Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
File:                     9efoeENmtHGmpODICA-PENrmalA.mft (raw, json)
Hash identifier:          rXODxT4agVIUAU2B1PvzPOhg9pDFxohyzXUWe3C9ClM=
Subject key identifier:   1A:8F:F3:30:67:51:CD:05:13:3E:2F:D0:71:9A:EA:A3:61:22:5E:16
Authority key identifier: F5:E7:E8:78:43:66:B4:71:A6:A4:E0:C8:08:0F:8F:10:DA:E6:6A:50
Certificate issuer:       /CN=f5e7e8784366b471a6a4e0c8080f8f10dae66a50
Certificate serial:       01969002BE019742061DB1C69667D8AF7327
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
Manifest number:          0D21
Signing time:             Fri 02 May 2025 08:00:20 +0000
Manifest this update:     Fri 02 May 2025 08:00:20 +0000
Manifest next update:     Sat 03 May 2025 08:00:20 +0000
Files and hashes:         1: 9efoeENmtHGmpODICA-PENrmalA.crl (hash: 7NPYLmsOpGu9FonCJdq/6T3bKqJwh67S0earcTejsTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 08:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:90:02:be:01:97:42:06:1d:b1:c6:96:67:d8:af:73:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5e7e8784366b471a6a4e0c8080f8f10dae66a50
        Validity
            Not Before: May  2 08:00:20 2025 GMT
            Not After : May  3 08:00:20 2025 GMT
        Subject: CN=1a8ff3306751cd05133e2fd0719aeaa361225e16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f9:47:98:95:b5:27:02:f0:be:68:07:8c:ac:
                    5b:d8:f9:ef:b1:99:95:8f:78:6d:e5:29:aa:dd:6a:
                    2d:0b:79:2c:00:94:76:e8:d8:ab:8f:1a:99:b9:48:
                    0d:10:b0:09:5b:6a:c1:2a:41:16:ce:ae:4c:45:a1:
                    d3:ae:f5:f5:30:97:94:8c:cf:f2:a2:e9:f6:3d:34:
                    7a:68:9c:3e:49:c4:b6:66:d9:a5:aa:0a:79:18:7a:
                    86:df:1a:92:06:72:8a:40:44:f8:ba:28:b3:89:d8:
                    c4:56:c7:49:b7:7d:f4:5b:80:d5:22:3b:db:cf:11:
                    0e:5f:48:43:ce:6b:7d:b6:5e:76:52:a9:94:c5:90:
                    aa:26:dd:e0:99:6e:cf:49:e3:74:0c:e5:7f:8e:24:
                    d6:91:5a:fb:43:43:56:60:f1:bc:e6:0a:11:f9:42:
                    de:66:f8:af:78:1d:ac:a8:35:19:23:9d:9e:d8:77:
                    2e:f1:5b:2f:28:d8:35:09:7f:7f:cd:7d:ae:bb:25:
                    3a:e7:cf:6f:be:6c:3b:8a:ff:70:84:1a:d1:a3:4e:
                    0b:87:8e:d0:8d:52:51:34:c3:e3:d6:cd:7a:83:9b:
                    a0:94:ba:ac:03:53:5d:ce:e2:9c:42:8a:67:ac:6d:
                    45:d7:17:38:b3:b5:39:49:c1:d0:44:ae:31:89:92:
                    0e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:8F:F3:30:67:51:CD:05:13:3E:2F:D0:71:9A:EA:A3:61:22:5E:16
