Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/2e2194-3f91-4939-a830-aa80b4e7f2fd/1/SRrcI2V17CPX67-9wgQ5kYAmvvw.mft
File:                     SRrcI2V17CPX67-9wgQ5kYAmvvw.mft (raw, json)
Hash identifier:          uL7PEBSVHibQW+D4dGWx3IVis8lTJJis9B9xHnIMQMU=
Subject key identifier:   95:17:E8:5E:BA:EF:96:5B:8D:78:30:11:FC:E5:66:BE:1A:29:AE:DD
Authority key identifier: 49:1A:DC:23:65:75:EC:23:D7:EB:BF:BD:C2:04:39:91:80:26:BE:FC
Certificate issuer:       /CN=491adc236575ec23d7ebbfbdc20439918026befc
Certificate serial:       01967BD82F5E5E4827ADACA91BA99156B377
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SRrcI2V17CPX67-9wgQ5kYAmvvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/2e2194-3f91-4939-a830-aa80b4e7f2fd/1/SRrcI2V17CPX67-9wgQ5kYAmvvw.mft
Manifest number:          1239
Signing time:             Mon 28 Apr 2025 10:01:27 +0000
Manifest this update:     Mon 28 Apr 2025 10:01:27 +0000
Manifest next update:     Tue 29 Apr 2025 10:01:27 +0000
Files and hashes:         1: SRrcI2V17CPX67-9wgQ5kYAmvvw.crl (hash: 9+rygIR3EtCGyw/4vGz7l7j3iMEhHspf/NKx/5mRRrA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/2e2194-3f91-4939-a830-aa80b4e7f2fd/1/SRrcI2V17CPX67-9wgQ5kYAmvvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/2e2194-3f91-4939-a830-aa80b4e7f2fd/1/SRrcI2V17CPX67-9wgQ5kYAmvvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SRrcI2V17CPX67-9wgQ5kYAmvvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d8:2f:5e:5e:48:27:ad:ac:a9:1b:a9:91:56:b3:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=491adc236575ec23d7ebbfbdc20439918026befc
        Validity
            Not Before: Apr 28 10:01:27 2025 GMT
            Not After : Apr 29 10:01:27 2025 GMT
        Subject: CN=9517e85ebaef965b8d783011fce566be1a29aedd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ae:12:aa:e3:5d:34:0b:e7:9a:c8:ee:96:c9:
                    a5:e5:c3:c6:7f:61:c7:a0:92:54:e8:b4:cd:9b:28:
                    00:0c:13:a8:cb:4e:50:56:66:9c:d4:b1:ea:38:cd:
                    ce:17:76:00:cc:99:96:94:4d:14:fe:22:dd:7b:da:
                    52:b4:f7:0c:52:35:03:44:a6:cf:fb:d2:d5:5d:0f:
                    4d:a2:dc:37:ae:ab:32:31:7d:5a:89:cb:cf:69:f1:
                    4e:9a:5d:33:15:5a:c0:84:24:f7:6a:39:b1:c1:84:
                    27:e8:bd:c6:f4:01:9b:81:54:26:67:10:8e:45:52:
                    a9:87:e0:e2:95:15:4a:45:12:b2:c3:73:ee:88:e9:
                    30:f9:5d:8a:63:d4:0c:02:87:80:1b:a8:36:8d:f2:
                    04:58:8c:b5:37:5b:95:38:df:8e:37:34:7b:94:4b:
                    79:a8:79:fa:be:66:57:97:dd:52:02:09:82:ff:03:
                    bf:94:69:de:46:82:0d:9f:94:8a:7e:37:b6:f9:8e:
                    1b:d9:ec:ef:ef:1e:ad:1a:e9:70:da:2d:2d:c6:90:
                    7e:e3:52:95:40:eb:84:d1:13:4a:95:23:52:63:46:
                    0a:a0:82:de:86:ca:25:f2:73:82:75:40:a5:ce:e2:
                    59:da:0a:60:0d:37:a0:fa:0a:d1:a0:25:19:bf:2f:
                    0d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:17:E8:5E:BA:EF:96:5B:8D:78:30:11:FC:E5:66:BE:1A:29:AE:DD
