Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
File:                     IsOFEHH5YIjHtxGcteFGPLq5jFk.mft (raw, json)
Hash identifier:          JxG3DZYikOcCBfsRKi+96uOqJYIXOSVhpwZq5PLnd4U=
Subject key identifier:   89:C4:9B:AC:25:D1:45:AF:96:36:1F:3F:1F:34:D6:37:6A:D0:0C:B7
Authority key identifier: 22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59
Certificate issuer:       /CN=22c3851071f96088c7b7119cb5e1463cbab98c59
Certificate serial:       0197711AC83F258C0BB67F73CE4B4588008F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
Manifest number:          0FDE
Signing time:             Sun 15 Jun 2025 01:01:09 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:09 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:09 +0000
Files and hashes:         1: IsOFEHH5YIjHtxGcteFGPLq5jFk.crl (hash: uceZfS93L+KNEqqtUybwiN2j6KhYlt/Ei0/PiJNIFLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:c8:3f:25:8c:0b:b6:7f:73:ce:4b:45:88:00:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c3851071f96088c7b7119cb5e1463cbab98c59
        Validity
            Not Before: Jun 15 01:01:09 2025 GMT
            Not After : Jun 16 01:01:09 2025 GMT
        Subject: CN=89c49bac25d145af96361f3f1f34d6376ad00cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6a:64:1e:f2:6a:a4:11:97:07:3b:49:1a:fe:
                    0e:47:df:bd:47:12:cc:58:dd:d1:65:40:6b:c8:45:
                    4d:a6:f6:c3:69:02:87:94:59:98:9c:7e:1d:02:1f:
                    17:cd:04:e6:1d:b4:41:c2:59:d5:e5:96:4a:a5:9b:
                    78:1d:68:b6:f6:40:5e:66:ea:f3:41:b6:83:77:fd:
                    35:47:75:38:54:3d:eb:ce:11:68:7c:65:57:c3:ed:
                    1f:21:b6:94:5c:be:b1:19:60:02:d8:c5:cf:fe:47:
                    e9:e3:74:99:f7:a2:14:f1:15:09:54:aa:20:b2:f7:
                    78:b3:44:1c:5b:a5:6e:b4:db:ad:6e:77:6e:8c:9c:
                    1c:bf:03:e3:9d:b4:9a:97:18:82:c3:cd:59:43:f9:
                    e1:4b:ae:d1:89:d4:ef:76:d5:cd:1c:98:92:b3:17:
                    14:27:7f:59:be:bf:db:ed:b2:2d:e3:90:b3:af:1f:
                    61:7e:54:dc:ea:d6:d1:30:1d:84:1e:a4:ee:a0:a6:
                    71:31:58:6a:77:27:60:22:d5:62:0f:e1:96:48:27:
                    28:c4:d5:d3:27:1c:ee:88:08:5c:90:73:e6:49:bc:
                    1a:b2:11:b6:2c:dd:c0:10:56:c5:c6:6b:91:43:6a:
                    e2:d7:9f:2f:cc:46:04:e3:37:97:99:5a:85:12:c0:
                    80:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:C4:9B:AC:25:D1:45:AF:96:36:1F:3F:1F:34:D6:37:6A:D0:0C:B7
            X509v3 Authority Key Identifier:
                keyid:22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:87:5d:0a:36:21:2d:b3:1d:5e:1f:d3:78:86:e5:d3:99:73:
         8a:6c:ae:f2:07:2a:fb:64:a2:3c:e4:8c:f8:25:e7:53:67:44:
         eb:ea:02:44:49:1a:2f:05:38:5c:de:c1:57:6e:aa:c6:9c:84:
         d7:75:e1:00:67:c2:28:b0:b2:60:3a:53:39:81:45:7c:f1:95:
         15:1e:19:68:3f:cb:6f:38:1d:40:bc:71:b4:16:0c:b9:87:ab:
         63:0b:5d:cd:77:88:c7:51:b7:da:af:ef:53:0c:b4:e3:86:d3:
         93:bb:93:03:cc:00:89:f7:72:84:1e:40:ff:12:20:42:60:b3:
         f1:dd:26:c9:09:c4:b6:e4:1f:0f:f7:8a:1b:8e:f3:84:91:aa:
         92:40:98:f6:8c:3c:31:2f:a2:4b:86:44:e4:82:1e:a0:32:23:
         7a:69:87:77:2c:0e:05:fa:49:a0:3e:f2:93:d6:98:90:0e:dd:
         57:9c:ce:73:f0:21:48:df:9e:f0:f1:3f:1c:b5:f8:f7:03:94:
         fa:04:0d:ab:9e:57:bf:7b:0d:89:e0:0d:a9:5d:c9:f6:eb:d5:
         f9:0c:76:93:b3:25:25:22:38:01:d8:de:69:c2:bc:92:da:f6:
         b5:a2:f5:18:ae:78:7a:93:64:5b:42:42:c6:40:f3:7b:c6:2b:
         0f:a7:25:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGsg/JYwLtn9zzktFiACPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzM4NTEwNzFmOTYwODhjN2I3MTE5Y2I1ZTE0NjNjYmFi
OThjNTkwHhcNMjUwNjE1MDEwMTA5WhcNMjUwNjE2MDEwMTA5WjAzMTEwLwYDVQQD
Eyg4OWM0OWJhYzI1ZDE0NWFmOTYzNjFmM2YxZjM0ZDYzNzZhZDAwY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmpkHvJqpBGXBztJGv4OR9+9RxLM
WN3RZUBryEVNpvbDaQKHlFmYnH4dAh8XzQTmHbRBwlnV5ZZKpZt4HWi29kBeZurz
QbaDd/01R3U4VD3rzhFofGVXw+0fIbaUXL6xGWAC2MXP/kfp43SZ96IU8RUJVKog
svd4s0QcW6VutNutbndujJwcvwPjnbSalxiCw81ZQ/nhS67RidTvdtXNHJiSsxcU
J39Zvr/b7bIt45Czrx9hflTc6tbRMB2EHqTuoKZxMVhqdydgItViD+GWSCcoxNXT
JxzuiAhckHPmSbwashG2LN3AEFbFxmuRQ2ri158vzEYE4zeXmVqFEsCA6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInEm6wl0UWvljYfPx801jdq0Ay3MB8GA1UdIwQY
MBaAFCLDhRBx+WCIx7cRnLXhRjy6uYxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTIt
Y2JmZGUwMjkwNzA4LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTItY2JmZGUwMjkwNzA4
LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIddCjYh
LbMdXh/TeIbl05lzimyu8gcq+2SiPOSM+CXnU2dE6+oCREkaLwU4XN7BV26qxpyE
13XhAGfCKLCyYDpTOYFFfPGVFR4ZaD/LbzgdQLxxtBYMuYerYwtdzXeIx1G32q/v
Uwy044bTk7uTA8wAifdyhB5A/xIgQmCz8d0myQnEtuQfD/eKG47zhJGqkkCY9ow8
MS+iS4ZE5IIeoDIjemmHdywOBfpJoD7yk9aYkA7dV5zOc/AhSN+e8PE/HLX49wOU
+gQNq55Xv3sNieANqV3J9uvV+Qx2k7MlJSI4AdjeacK8ktr2taL1GK54epNkW0JC
xkDze8YrD6cluQ==
-----END CERTIFICATE-----