            X509v3 Authority Key Identifier:
                keyid:F5:E7:E8:78:43:66:B4:71:A6:A4:E0:C8:08:0F:8F:10:DA:E6:6A:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:08:b4:11:3d:90:18:10:69:da:e5:9c:c4:60:7d:a6:e8:d3:
         36:f7:df:42:2d:a5:74:6b:82:a0:37:42:f8:9a:2e:ed:30:1f:
         dd:48:8a:c5:62:86:03:04:4d:cf:f4:b4:6f:10:0c:ae:00:20:
         ce:37:d2:68:e3:45:4d:20:20:df:de:6b:9c:f5:96:06:65:d4:
         6d:28:a1:a9:23:a3:61:84:a3:d1:9f:21:ac:63:9c:cd:37:23:
         77:6b:49:57:1c:db:e4:31:a6:48:f8:d7:d0:0a:c9:b2:cc:07:
         c8:ae:60:b5:ef:97:ff:96:3e:3e:9a:d4:43:be:92:e7:e5:2a:
         de:f9:66:a1:92:40:de:71:38:aa:20:67:48:c3:06:58:4b:3a:
         85:a5:f3:b5:02:cd:b7:53:78:25:21:4f:e2:a2:7b:48:d0:ba:
         5f:2b:6d:32:68:0f:af:3a:bb:fc:d7:dc:88:c6:b5:97:39:8c:
         4f:f2:e2:6a:a5:60:01:03:12:b5:95:c8:e6:08:41:1a:0d:d8:
         cf:cf:8c:89:ae:06:88:0d:df:ce:69:0e:19:2c:f0:2d:c0:2c:
         83:52:e3:ff:6d:bc:61:66:45:93:01:06:9b:c0:4a:1d:7a:8d:
         f2:b5:6d:df:13:0f:05:69:b3:c1:14:e8:08:eb:d5:b5:5d:70:
         36:fd:c8:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaQAr4Bl0IGHbHGlmfYr3MnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZTdlODc4NDM2NmI0NzFhNmE0ZTBjODA4MGY4ZjEwZGFl
NjZhNTAwHhcNMjUwNTAyMDgwMDIwWhcNMjUwNTAzMDgwMDIwWjAzMTEwLwYDVQQD
EygxYThmZjMzMDY3NTFjZDA1MTMzZTJmZDA3MTlhZWFhMzYxMjI1ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqflHmJW1JwLwvmgHjKxb2PnvsZmV
j3ht5Smq3WotC3ksAJR26NirjxqZuUgNELAJW2rBKkEWzq5MRaHTrvX1MJeUjM/y
oun2PTR6aJw+ScS2Ztmlqgp5GHqG3xqSBnKKQET4uiizidjEVsdJt330W4DVIjvb
zxEOX0hDzmt9tl52UqmUxZCqJt3gmW7PSeN0DOV/jiTWkVr7Q0NWYPG85goR+ULe
ZviveB2sqDUZI52e2Hcu8VsvKNg1CX9/zX2uuyU6589vvmw7iv9whBrRo04Lh47Q
jVJRNMPj1s16g5uglLqsA1NdzuKcQopnrG1F1xc4s7U5ScHQRK4xiZIOmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqP8zBnUc0FEz4v0HGa6qNhIl4WMB8GA1UdIwQY
MBaAFPXn6HhDZrRxpqTgyAgPjxDa5mpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9lMDIwMWYtOGQxOC00OGZkLWE2Nzct
MGQyNzA0NjJiN2Q3LzEvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9lMDIwMWYtOGQxOC00OGZkLWE2NzctMGQyNzA0NjJiN2Q3
LzEvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKgi0ET2Q
GBBp2uWcxGB9pujTNvffQi2ldGuCoDdC+Jou7TAf3UiKxWKGAwRNz/S0bxAMrgAg
zjfSaONFTSAg395rnPWWBmXUbSihqSOjYYSj0Z8hrGOczTcjd2tJVxzb5DGmSPjX
0ArJsswHyK5gte+X/5Y+PprUQ76S5+Uq3vlmoZJA3nE4qiBnSMMGWEs6haXztQLN
t1N4JSFP4qJ7SNC6XyttMmgPrzq7/NfciMa1lzmMT/LiaqVgAQMStZXI5ghBGg3Y
z8+Mia4GiA3fzmkOGSzwLcAsg1Lj/228YWZFkwEGm8BKHXqN8rVt3xMPBWmzwRTo
COvVtV1wNv3IbQ==
-----END CERTIFICATE-----