Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
File:                     JKtnE2v5kKqL6IV6aNLDmezWKZo.mft (raw, json)
Hash identifier:          G3p0JKm4DUP0K2V1L9HpHBLRbaO/YGZAPbdkdcvQ3nY=
Subject key identifier:   AE:27:64:12:3F:80:9F:88:AF:AF:F2:51:09:1C:F9:E5:2F:28:BA:77
Authority key identifier: 24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A
Certificate issuer:       /CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
Certificate serial:       0196AE7BB0938183610DF1EEAB7A2FB657E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
Manifest number:          14BB
Signing time:             Thu 08 May 2025 06:01:03 +0000
Manifest this update:     Thu 08 May 2025 06:01:03 +0000
Manifest next update:     Fri 09 May 2025 06:01:03 +0000
Files and hashes:         1: JKtnE2v5kKqL6IV6aNLDmezWKZo.crl (hash: iyE9XOozFq689lVx/+/AQRf1YHn8yH0cUc/Ihh6oD1Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 06:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:7b:b0:93:81:83:61:0d:f1:ee:ab:7a:2f:b6:57:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
        Validity
            Not Before: May  8 06:01:03 2025 GMT
            Not After : May  9 06:01:03 2025 GMT
        Subject: CN=ae2764123f809f88afaff251091cf9e52f28ba77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:41:00:35:3b:ab:e9:ba:07:af:16:86:bb:59:
                    bf:81:df:69:a5:cd:2f:a1:5a:b0:f7:24:bb:a5:61:
                    d9:7c:f1:74:fe:d8:c4:6d:4c:23:b2:c5:b3:59:d1:
                    3d:d3:1f:8b:df:6c:b8:48:10:09:20:eb:3f:bb:ae:
                    4e:06:69:cd:82:78:be:0e:4f:bd:5f:e0:10:78:24:
                    71:0b:eb:81:60:8d:71:8f:75:99:3e:5e:ca:ab:c8:
                    81:a6:e1:f5:d4:6a:38:0a:e9:0e:66:01:eb:21:59:
                    48:ca:f0:e2:02:b2:d8:37:88:36:b6:71:9f:16:65:
                    cc:6d:3c:25:37:f2:61:ca:a0:f6:92:aa:2f:e1:52:
                    a3:13:17:67:1e:2f:70:ac:c5:07:cc:e6:5a:c6:2c:
                    a5:90:06:b4:b9:21:67:92:fd:c9:09:f8:87:c4:96:
                    2c:79:b9:80:3f:b1:e8:60:23:c6:c4:e0:6a:10:42:
                    8d:e1:64:52:36:61:32:fb:2e:8b:f0:66:32:29:e1:
                    0b:d7:7a:f1:ad:3f:5a:67:95:74:98:7b:f8:fe:97:
                    38:bd:60:6b:15:f8:99:bd:57:31:c0:9d:b2:bd:43:
                    85:e8:a6:c7:79:bf:b6:ce:d7:b4:09:15:2e:9f:9e:
                    a3:ab:74:c3:ba:3c:b1:1e:85:df:47:bc:48:d0:42:
                    4d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:27:64:12:3F:80:9F:88:AF:AF:F2:51:09:1C:F9:E5:2F:28:BA:77
            X509v3 Authority Key Identifier:
                keyid:24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:f4:4f:16:06:86:93:8c:23:2d:f7:23:7c:91:37:0f:10:a9:
         55:ef:3d:12:9d:45:b3:af:f2:fb:32:35:97:3a:93:bd:42:2e:
         1e:ed:0b:79:d5:d3:78:4f:25:53:ae:af:29:dd:6b:0c:25:ae:
         b1:b5:3d:57:cf:0a:aa:6b:08:32:cc:5d:46:77:62:01:c1:be:
         66:ca:71:fc:06:66:bd:ec:68:58:6d:fb:3d:27:00:4f:f3:a3:
         06:16:97:73:ed:40:f2:c2:a8:eb:90:50:ec:47:de:e6:c5:80:
         d5:44:33:ef:42:9a:e6:dd:40:b0:53:55:e8:be:e4:08:bd:53:
         a4:28:63:e8:f6:55:c8:e4:e3:a9:a3:d5:2b:65:8b:8a:c4:86:
         22:67:a6:f0:e1:30:c2:44:37:a5:cd:0a:0d:ff:d5:cc:c7:84:
         9a:13:c7:9d:26:96:43:1f:43:a7:03:1d:1d:25:8b:eb:60:2c:
         5b:b2:0c:af:e7:a2:fe:e2:4c:8a:9e:a5:4b:ed:b7:bb:58:e3:
         b6:f5:07:aa:c8:e3:9e:f4:17:35:65:e5:ae:fe:4a:49:5b:74:
         24:7d:d7:ea:3a:29:f3:81:4f:7d:75:c1:57:dc:bd:64:78:41:
         ae:9f:d8:ef:75:2c:f8:a4:cc:ec:52:08:ed:07:69:3a:20:18:
         29:2b:fb:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaue7CTgYNhDfHuq3ovtlfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YWI2NzEzNmJmOTkwYWE4YmU4ODU3YTY4ZDJjMzk5ZWNk
NjI5OWEwHhcNMjUwNTA4MDYwMTAzWhcNMjUwNTA5MDYwMTAzWjAzMTEwLwYDVQQD
EyhhZTI3NjQxMjNmODA5Zjg4YWZhZmYyNTEwOTFjZjllNTJmMjhiYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0EANTur6boHrxaGu1m/gd9ppc0v
oVqw9yS7pWHZfPF0/tjEbUwjssWzWdE90x+L32y4SBAJIOs/u65OBmnNgni+Dk+9
X+AQeCRxC+uBYI1xj3WZPl7Kq8iBpuH11Go4CukOZgHrIVlIyvDiArLYN4g2tnGf
FmXMbTwlN/JhyqD2kqov4VKjExdnHi9wrMUHzOZaxiylkAa0uSFnkv3JCfiHxJYs
ebmAP7HoYCPGxOBqEEKN4WRSNmEy+y6L8GYyKeEL13rxrT9aZ5V0mHv4/pc4vWBr
FfiZvVcxwJ2yvUOF6KbHeb+2zte0CRUun56jq3TDujyxHoXfR7xI0EJNmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4nZBI/gJ+Ir6/yUQkc+eUvKLp3MB8GA1UdIwQY
MBaAFCSrZxNr+ZCqi+iFemjSw5ns1imaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMt
ZGQzMzYwMzkzMzkxLzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMtZGQzMzYwMzkzMzkx
LzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPRPFgaG
k4wjLfcjfJE3DxCpVe89Ep1Fs6/y+zI1lzqTvUIuHu0LedXTeE8lU66vKd1rDCWu
sbU9V88KqmsIMsxdRndiAcG+Zspx/AZmvexoWG37PScAT/OjBhaXc+1A8sKo65BQ
7Efe5sWA1UQz70Ka5t1AsFNV6L7kCL1TpChj6PZVyOTjqaPVK2WLisSGImem8OEw
wkQ3pc0KDf/VzMeEmhPHnSaWQx9DpwMdHSWL62AsW7IMr+ei/uJMip6lS+23u1jj
tvUHqsjjnvQXNWXlrv5KSVt0JH3X6jop84FPfXXBV9y9ZHhBrp/Y73Us+KTM7FII
7QdpOiAYKSv7PA==
-----END CERTIFICATE-----