Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          3mtaKoDz569R2SHb5X30EtORPL3oNjoxLy2zdbBA3NA=
Subject key identifier:   B4:6E:30:B6:69:BB:B9:1F:31:20:14:EF:C0:E2:A1:6D:6D:35:7B:31
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01968C945D788AD01DE3CB0C883A8742313C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0BAE
Signing time:             Thu 01 May 2025 16:00:55 +0000
Manifest this update:     Thu 01 May 2025 16:00:55 +0000
Manifest next update:     Fri 02 May 2025 16:00:55 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: eqWjTt0tOY+gcWnpO+vYE7Hs2FBAGmI2TeBvURZzmeI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8c:94:5d:78:8a:d0:1d:e3:cb:0c:88:3a:87:42:31:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: May  1 16:00:55 2025 GMT
            Not After : May  2 16:00:55 2025 GMT
        Subject: CN=b46e30b669bbb91f312014efc0e2a16d6d357b31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b8:6b:1e:27:ac:61:b5:66:d4:d3:b8:c4:0e:
                    ca:b8:1f:be:88:05:21:02:9c:de:6d:e2:4e:0c:22:
                    5f:9e:8e:bc:a5:24:49:71:21:29:92:1f:78:a5:10:
                    09:3f:dd:49:ad:a1:ea:90:e6:1c:f7:ed:9f:21:1c:
                    aa:4f:27:b1:fc:90:c9:6f:ee:5e:52:43:a1:bb:08:
                    da:5d:d8:c1:11:18:cf:b2:55:3c:49:83:ba:21:b7:
                    b5:fd:c7:2f:da:f7:a1:65:7b:7c:c1:3d:b3:10:b2:
                    9a:da:0e:38:54:5e:4c:60:4a:a3:bd:4a:c1:78:1a:
                    0a:63:9e:84:c4:7b:b9:ed:c9:82:e8:29:fe:d5:5e:
                    5a:d7:84:b3:e7:46:28:f6:40:d5:62:0b:cf:1a:bc:
                    b5:a9:86:08:6d:9b:f4:1f:a8:13:7f:46:ba:30:c9:
                    09:09:07:ec:b2:34:1e:84:ea:82:92:1a:71:a4:d4:
                    4f:9e:6f:5b:76:92:64:87:39:fe:d1:5b:4b:b6:51:
                    47:2c:85:80:d1:b4:a4:60:28:9e:f2:d9:e4:9f:e7:
                    32:29:95:61:52:ae:50:2c:89:29:a6:4b:a3:aa:81:
                    6a:3b:b9:72:70:40:47:27:21:87:55:8a:04:46:84:
                    85:a3:b4:5f:5b:ff:7b:8c:29:8d:83:f3:6a:b9:01:
                    13:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:6E:30:B6:69:BB:B9:1F:31:20:14:EF:C0:E2:A1:6D:6D:35:7B:31
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:fa:cb:df:3c:65:87:2e:61:b5:0d:04:12:f9:25:eb:95:bf:
         ce:13:6d:5a:aa:f1:2a:39:fd:15:e1:e4:06:75:34:a3:d5:9c:
         a0:15:e2:59:d2:a4:77:27:78:58:d8:95:b7:70:b8:10:fd:63:
         bf:de:5b:12:68:3a:d4:d8:a8:29:47:c4:be:71:15:b4:75:e6:
         14:6a:dc:d4:6a:90:82:ff:29:2c:70:28:83:aa:a2:ee:1b:9d:
         89:b6:40:8b:02:f0:6d:14:c5:46:20:32:3c:2b:da:80:5f:5b:
         76:36:dc:cb:86:11:fe:02:33:27:01:47:9d:b8:22:17:33:30:
         52:3b:cf:fa:e4:16:ed:41:b0:ed:a3:bc:e1:3a:d6:c5:fe:7b:
         7f:3e:21:9e:82:99:5c:24:8f:06:2e:06:45:54:a6:f1:a7:5b:
         cc:57:72:e2:22:8d:f8:f3:64:1b:a9:99:a5:b0:12:d7:a3:64:
         db:57:33:31:0f:e2:75:6a:50:36:c8:7e:97:91:76:e1:de:2a:
         a8:28:f1:4e:39:02:62:20:f6:25:25:34:c9:7a:57:a1:54:4d:
         29:69:ff:ea:87:6e:13:cb:89:1c:f4:44:95:5a:de:97:b0:be:
         d7:a1:27:17:55:39:75:99:0e:b6:3d:01:da:bf:2a:0a:2a:82:
         98:57:cf:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaMlF14itAd48sMiDqHQjE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNTAxMTYwMDU1WhcNMjUwNTAyMTYwMDU1WjAzMTEwLwYDVQQD
EyhiNDZlMzBiNjY5YmJiOTFmMzEyMDE0ZWZjMGUyYTE2ZDZkMzU3YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLhrHiesYbVm1NO4xA7KuB++iAUh
ApzebeJODCJfno68pSRJcSEpkh94pRAJP91JraHqkOYc9+2fIRyqTyex/JDJb+5e
UkOhuwjaXdjBERjPslU8SYO6Ibe1/ccv2vehZXt8wT2zELKa2g44VF5MYEqjvUrB
eBoKY56ExHu57cmC6Cn+1V5a14Sz50Yo9kDVYgvPGry1qYYIbZv0H6gTf0a6MMkJ
CQfssjQehOqCkhpxpNRPnm9bdpJkhzn+0VtLtlFHLIWA0bSkYCie8tnkn+cyKZVh
Uq5QLIkppkujqoFqO7lycEBHJyGHVYoERoSFo7RfW/97jCmNg/NquQETVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRuMLZpu7kfMSAU78DioW1tNXsxMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPrL3zxl
hy5htQ0EEvkl65W/zhNtWqrxKjn9FeHkBnU0o9WcoBXiWdKkdyd4WNiVt3C4EP1j
v95bEmg61NioKUfEvnEVtHXmFGrc1GqQgv8pLHAog6qi7hudibZAiwLwbRTFRiAy
PCvagF9bdjbcy4YR/gIzJwFHnbgiFzMwUjvP+uQW7UGw7aO84TrWxf57fz4hnoKZ
XCSPBi4GRVSm8adbzFdy4iKN+PNkG6mZpbAS16Nk21czMQ/idWpQNsh+l5F24d4q
qCjxTjkCYiD2JSU0yXpXoVRNKWn/6oduE8uJHPRElVrel7C+16EnF1U5dZkOtj0B
2r8qCiqCmFfPqw==
-----END CERTIFICATE-----