Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
File:                     IOsM1NM69OKLeobbIS2VkaC-YuM.mft (raw, json)
Hash identifier:          ZrQdUpLn5FjY2kVMm4OAL7bnsF0U5k2dzcwL38JXi0Y=
Subject key identifier:   D1:4B:36:73:6E:CA:AD:D0:FE:37:CC:90:47:39:4E:3A:6A:EC:02:A7
Authority key identifier: 20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3
Certificate issuer:       /CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
Certificate serial:       019679E9D2FF352C7AB1D8A75204227BA7E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
Manifest number:          1135
Signing time:             Mon 28 Apr 2025 01:01:29 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:29 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:29 +0000
Files and hashes:         1: IOsM1NM69OKLeobbIS2VkaC-YuM.crl (hash: M3RodDPxti61rZQ5ZzqPMXTGImzM+RMLAxoQ3oFBdws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:d2:ff:35:2c:7a:b1:d8:a7:52:04:22:7b:a7:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
        Validity
            Not Before: Apr 28 01:01:29 2025 GMT
            Not After : Apr 29 01:01:29 2025 GMT
        Subject: CN=d14b36736ecaadd0fe37cc9047394e3a6aec02a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:37:21:dc:76:02:a6:40:9c:ba:81:30:4d:e0:
                    65:67:71:38:d9:ac:2a:e3:68:16:02:27:ea:6e:68:
                    ca:0d:23:44:16:48:c5:e3:c5:d3:01:07:dc:8c:ad:
                    01:82:08:44:c3:e9:61:08:7d:40:0e:9a:8f:2a:3a:
                    ac:36:d6:de:b9:eb:3e:a0:3c:72:91:52:1f:f9:15:
                    f6:8a:9e:7e:24:4b:35:46:e5:48:7b:83:bf:e2:33:
                    e3:f7:e2:22:71:7a:f7:de:60:02:fd:f8:b5:a9:ce:
                    b7:fe:c9:28:26:86:24:b0:ed:9a:fd:fa:2c:47:2d:
                    9c:8c:49:86:2a:7f:5d:d4:d7:fd:49:29:68:4c:08:
                    64:e2:f5:bb:c3:67:d7:31:82:da:e9:d9:b2:bf:d1:
                    ee:69:51:f8:da:66:5f:a9:4c:48:7d:6e:7d:29:13:
                    4b:65:74:7e:e8:b5:57:d4:61:c2:50:e9:6a:8c:a0:
                    60:64:17:88:db:49:16:73:1d:b8:ac:10:82:e7:72:
                    71:7b:62:3b:94:65:64:f7:c1:3b:10:5f:86:2a:0b:
                    1d:39:88:bd:f2:15:71:08:5e:97:37:cb:09:14:a5:
                    e0:81:b6:35:18:a2:42:d5:2b:20:14:47:da:52:a4:
                    a7:a1:eb:91:75:6b:93:f3:e1:10:7c:8c:73:c0:8b:
                    ff:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:4B:36:73:6E:CA:AD:D0:FE:37:CC:90:47:39:4E:3A:6A:EC:02:A7
            X509v3 Authority Key Identifier:
                keyid:20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:62:7b:fd:73:e7:8b:0f:13:dd:35:38:ef:44:d1:17:bc:18:
         97:e1:cf:a9:89:12:72:53:21:bb:9d:67:25:0c:ea:e6:6d:92:
         19:a6:e3:24:34:d5:29:6a:dd:20:23:87:08:4a:b9:0c:eb:85:
         c8:19:08:2b:39:d0:44:be:f9:24:24:df:2a:4d:97:5c:95:d8:
         e7:35:95:9c:d5:ff:ac:f5:34:e3:81:e4:fb:4f:11:9b:0f:5e:
         2b:10:41:6c:07:46:b9:0b:9b:e1:9d:14:bd:40:41:7b:9b:e3:
         a4:d7:49:0e:a3:7b:b3:b9:ac:2b:ed:bd:ba:0c:89:ac:a6:08:
         d8:32:68:3a:97:29:99:a0:40:b9:c0:d4:98:1f:1a:ec:90:ec:
         06:37:6c:6d:c9:46:20:5c:53:67:ec:cb:80:d0:09:eb:1e:d2:
         22:14:62:19:7c:e2:af:5a:b6:b8:b2:56:c6:21:f8:60:0a:00:
         10:d1:d8:de:18:02:0d:61:a9:99:bf:f0:ac:3d:8c:04:6a:61:
         d9:57:fb:ae:e9:fc:be:6a:ea:4f:e2:9c:34:40:0e:6c:eb:c0:
         a5:7d:06:ac:0a:b4:9f:f4:42:ba:2f:45:12:2a:00:bf:28:86:
         32:d1:a0:4e:10:cc:d7:27:b8:f1:14:69:0c:49:c7:96:07:e2:
         4f:05:d8:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56dL/NSx6sdinUgQie6fmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWIwY2Q0ZDMzYWY0ZTI4YjdhODZkYjIxMmQ5NTkxYTBi
ZTYyZTMwHhcNMjUwNDI4MDEwMTI5WhcNMjUwNDI5MDEwMTI5WjAzMTEwLwYDVQQD
EyhkMTRiMzY3MzZlY2FhZGQwZmUzN2NjOTA0NzM5NGUzYTZhZWMwMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDch3HYCpkCcuoEwTeBlZ3E42awq
42gWAifqbmjKDSNEFkjF48XTAQfcjK0BgghEw+lhCH1ADpqPKjqsNtbeues+oDxy
kVIf+RX2ip5+JEs1RuVIe4O/4jPj9+IicXr33mAC/fi1qc63/skoJoYksO2a/fos
Ry2cjEmGKn9d1Nf9SSloTAhk4vW7w2fXMYLa6dmyv9HuaVH42mZfqUxIfW59KRNL
ZXR+6LVX1GHCUOlqjKBgZBeI20kWcx24rBCC53Jxe2I7lGVk98E7EF+GKgsdOYi9
8hVxCF6XN8sJFKXggbY1GKJC1SsgFEfaUqSnoeuRdWuT8+EQfIxzwIv/gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFLNnNuyq3Q/jfMkEc5Tjpq7AKnMB8GA1UdIwQY
MBaAFCDrDNTTOvTii3qG2yEtlZGgvmLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUt
NDU5ZDFlNmQwZWU5LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUtNDU5ZDFlNmQwZWU5
LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2J7/XPn
iw8T3TU470TRF7wYl+HPqYkSclMhu51nJQzq5m2SGabjJDTVKWrdICOHCEq5DOuF
yBkIKznQRL75JCTfKk2XXJXY5zWVnNX/rPU044Hk+08Rmw9eKxBBbAdGuQub4Z0U
vUBBe5vjpNdJDqN7s7msK+29ugyJrKYI2DJoOpcpmaBAucDUmB8a7JDsBjdsbclG
IFxTZ+zLgNAJ6x7SIhRiGXzir1q2uLJWxiH4YAoAENHY3hgCDWGpmb/wrD2MBGph
2Vf7run8vmrqT+KcNEAObOvApX0GrAq0n/RCui9FEioAvyiGMtGgThDM1ye48RRp
DEnHlgfiTwXYhw==
-----END CERTIFICATE-----