Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          yeDcqjQmU7ijsYz9+o84WH1y4LpIY1K+KGFHU6gZDQs=
Subject key identifier:   38:B2:FB:CB:C9:5B:AD:7B:DF:FC:CD:05:D5:79:F2:02:90:28:A7:2B
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       019769608A74595573FE38E5DAE7B4429024
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          0A31
Signing time:             Fri 13 Jun 2025 13:00:23 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:23 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:23 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: 6ilZfq8GR8w2spTUBb/EWSSjdFAxzZYDwl23gxRvA3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:8a:74:59:55:73:fe:38:e5:da:e7:b4:42:90:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: Jun 13 13:00:23 2025 GMT
            Not After : Jun 14 13:00:23 2025 GMT
        Subject: CN=38b2fbcbc95bad7bdffccd05d579f2029028a72b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:28:b4:97:2d:d2:03:af:e9:ed:fa:45:ff:7e:
                    f6:85:fb:bc:1d:05:61:fc:45:4e:df:2c:66:3f:11:
                    7b:f0:68:de:80:73:28:ad:7d:3b:91:50:4d:e1:ee:
                    65:9b:fd:99:1b:d8:8b:b5:07:be:49:50:e9:08:15:
                    1d:d3:48:92:8f:85:b2:d9:d6:86:c1:d2:d5:29:06:
                    88:3e:d8:48:72:eb:5f:6a:9c:eb:d6:fb:8a:a4:04:
                    7c:3e:0b:ce:37:9a:79:26:ef:98:76:72:e0:f2:69:
                    7d:5e:d0:24:6e:79:7f:b3:f5:84:19:61:ac:2d:be:
                    6e:0b:7c:ae:91:d7:d2:72:7f:3c:7d:03:5d:b2:63:
                    b2:c7:21:32:dc:b6:c6:36:0c:85:d5:47:01:a0:9c:
                    70:4e:0a:b3:1d:5a:eb:87:70:b2:9e:8f:02:47:94:
                    e3:1a:ac:0b:63:68:b2:97:38:d8:c7:a7:19:da:1c:
                    5f:cf:b7:b1:08:92:7d:67:c0:85:39:94:ae:81:ce:
                    e9:12:22:ca:ef:b2:6a:e7:46:a0:e7:53:63:fa:45:
                    1b:d8:d9:c3:2d:d3:db:fb:91:e8:b3:b1:ae:a4:89:
                    6d:e6:e8:d6:5e:78:63:64:0f:73:6e:f2:c0:a3:aa:
                    02:0d:03:60:be:d6:85:3e:f2:c0:39:60:7d:6b:62:
                    a0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B2:FB:CB:C9:5B:AD:7B:DF:FC:CD:05:D5:79:F2:02:90:28:A7:2B
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:49:3d:11:11:f9:1b:03:1f:24:ee:8d:4d:8a:9b:7d:54:73:
         e9:23:f5:3d:64:b8:df:7d:b8:c8:6c:36:ee:e3:08:3c:54:b8:
         a9:ac:70:de:29:56:69:58:f8:b1:63:25:0d:09:bb:17:5b:a7:
         a3:b9:48:a1:cf:a2:c5:df:8f:96:26:09:44:b5:1f:86:4a:39:
         ed:60:ed:60:2e:18:0f:18:a3:8c:64:83:2f:84:fd:b4:fd:f8:
         f0:33:8a:ee:9f:82:81:5e:28:fa:89:6c:d3:88:64:72:b7:0e:
         8e:d8:d8:d3:ef:e6:0b:b1:75:dc:27:2e:41:82:9e:a0:65:35:
         d0:92:61:03:f7:1d:9b:b6:85:76:31:2e:74:c0:52:38:f9:44:
         18:f5:b3:00:85:5e:23:92:90:1b:94:01:80:99:46:92:0c:13:
         06:da:a2:d6:87:ec:61:eb:b4:6b:fd:c9:b1:76:db:ce:a0:09:
         28:30:8d:4b:b2:b7:40:05:d6:fe:31:a5:a9:27:ca:b0:11:21:
         a4:b3:5d:51:20:f1:f7:a3:a9:f0:91:0c:fb:36:9e:1a:86:72:
         48:80:6f:6b:18:04:30:3d:9b:fa:27:95:cf:8f:3e:f7:f0:61:
         47:2a:1f:d0:c8:65:2f:ba:55:df:cf:a8:66:10:f7:7c:88:4a:
         2a:48:49:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYIp0WVVz/jjl2ue0QpAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjUwNjEzMTMwMDIzWhcNMjUwNjE0MTMwMDIzWjAzMTEwLwYDVQQD
EygzOGIyZmJjYmM5NWJhZDdiZGZmY2NkMDVkNTc5ZjIwMjkwMjhhNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCi0ly3SA6/p7fpF/372hfu8HQVh
/EVO3yxmPxF78GjegHMorX07kVBN4e5lm/2ZG9iLtQe+SVDpCBUd00iSj4Wy2daG
wdLVKQaIPthIcutfapzr1vuKpAR8PgvON5p5Ju+YdnLg8ml9XtAkbnl/s/WEGWGs
Lb5uC3yukdfScn88fQNdsmOyxyEy3LbGNgyF1UcBoJxwTgqzHVrrh3Cyno8CR5Tj
GqwLY2iylzjYx6cZ2hxfz7exCJJ9Z8CFOZSugc7pEiLK77Jq50ag51Nj+kUb2NnD
LdPb+5Hos7GupIlt5ujWXnhjZA9zbvLAo6oCDQNgvtaFPvLAOWB9a2Kg8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiy+8vJW6173/zNBdV58gKQKKcrMB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEk9ERH5
GwMfJO6NTYqbfVRz6SP1PWS43324yGw27uMIPFS4qaxw3ilWaVj4sWMlDQm7F1un
o7lIoc+ixd+PliYJRLUfhko57WDtYC4YDxijjGSDL4T9tP348DOK7p+CgV4o+ols
04hkcrcOjtjY0+/mC7F13CcuQYKeoGU10JJhA/cdm7aFdjEudMBSOPlEGPWzAIVe
I5KQG5QBgJlGkgwTBtqi1ofsYeu0a/3JsXbbzqAJKDCNS7K3QAXW/jGlqSfKsBEh
pLNdUSDx96Op8JEM+zaeGoZySIBvaxgEMD2b+ieVz48+9/BhRyof0MhlL7pV38+o
ZhD3fIhKKkhJ5g==
-----END CERTIFICATE-----