Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
File:                     JKtnE2v5kKqL6IV6aNLDmezWKZo.mft (raw, json)
Hash identifier:          R6yie1WPZFBhSX905JntxZFVFkHPzJWG3LlaSeVHo1s=
Subject key identifier:   3F:44:C5:79:D8:D5:21:21:EE:7E:19:C1:05:A8:55:A5:59:A6:D3:60
Authority key identifier: 24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A
Certificate issuer:       /CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
Certificate serial:       0197B70E518510A94DAC22DD661D8FA8BBC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
Manifest number:          1544
Signing time:             Sat 28 Jun 2025 15:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 15:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 15:00:58 +0000
Files and hashes:         1: JKtnE2v5kKqL6IV6aNLDmezWKZo.crl (hash: hBQb5P+iGkqIatDs+DAySgV+tqBT6Wr9hlDUBINUPzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:51:85:10:a9:4d:ac:22:dd:66:1d:8f:a8:bb:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
        Validity
            Not Before: Jun 28 15:00:58 2025 GMT
            Not After : Jun 29 15:00:58 2025 GMT
        Subject: CN=3f44c579d8d52121ee7e19c105a855a559a6d360
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:75:a4:69:1c:11:27:22:12:a4:82:04:cc:3b:
                    6c:42:67:c3:1f:3b:ac:09:d1:5c:5d:8b:17:00:fa:
                    32:07:80:bf:1a:b5:6a:6a:b0:d3:2e:57:7f:07:cf:
                    4f:34:a7:6c:e8:15:16:2a:d3:d4:db:19:9c:8f:76:
                    49:84:07:ef:c1:ae:2f:b0:b8:e0:25:c1:f8:ed:7d:
                    99:68:7e:b4:62:0d:18:8b:59:58:b6:d8:e7:47:5e:
                    a8:74:3a:29:c6:09:d7:fc:7a:b9:ef:86:f8:53:57:
                    f5:f2:e8:2a:de:99:12:58:cd:91:db:c2:0e:a1:ae:
                    f5:7e:2c:da:0c:27:a0:ec:e6:5f:ff:b0:65:39:64:
                    09:5b:32:e6:79:25:de:ac:f3:dd:5a:a5:cc:58:fa:
                    4a:4c:38:69:e7:9b:06:17:90:60:94:b4:11:69:fb:
                    70:3a:d6:b0:25:5c:d9:52:25:b0:4c:04:b2:49:78:
                    92:36:a4:29:98:47:d3:0f:da:ee:22:88:1f:53:bb:
                    c5:7f:de:c1:9d:2c:88:30:6f:14:35:a2:bb:82:a7:
                    e5:49:d3:ed:50:43:1d:3b:fe:4f:1d:55:d9:93:92:
                    bf:99:50:de:db:c9:c0:6d:79:db:36:a3:08:0d:04:
                    23:40:a9:ed:08:be:7c:67:24:c3:f7:fe:2c:39:ad:
                    78:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:44:C5:79:D8:D5:21:21:EE:7E:19:C1:05:A8:55:A5:59:A6:D3:60
            X509v3 Authority Key Identifier:
                keyid:24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:ec:a6:95:a4:a3:d6:72:99:b8:76:b6:ef:11:6d:e7:23:f1:
         f8:77:55:0a:5f:19:7d:fd:47:21:95:36:57:c3:d9:c2:cf:a6:
         f5:a0:cb:08:c7:52:e7:bc:82:85:62:6c:44:b1:e8:24:20:a4:
         ec:74:a4:1a:b3:4c:77:28:10:34:77:86:a4:66:8f:1a:e7:70:
         12:91:a5:56:5c:6a:5d:34:ec:92:ae:a7:5d:1e:e2:c7:1c:ff:
         b1:61:56:be:75:4a:fc:67:e6:f2:fb:23:83:06:1b:a1:6a:80:
         33:a8:d9:ab:25:06:ab:18:45:13:17:6b:86:32:d7:9f:00:9c:
         71:2e:58:1e:c7:86:e8:51:51:5d:61:09:2a:94:24:4c:d5:4c:
         76:a6:3d:42:92:53:d7:fe:5b:f5:e4:e2:2e:7c:8e:36:39:00:
         ce:3e:86:e8:3b:dd:a2:a9:82:a4:63:3f:8d:fd:19:9c:3a:76:
         33:a9:e1:8b:20:c8:5e:8d:6d:50:5b:47:df:57:2f:7b:f8:21:
         46:f1:22:8c:35:5a:2c:f7:0a:fc:4c:a5:62:77:23:76:a0:c4:
         32:dc:7d:81:8a:4d:1e:40:09:c3:c5:d1:65:4d:f3:98:2f:8c:
         8e:04:92:3c:4c:92:bc:aa:a1:5d:87:d6:13:92:3a:01:c4:02:
         d0:ae:15:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DlGFEKlNrCLdZh2PqLvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YWI2NzEzNmJmOTkwYWE4YmU4ODU3YTY4ZDJjMzk5ZWNk
NjI5OWEwHhcNMjUwNjI4MTUwMDU4WhcNMjUwNjI5MTUwMDU4WjAzMTEwLwYDVQQD
EygzZjQ0YzU3OWQ4ZDUyMTIxZWU3ZTE5YzEwNWE4NTVhNTU5YTZkMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03WkaRwRJyISpIIEzDtsQmfDHzus
CdFcXYsXAPoyB4C/GrVqarDTLld/B89PNKds6BUWKtPU2xmcj3ZJhAfvwa4vsLjg
JcH47X2ZaH60Yg0Yi1lYttjnR16odDopxgnX/Hq574b4U1f18ugq3pkSWM2R28IO
oa71fizaDCeg7OZf/7BlOWQJWzLmeSXerPPdWqXMWPpKTDhp55sGF5BglLQRaftw
OtawJVzZUiWwTASySXiSNqQpmEfTD9ruIogfU7vFf97BnSyIMG8UNaK7gqflSdPt
UEMdO/5PHVXZk5K/mVDe28nAbXnbNqMIDQQjQKntCL58ZyTD9/4sOa148wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9ExXnY1SEh7n4ZwQWoVaVZptNgMB8GA1UdIwQY
MBaAFCSrZxNr+ZCqi+iFemjSw5ns1imaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMt
ZGQzMzYwMzkzMzkxLzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMtZGQzMzYwMzkzMzkx
LzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuymlaSj
1nKZuHa27xFt5yPx+HdVCl8Zff1HIZU2V8PZws+m9aDLCMdS57yChWJsRLHoJCCk
7HSkGrNMdygQNHeGpGaPGudwEpGlVlxqXTTskq6nXR7ixxz/sWFWvnVK/Gfm8vsj
gwYboWqAM6jZqyUGqxhFExdrhjLXnwCccS5YHseG6FFRXWEJKpQkTNVMdqY9QpJT
1/5b9eTiLnyONjkAzj6G6DvdoqmCpGM/jf0ZnDp2M6nhiyDIXo1tUFtH31cve/gh
RvEijDVaLPcK/EylYncjdqDEMtx9gYpNHkAJw8XRZU3zmC+MjgSSPEySvKqhXYfW
E5I6AcQC0K4VnQ==
-----END CERTIFICATE-----