Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          FHXM4pOhACsMPMW1wLI0yTilRDDV8CG3QmeTpoJ7IZs=
Subject key identifier:   66:08:2E:6C:32:09:CB:D8:E0:9E:BF:2F:C6:06:FD:7B:BE:70:5A:16
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       0196760D02F025372B04253C5CF52B4CE43C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          09B3
Signing time:             Sun 27 Apr 2025 07:01:26 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:26 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:26 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: HyvPwd3fY88H8QKl1Hf6wZcyCx0qfvvhPl/+ydE2uNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0d:02:f0:25:37:2b:04:25:3c:5c:f5:2b:4c:e4:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: Apr 27 07:01:26 2025 GMT
            Not After : Apr 28 07:01:26 2025 GMT
        Subject: CN=66082e6c3209cbd8e09ebf2fc606fd7bbe705a16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:da:b8:dc:37:96:af:f6:87:59:cf:56:d3:86:
                    e1:cd:24:1a:a3:82:05:85:2b:c5:7f:7a:95:12:41:
                    f9:28:e3:1a:56:60:a0:25:95:14:9b:95:e4:89:38:
                    17:ae:12:c0:dc:7c:da:52:c0:c9:3e:0c:4c:72:a9:
                    ce:35:1f:c2:b1:9e:f4:8a:7e:37:90:0b:6b:33:88:
                    b2:f6:ae:99:7f:a9:ac:e8:42:e2:2a:13:02:79:a5:
                    33:05:b6:8a:20:03:17:f6:e6:f4:07:44:65:ca:f4:
                    9b:4e:bd:96:37:85:a7:ff:fc:8f:96:00:d8:0c:79:
                    11:47:58:ef:58:73:c8:5a:b3:97:82:ad:13:9a:04:
                    12:54:5b:e4:d2:7a:60:6d:26:62:54:bb:f8:a5:1d:
                    ef:ab:5d:2d:96:49:8b:3f:bb:e2:da:21:d3:1b:61:
                    f1:71:54:9d:58:aa:c8:0c:82:89:4c:0b:85:7b:69:
                    e7:a5:2f:c9:e3:a6:3e:ad:42:42:e1:43:0b:f7:18:
                    75:84:15:dc:26:69:ce:bc:2f:d2:e3:ca:bb:cd:7d:
                    69:51:f1:73:04:38:4b:f3:7a:ed:3b:70:5d:9c:60:
                    26:7a:2a:15:2c:ad:c5:47:4b:56:4b:d4:77:9a:cc:
                    f9:64:4a:7e:ef:b1:e9:fb:6c:20:f0:80:ed:e6:43:
                    af:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:08:2E:6C:32:09:CB:D8:E0:9E:BF:2F:C6:06:FD:7B:BE:70:5A:16
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:a7:15:50:0d:f1:6b:1d:5a:57:cb:20:22:9c:7c:c8:95:8a:
         01:1f:ae:dc:01:fc:c1:5e:34:dd:98:75:a2:d7:75:a2:15:ca:
         b8:8d:9c:73:92:df:1d:ab:6d:f5:91:1c:0c:85:8b:72:49:3e:
         bf:a2:98:42:b1:82:d3:3c:01:c8:d0:d6:31:5e:b5:f5:28:c5:
         b8:31:f0:b6:50:16:ed:67:a8:42:b4:ee:96:e9:72:f9:80:98:
         f8:90:61:48:52:17:cb:8f:89:f3:bc:2b:a1:19:9e:91:5e:d9:
         c8:19:7d:df:eb:50:3f:86:88:4e:94:98:a4:1b:04:23:c5:f8:
         db:31:41:60:b2:51:4a:6c:41:1b:56:ab:de:3c:cd:b1:f6:80:
         30:58:a5:aa:a0:2e:a6:00:bc:e4:cd:9b:25:28:6b:12:39:f9:
         cc:2a:98:de:3d:6a:b7:1e:18:ce:c5:10:ee:a9:c4:9b:8d:dd:
         ce:57:14:d9:a0:0d:cc:76:be:d9:a4:4e:30:e6:e2:c8:9a:4f:
         26:f0:bf:7b:13:14:2e:3d:ec:ea:c8:01:fd:d0:54:00:79:26:
         d9:0a:88:05:f6:a0:5f:c1:b2:f3:30:ae:37:c4:56:cc:f7:6f:
         c3:62:7c:8c:15:47:9d:ef:08:db:6b:ec:a7:68:d6:5e:c0:00:
         39:1b:f6:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DQLwJTcrBCU8XPUrTOQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjUwNDI3MDcwMTI2WhcNMjUwNDI4MDcwMTI2WjAzMTEwLwYDVQQD
Eyg2NjA4MmU2YzMyMDljYmQ4ZTA5ZWJmMmZjNjA2ZmQ3YmJlNzA1YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodq43DeWr/aHWc9W04bhzSQao4IF
hSvFf3qVEkH5KOMaVmCgJZUUm5XkiTgXrhLA3HzaUsDJPgxMcqnONR/CsZ70in43
kAtrM4iy9q6Zf6ms6ELiKhMCeaUzBbaKIAMX9ub0B0RlyvSbTr2WN4Wn//yPlgDY
DHkRR1jvWHPIWrOXgq0TmgQSVFvk0npgbSZiVLv4pR3vq10tlkmLP7vi2iHTG2Hx
cVSdWKrIDIKJTAuFe2nnpS/J46Y+rUJC4UML9xh1hBXcJmnOvC/S48q7zX1pUfFz
BDhL83rtO3BdnGAmeioVLK3FR0tWS9R3msz5ZEp+77Hp+2wg8IDt5kOvIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYILmwyCcvY4J6/L8YG/Xu+cFoWMB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApacVUA3x
ax1aV8sgIpx8yJWKAR+u3AH8wV403Zh1otd1ohXKuI2cc5LfHatt9ZEcDIWLckk+
v6KYQrGC0zwByNDWMV619SjFuDHwtlAW7WeoQrTululy+YCY+JBhSFIXy4+J87wr
oRmekV7ZyBl93+tQP4aITpSYpBsEI8X42zFBYLJRSmxBG1ar3jzNsfaAMFilqqAu
pgC85M2bJShrEjn5zCqY3j1qtx4YzsUQ7qnEm43dzlcU2aANzHa+2aROMObiyJpP
JvC/exMULj3s6sgB/dBUAHkm2QqIBfagX8Gy8zCuN8RWzPdvw2J8jBVHne8I22vs
p2jWXsAAORv2qg==
-----END CERTIFICATE-----