:1d:63:9e:f4:7d:b0:15:c6:3c:f9:
         70:ca:54:e3:0c:9a:86:f4:7e:ff:e0:99:da:69:78:47:f0:ad:
         b8:10:94:52:d2:c0:ec:ff:f6:85:3d:67:f7:a5:64:21:73:62:
         83:06:66:35:1c:9d:11:eb:86:4b:a6:2e:b1:56:b1:4c:a0:4b:
         25:42:b9:d4:26:59:ba:8a:bc:77:2f:a0:14:80:a2:02:0a:51:
         f7:33:ea:7e:e9:0e:5c:fc:62:c1:1c:fc:30:d4:a5:2c:0e:a7:
         fe:6a:21:fe:d2:11:78:ca:7d:62:12:9a:f0:60:c7:d0:5b:22:
         a0:07:84:94:5b:4c:63:5b:10:a1:75:9f:0f:8e:2d:1a:7d:af:
         e9:0d:81:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV96p/h3MURHgog2Pn3VIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjUwNjA4MDcwMTEwWhcNMjUwNjA5MDcwMTEwWjAzMTEwLwYDVQQD
EygzOGEyYTkyZDhmNDAwNTI5MDg2NTRhZWM3MDkzYWUyZDA5YjJjYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kaPogtSjUWEJwnwIVTszZo5R+Ys
z5X6aykpdoz58VbNRkTKWaIbkbOOOkEH0+e9Mk/V1m/rPv33NUU2JiPl6Uf6xVYs
/eiySVxyjsaZYDbXA8/CBlCYxzTuVrpSUlEKDmAK2W7iy7DJDdd0jol0UbvaT6cz
qKy1uWCEJJtMsSAhk5tHDOs798Ez0ogldSYzN4Md5SNCvZ/yvboEehoykXECJTxQ
Oz0k1Fc9IBnUX9jBM3SxRe7PgmDcnZsesZj7L6Rv+DfoEIIl4wY+TQfwYoXv0CeD
WTJVgi7lbPuPTimoId6GQpXEyCyusy8PVSl46Pbpd6s/HnvkWSqYCpFriQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiiqS2PQAUpCGVK7HCTri0JsstvMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTtD7ZMq
mTj/GE47puNyPOc7mzLdNyz6n9ZvZKb/Yu/PmmiiM6Vvn7vWot/3zJYYVC2Rospw
b+Rlk+ZGNjK2swlsDGMYXHXRFKo6F1ZWPO02Evm9cs8N7hKUjgkOnqkSuAI2606d
/zrNyouG5lEeHvVgMpMdY570fbAVxjz5cMpU4wyahvR+/+CZ2ml4R/CtuBCUUtLA
7P/2hT1n96VkIXNigwZmNRydEeuGS6YusVaxTKBLJUK51CZZuoq8dy+gFICiAgpR
9zPqfukOXPxiwRz8MNSlLA6n/moh/tIReMp9YhKa8GDH0FsioAeElFtMY1sQoXWf
D44tGn2v6Q2BNg==
-----END CERTIFICATE-----