            X509v3 Authority Key Identifier:
                keyid:49:1A:DC:23:65:75:EC:23:D7:EB:BF:BD:C2:04:39:91:80:26:BE:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SRrcI2V17CPX67-9wgQ5kYAmvvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/2e2194-3f91-4939-a830-aa80b4e7f2fd/1/SRrcI2V17CPX67-9wgQ5kYAmvvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/2e2194-3f91-4939-a830-aa80b4e7f2fd/1/SRrcI2V17CPX67-9wgQ5kYAmvvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:35:18:41:ce:fe:dd:4a:fe:01:c0:5f:83:40:65:56:f6:01:
         93:d1:dc:df:77:1a:d0:35:06:08:81:b6:0c:3a:f0:64:9f:32:
         fa:48:14:22:d9:67:d2:d4:c0:28:2a:09:cc:f5:a5:d3:d9:80:
         ea:8f:67:5f:ad:46:2e:55:af:18:64:fa:e2:14:bb:9d:f6:84:
         5d:f9:ef:00:43:de:7c:28:86:29:45:b7:28:3b:8f:e3:85:e5:
         c5:f5:7d:7a:47:6d:37:da:79:76:bf:fa:15:93:fb:fd:bc:03:
         f4:e2:23:39:72:bb:3f:f9:f5:0c:56:f9:fa:7a:8d:77:60:5c:
         7c:87:8b:8c:52:30:14:da:66:6e:53:d3:a0:8d:80:94:be:0c:
         7f:e3:89:fa:20:a1:be:f0:24:ec:d8:86:7f:6d:6f:e6:c1:3c:
         ae:9e:4c:12:12:7e:1c:99:26:2f:12:f6:bc:58:6d:52:ac:6a:
         f0:b4:1e:8d:d0:0a:c2:80:6d:37:0e:96:7b:4d:20:3d:5b:34:
         c8:b4:3d:82:45:8a:66:fc:db:88:a1:d7:1d:11:5a:ab:96:58:
         a5:ef:50:92:30:73:bd:64:62:fd:3f:8c:a5:bb:22:c5:04:95:
         3f:bb:35:9c:08:94:16:19:f6:ae:60:a5:58:91:e8:a0:eb:55:
         12:9d:0c:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ72C9eXkgnraypG6mRVrN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MWFkYzIzNjU3NWVjMjNkN2ViYmZiZGMyMDQzOTkxODAy
NmJlZmMwHhcNMjUwNDI4MTAwMTI3WhcNMjUwNDI5MTAwMTI3WjAzMTEwLwYDVQQD
Eyg5NTE3ZTg1ZWJhZWY5NjViOGQ3ODMwMTFmY2U1NjZiZTFhMjlhZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5a4SquNdNAvnmsjulsml5cPGf2HH
oJJU6LTNmygADBOoy05QVmac1LHqOM3OF3YAzJmWlE0U/iLde9pStPcMUjUDRKbP
+9LVXQ9Notw3rqsyMX1aicvPafFOml0zFVrAhCT3ajmxwYQn6L3G9AGbgVQmZxCO
RVKph+DilRVKRRKyw3PuiOkw+V2KY9QMAoeAG6g2jfIEWIy1N1uVON+ONzR7lEt5
qHn6vmZXl91SAgmC/wO/lGneRoINn5SKfje2+Y4b2ezv7x6tGulw2i0txpB+41KV
QOuE0RNKlSNSY0YKoILehsol8nOCdUClzuJZ2gpgDTeg+grRoCUZvy8NdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUX6F6675ZbjXgwEfzlZr4aKa7dMB8GA1UdIwQY
MBaAFEka3CNldewj1+u/vcIEOZGAJr78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1JyY0kyVjE3Q1BYNjctOXdnUTVrWUFtdnZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8yZTIxOTQtM2Y5MS00OTM5LWE4MzAt
YWE4MGI0ZTdmMmZkLzEvU1JyY0kyVjE3Q1BYNjctOXdnUTVrWUFtdnZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8yZTIxOTQtM2Y5MS00OTM5LWE4MzAtYWE4MGI0ZTdmMmZk
LzEvU1JyY0kyVjE3Q1BYNjctOXdnUTVrWUFtdnZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTUYQc7+
3Ur+AcBfg0BlVvYBk9Hc33ca0DUGCIG2DDrwZJ8y+kgUItln0tTAKCoJzPWl09mA
6o9nX61GLlWvGGT64hS7nfaEXfnvAEPefCiGKUW3KDuP44XlxfV9ekdtN9p5dr/6
FZP7/bwD9OIjOXK7P/n1DFb5+nqNd2BcfIeLjFIwFNpmblPToI2AlL4Mf+OJ+iCh
vvAk7NiGf21v5sE8rp5MEhJ+HJkmLxL2vFhtUqxq8LQejdAKwoBtNw6We00gPVs0
yLQ9gkWKZvzbiKHXHRFaq5ZYpe9QkjBzvWRi/T+MpbsixQSVP7s1nAiUFhn2rmCl
WJHooOtVEp0Mhg==
-----END CERTIFICATE-----