Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          ilTuh0NB8nRML9TDFU9f2XwiizfLfrTczSG0SnwIAxw=
Subject key identifier:   42:26:80:FB:C2:07:3E:08:B0:35:DA:8D:CC:A4:4C:27:FC:63:F9:32
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       01967A8DF676A11035DEC905B994BE19E8D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          06B1
Signing time:             Mon 28 Apr 2025 04:00:46 +0000
Manifest this update:     Mon 28 Apr 2025 04:00:46 +0000
Manifest next update:     Tue 29 Apr 2025 04:00:46 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: EHl+ceRjrIcl7zw+wxbW41PlfpKwUU8Z9HqGLClMjPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:8d:f6:76:a1:10:35:de:c9:05:b9:94:be:19:e8:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Apr 28 04:00:46 2025 GMT
            Not After : Apr 29 04:00:46 2025 GMT
        Subject: CN=422680fbc2073e08b035da8dcca44c27fc63f932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:75:b6:f9:cb:8e:05:d1:c4:1f:4f:10:d3:21:
                    08:84:83:b3:cc:07:41:46:9f:37:ec:6b:f0:10:93:
                    cb:5b:d6:12:14:01:77:b5:c9:c3:4e:5e:d4:3c:2e:
                    ed:fc:a0:bb:5d:cb:33:52:fe:45:51:fe:65:e9:6a:
                    6d:62:54:4f:70:25:3b:3f:b3:90:fc:83:8b:e1:ab:
                    05:fe:64:ca:b3:50:02:92:d8:de:ed:d6:1c:a2:57:
                    f5:e7:4d:6a:a8:54:7f:b2:df:c7:c1:2b:72:ce:9e:
                    76:43:77:8b:d0:50:1b:90:ef:bf:d5:0f:bb:b5:a4:
                    57:b7:cd:57:f4:11:47:52:b4:95:90:c7:76:3a:15:
                    08:30:11:be:6b:22:ae:f7:de:1f:0f:56:48:86:bc:
                    b8:79:21:ed:dc:94:d2:d7:0d:f2:09:c8:96:e1:0f:
                    ae:34:e0:1c:c9:9c:76:7f:49:86:57:f2:4b:45:49:
                    97:c1:43:f4:fc:f7:f5:fa:4b:90:45:7c:d6:8c:2a:
                    14:01:4f:86:91:be:2c:8c:e6:25:d0:c0:73:0e:dd:
                    0c:f0:a2:26:5e:8e:67:8b:48:bf:f8:d5:73:8a:b1:
                    a2:a7:e0:65:c3:d0:57:20:74:f9:f2:1e:ff:5e:07:
                    82:f2:19:c9:78:5b:9d:60:0a:c5:4b:50:f0:ca:8f:
                    c8:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:26:80:FB:C2:07:3E:08:B0:35:DA:8D:CC:A4:4C:27:FC:63:F9:32
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:62:97:b9:c4:f0:9e:bd:2b:ac:14:05:97:b6:49:5b:44:66:
         b8:e1:16:06:6b:2c:c2:13:0a:a6:08:fc:83:98:91:31:24:41:
         a7:dd:ae:5f:6e:97:1e:96:80:44:71:1c:bc:11:dc:c9:94:03:
         0e:24:dd:7d:9a:49:e0:61:4b:05:e8:65:6e:a1:7d:88:64:ea:
         8f:6e:9f:01:51:7b:9b:a2:18:82:f8:87:db:9c:a4:91:37:10:
         a9:11:bd:b4:b8:08:8a:d5:dc:d0:f5:1f:b7:0f:a6:3f:6f:dd:
         52:f3:fb:f6:f0:11:83:07:5c:f0:ae:b3:7a:51:70:1d:06:38:
         9c:18:3a:21:44:3a:0e:f2:6e:3b:88:19:bb:fa:49:71:34:71:
         1a:34:12:01:48:79:34:43:a7:3c:80:74:e5:21:6d:0e:7e:3f:
         95:bd:8a:51:7c:12:71:12:9c:c0:de:95:f8:0a:96:64:f6:f7:
         5d:a9:6f:69:04:6f:59:1d:12:eb:30:f6:07:0d:a5:3d:04:95:
         a5:71:5e:26:81:cc:36:3b:bf:d3:34:be:37:fc:26:a2:26:7f:
         1e:e1:48:2f:75:53:c9:a0:dd:e3:c9:6b:1e:43:7d:30:3b:6e:
         7e:2b:b9:89:35:10:51:bc:9d:22:81:0b:74:cb:03:c4:e8:c6:
         d5:98:6b:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6jfZ2oRA13skFuZS+GejZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjUwNDI4MDQwMDQ2WhcNMjUwNDI5MDQwMDQ2WjAzMTEwLwYDVQQD
Eyg0MjI2ODBmYmMyMDczZTA4YjAzNWRhOGRjY2E0NGMyN2ZjNjNmOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3W2+cuOBdHEH08Q0yEIhIOzzAdB
Rp837GvwEJPLW9YSFAF3tcnDTl7UPC7t/KC7XcszUv5FUf5l6WptYlRPcCU7P7OQ
/IOL4asF/mTKs1ACktje7dYcolf1501qqFR/st/HwStyzp52Q3eL0FAbkO+/1Q+7
taRXt81X9BFHUrSVkMd2OhUIMBG+ayKu994fD1ZIhry4eSHt3JTS1w3yCciW4Q+u
NOAcyZx2f0mGV/JLRUmXwUP0/Pf1+kuQRXzWjCoUAU+Gkb4sjOYl0MBzDt0M8KIm
Xo5ni0i/+NVzirGip+Blw9BXIHT58h7/XgeC8hnJeFudYArFS1Dwyo/ICwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEImgPvCBz4IsDXajcykTCf8Y/kyMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWKXucTw
nr0rrBQFl7ZJW0RmuOEWBmsswhMKpgj8g5iRMSRBp92uX26XHpaARHEcvBHcyZQD
DiTdfZpJ4GFLBehlbqF9iGTqj26fAVF7m6IYgviH25ykkTcQqRG9tLgIitXc0PUf
tw+mP2/dUvP79vARgwdc8K6zelFwHQY4nBg6IUQ6DvJuO4gZu/pJcTRxGjQSAUh5
NEOnPIB05SFtDn4/lb2KUXwScRKcwN6V+AqWZPb3XalvaQRvWR0S6zD2Bw2lPQSV
pXFeJoHMNju/0zS+N/wmoiZ/HuFIL3VTyaDd48lrHkN9MDtufiu5iTUQUbydIoEL
dMsDxOjG1Zhr3A==
-----END CERTIFICATE-----