Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          fR2b6XABBJR6VWrggj0UYpcE3z6FIb5kHFJ8EUAnSMg=
Subject key identifier:   D2:EC:CC:02:35:44:65:D0:39:8F:FD:49:6C:F4:29:9B:B9:22:39:11
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019785B44FBC037803FD55F1296636C68830
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0C2F
Signing time:             Thu 19 Jun 2025 01:01:15 +0000
Manifest this update:     Thu 19 Jun 2025 01:01:15 +0000
Manifest next update:     Fri 20 Jun 2025 01:01:15 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: BoB/4RC/xx8UW2JkAOf8kmFHzwZ7VI74NxrbA7o4mFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 23:47:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:85:b4:4f:bc:03:78:03:fd:55:f1:29:66:36:c6:88:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Jun 19 01:01:15 2025 GMT
            Not After : Jun 20 01:01:15 2025 GMT
        Subject: CN=d2eccc02354465d0398ffd496cf4299bb9223911
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c0:1b:31:7e:a8:85:35:b3:1a:50:13:b8:05:
                    1e:74:58:6e:ea:2d:09:72:1a:32:ca:f7:6a:ea:84:
                    77:22:d6:bc:e8:91:0a:2e:70:01:80:8e:3d:19:75:
                    55:9f:52:73:d7:09:d0:61:7e:3b:bb:b9:82:4e:fa:
                    6a:88:5a:36:ef:b8:df:a1:d3:c3:00:80:ac:95:67:
                    3a:80:f5:ba:3a:0e:df:11:d0:59:85:f9:06:dd:3e:
                    3b:e1:d7:bd:c2:5c:3b:31:27:bc:f0:87:89:e1:e6:
                    82:73:e9:2b:03:89:f7:6d:a9:dd:30:17:8a:f4:55:
                    ea:2f:e2:4a:66:c2:41:ae:f6:b4:1e:f0:1c:b2:95:
                    7c:bb:04:fc:1e:29:92:2a:c5:7b:f7:cf:dd:1a:82:
                    6d:43:3d:d0:8d:27:7a:cd:cb:a0:12:e1:99:95:9f:
                    96:e8:d0:25:b6:7f:e9:d9:5d:00:55:fb:4f:1f:de:
                    93:a3:4d:92:92:08:3d:8a:46:8d:53:fd:a1:f1:d5:
                    21:b1:31:78:8e:b0:e9:60:1b:1a:61:9c:ef:0e:de:
                    97:71:9c:43:6b:d1:2b:2e:0e:d4:e8:89:09:ae:2c:
                    f9:a2:40:23:af:9b:ec:ff:b9:91:6d:01:68:d5:ff:
                    59:cc:67:ca:5e:61:f5:4c:14:85:a2:86:df:8d:00:
                    dc:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:EC:CC:02:35:44:65:D0:39:8F:FD:49:6C:F4:29:9B:B9:22:39:11
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:66:0a:ab:8b:c1:68:68:b6:80:c0:43:be:eb:a2:8f:bd:68:
         4b:f3:50:76:ac:cd:84:23:0b:37:9f:0d:6f:5f:45:63:77:2a:
         26:80:ac:73:5f:cd:2b:31:b2:2c:41:f9:5b:28:1f:ae:5d:51:
         28:34:62:61:ed:a2:10:54:96:9c:10:bd:f1:0d:5a:b8:1d:73:
         bc:35:7b:a5:bc:6d:c1:aa:f1:9c:5e:63:a1:12:69:f2:23:aa:
         87:61:c3:fd:de:4c:99:0e:f2:00:dc:4e:06:18:eb:b7:ab:3d:
         d0:39:6a:e0:d2:16:30:07:d6:7e:18:bb:1c:3b:e5:5b:24:70:
         07:12:bf:4e:14:19:8d:4f:d9:24:94:c4:54:52:7c:4f:97:b4:
         19:fc:f0:1a:80:df:92:8d:ab:1a:3f:b2:de:98:d4:ff:f2:c8:
         a9:76:c1:5d:5b:65:8e:6c:f8:bf:f6:cb:27:51:6e:63:19:f0:
         6a:ff:15:77:9c:d0:7d:0e:dd:88:9f:e3:ec:62:1f:77:e5:22:
         64:73:5f:d3:c0:2e:2d:f1:c0:8d:1e:9b:e8:79:30:85:c1:bb:
         3f:b1:67:01:ae:54:d3:2a:be:c5:aa:57:e3:2b:09:83:04:02:
         37:2f:d6:11:3c:45:f1:2e:f8:07:46:ea:4e:86:22:20:a9:60:
         79:01:f3:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeFtE+8A3gD/VXxKWY2xogwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNjE5MDEwMTE1WhcNMjUwNjIwMDEwMTE1WjAzMTEwLwYDVQQD
EyhkMmVjY2MwMjM1NDQ2NWQwMzk4ZmZkNDk2Y2Y0Mjk5YmI5MjIzOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocAbMX6ohTWzGlATuAUedFhu6i0J
choyyvdq6oR3Ita86JEKLnABgI49GXVVn1Jz1wnQYX47u7mCTvpqiFo277jfodPD
AICslWc6gPW6Og7fEdBZhfkG3T474de9wlw7MSe88IeJ4eaCc+krA4n3bandMBeK
9FXqL+JKZsJBrva0HvAcspV8uwT8HimSKsV798/dGoJtQz3QjSd6zcugEuGZlZ+W
6NAltn/p2V0AVftPH96To02Skgg9ikaNU/2h8dUhsTF4jrDpYBsaYZzvDt6XcZxD
a9ErLg7U6IkJriz5okAjr5vs/7mRbQFo1f9ZzGfKXmH1TBSFoobfjQDcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLszAI1RGXQOY/9SWz0KZu5IjkRMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARGYKq4vB
aGi2gMBDvuuij71oS/NQdqzNhCMLN58Nb19FY3cqJoCsc1/NKzGyLEH5Wygfrl1R
KDRiYe2iEFSWnBC98Q1auB1zvDV7pbxtwarxnF5joRJp8iOqh2HD/d5MmQ7yANxO
Bhjrt6s90Dlq4NIWMAfWfhi7HDvlWyRwBxK/ThQZjU/ZJJTEVFJ8T5e0GfzwGoDf
ko2rGj+y3pjU//LIqXbBXVtljmz4v/bLJ1FuYxnwav8Vd5zQfQ7diJ/j7GIfd+Ui
ZHNf08AuLfHAjR6b6HkwhcG7P7FnAa5U0yq+xapX4ysJgwQCNy/WETxF8S74B0bq
ToYiIKlgeQHzQw==
-----END CERTIFICATE-----