Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft
File:                     JGJNNpZGiPmJxkSsIBH0Fl086wc.mft (raw, json)
Hash identifier:          lY9XGs4PfR5IQC4mGyD+5iRSHa0PTBYi6lhGzflkvCM=
Subject key identifier:   A5:99:F5:08:C0:F7:A1:8D:DA:1E:57:56:C9:D1:42:F6:04:8F:AB:C5
Authority key identifier: 24:62:4D:36:96:46:88:F9:89:C6:44:AC:20:11:F4:16:5D:3C:EB:07
Certificate issuer:       /CN=24624d36964688f989c644ac2011f4165d3ceb07
Certificate serial:       01967BD80C2341452E5DCEF7770DB5179C37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JGJNNpZGiPmJxkSsIBH0Fl086wc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft
Manifest number:          086A
Signing time:             Mon 28 Apr 2025 10:01:18 +0000
Manifest this update:     Mon 28 Apr 2025 10:01:18 +0000
Manifest next update:     Tue 29 Apr 2025 10:01:18 +0000
Files and hashes:         1: JGJNNpZGiPmJxkSsIBH0Fl086wc.crl (hash: E6HgWssOCli0yNlxr6OSL2vhKapqyqURaqkvKcITs3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JGJNNpZGiPmJxkSsIBH0Fl086wc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 10:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d8:0c:23:41:45:2e:5d:ce:f7:77:0d:b5:17:9c:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24624d36964688f989c644ac2011f4165d3ceb07
        Validity
            Not Before: Apr 28 10:01:18 2025 GMT
            Not After : Apr 29 10:01:18 2025 GMT
        Subject: CN=a599f508c0f7a18dda1e5756c9d142f6048fabc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:29:fb:c7:c0:10:4e:af:22:be:39:84:99:40:
                    a3:ca:8a:a5:28:3f:a9:9d:3a:1a:2c:e6:75:28:8d:
                    5c:bc:3a:23:8f:9f:98:fa:e7:3e:cc:63:5c:cb:35:
                    00:eb:b1:98:f4:13:fe:82:a8:c0:2c:2c:ea:9a:4a:
                    dd:5b:cb:50:ff:53:da:9e:53:82:15:0d:df:67:df:
                    a1:91:a3:fa:17:bc:83:d5:39:b5:75:9f:20:cf:86:
                    01:98:ca:56:c5:8c:5a:66:d0:23:c3:98:26:55:40:
                    d1:10:9f:c9:86:85:09:03:5f:2e:95:54:c0:59:73:
                    03:fd:65:03:b4:bb:f2:ca:cd:ec:97:cf:3f:23:e5:
                    25:52:9c:25:69:e8:f0:de:b8:17:1c:f3:8f:e2:90:
                    3c:5d:56:cb:fb:ec:b9:f5:f4:9d:ea:dc:33:a3:12:
                    6b:bf:43:16:b6:37:34:d8:2e:f4:fa:b8:db:4f:b5:
                    de:e3:31:67:58:7a:8c:dd:9d:92:f2:ce:40:d9:52:
                    f2:7e:18:0a:92:ce:3f:87:9b:f9:f0:1e:28:67:dc:
                    12:c1:bb:00:78:2e:7f:43:05:4c:9f:bf:bb:84:3e:
                    56:6d:b4:4f:aa:2b:50:67:02:4a:40:cb:8c:28:20:
                    a5:e6:3b:c7:c9:50:0c:fa:83:bf:d7:68:9b:78:c5:
                    23:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:99:F5:08:C0:F7:A1:8D:DA:1E:57:56:C9:D1:42:F6:04:8F:AB:C5
            X509v3 Authority Key Identifier:
                keyid:24:62:4D:36:96:46:88:F9:89:C6:44:AC:20:11:F4:16:5D:3C:EB:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JGJNNpZGiPmJxkSsIBH0Fl086wc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:25:39:b3:a4:93:95:d3:77:43:aa:44:4e:75:ce:8a:00:6e:
         09:b0:4d:0d:0a:27:bf:3e:8e:84:c4:7d:9d:4f:33:fa:3d:b1:
         2b:25:a9:cd:0f:7d:c5:2d:17:6e:b2:e6:ca:b8:6f:0d:69:5c:
         a2:dc:5d:b8:9c:ec:67:8a:f9:38:99:45:39:85:f5:b6:a0:c4:
         a4:a1:73:9f:89:2c:a1:42:0f:1e:5a:60:8c:f4:21:2c:6d:a4:
         7f:ea:7a:78:09:21:70:98:ff:b8:b7:c6:5b:00:f6:50:64:1d:
         67:43:e1:61:37:27:72:15:5c:b5:c6:5f:f4:ab:3f:8f:53:56:
         a2:34:a1:31:cb:bb:f7:a7:2c:2e:6f:b6:84:e6:73:7d:54:9a:
         61:d3:3f:1b:53:68:f7:51:aa:7d:fb:f4:6b:12:23:cd:dc:b1:
         15:75:4c:45:7d:b0:12:0e:18:a9:8e:9b:79:c2:3a:b6:62:ad:
         e1:9b:44:c8:db:1c:b2:2e:7a:39:d3:09:75:68:a7:5d:93:3d:
         e1:49:fb:45:65:78:0c:97:6c:c8:cc:89:29:9c:96:84:83:fa:
         34:a3:50:ae:ce:36:f7:84:fc:46:b9:f6:f1:29:06:34:97:0e:
         d0:38:d3:54:08:7c:07:a9:a2:3c:cd:f0:fa:e5:45:bf:83:5d:
         11:eb:7a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ72AwjQUUuXc73dw21F5w3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NjI0ZDM2OTY0Njg4Zjk4OWM2NDRhYzIwMTFmNDE2NWQz
Y2ViMDcwHhcNMjUwNDI4MTAwMTE4WhcNMjUwNDI5MTAwMTE4WjAzMTEwLwYDVQQD
EyhhNTk5ZjUwOGMwZjdhMThkZGExZTU3NTZjOWQxNDJmNjA0OGZhYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Cn7x8AQTq8ivjmEmUCjyoqlKD+p
nToaLOZ1KI1cvDojj5+Y+uc+zGNcyzUA67GY9BP+gqjALCzqmkrdW8tQ/1PanlOC
FQ3fZ9+hkaP6F7yD1Tm1dZ8gz4YBmMpWxYxaZtAjw5gmVUDREJ/JhoUJA18ulVTA
WXMD/WUDtLvyys3sl88/I+UlUpwlaejw3rgXHPOP4pA8XVbL++y59fSd6twzoxJr
v0MWtjc02C70+rjbT7Xe4zFnWHqM3Z2S8s5A2VLyfhgKks4/h5v58B4oZ9wSwbsA
eC5/QwVMn7+7hD5WbbRPqitQZwJKQMuMKCCl5jvHyVAM+oO/12ibeMUjuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWZ9QjA96GN2h5XVsnRQvYEj6vFMB8GA1UdIwQY
MBaAFCRiTTaWRoj5icZErCAR9BZdPOsHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkdKTk5wWkdpUG1KeGtTc0lCSDBGbDA4NndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83MzkyOTEtMmQ1Yy00YzFkLTkwNzkt
MDI3ZThjMDkxNDZiLzEvSkdKTk5wWkdpUG1KeGtTc0lCSDBGbDA4NndjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83MzkyOTEtMmQ1Yy00YzFkLTkwNzktMDI3ZThjMDkxNDZi
LzEvSkdKTk5wWkdpUG1KeGtTc0lCSDBGbDA4NndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCU5s6ST
ldN3Q6pETnXOigBuCbBNDQonvz6OhMR9nU8z+j2xKyWpzQ99xS0XbrLmyrhvDWlc
otxduJzsZ4r5OJlFOYX1tqDEpKFzn4ksoUIPHlpgjPQhLG2kf+p6eAkhcJj/uLfG
WwD2UGQdZ0PhYTcnchVctcZf9Ks/j1NWojShMcu796csLm+2hOZzfVSaYdM/G1No
91Gqffv0axIjzdyxFXVMRX2wEg4YqY6becI6tmKt4ZtEyNscsi56OdMJdWinXZM9
4Un7RWV4DJdsyMyJKZyWhIP6NKNQrs4294T8Rrn28SkGNJcO0DjTVAh8B6miPM3w
+uVFv4NdEet65g==
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:01:58 2025 by rpki-client