Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          BmApyw4Sjc90d8t61mTg2y68Fm1vrTijtTUOPmuxcXU=
Subject key identifier:   43:0C:80:C5:A2:B9:A3:D0:3C:F9:79:71:8D:C8:C2:29:0A:35:1A:07
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       0196C6833DAA8B87D17C8123231C2A1F9B09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          0390
Signing time:             Mon 12 May 2025 22:00:11 +0000
Manifest this update:     Mon 12 May 2025 22:00:11 +0000
Manifest next update:     Tue 13 May 2025 22:00:11 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: rYZ9wLGEQizISmmE4nogZtzn+vSYIt2+zDSQ0GC0YNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 20:47:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:83:3d:aa:8b:87:d1:7c:81:23:23:1c:2a:1f:9b:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: May 12 22:00:11 2025 GMT
            Not After : May 13 22:00:11 2025 GMT
        Subject: CN=430c80c5a2b9a3d03cf979718dc8c2290a351a07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:a7:54:81:4a:9b:90:86:1b:c1:d0:c6:eb:42:
                    48:13:7d:1a:b7:54:58:ad:dc:da:4b:54:1d:79:b9:
                    7e:a9:5b:3c:57:de:b6:09:99:51:ca:d4:ad:04:f2:
                    72:75:df:de:b5:ae:a9:7b:3e:2b:6e:03:ed:f3:9b:
                    1c:b4:38:86:0c:2c:7e:72:a4:35:89:c9:31:bb:34:
                    8c:3c:82:3d:22:bd:b1:2c:ce:e7:e1:7a:7f:c6:c5:
                    f2:40:34:96:14:9b:4c:01:4b:1d:25:de:3b:71:ff:
                    34:f6:fd:ea:25:1b:f3:05:4b:cf:41:db:47:3f:6a:
                    7c:af:37:4b:1b:ec:10:ba:a6:b9:3c:46:14:36:62:
                    be:d5:33:8a:12:c5:fa:88:92:27:ba:ec:45:3f:d2:
                    3d:78:60:f7:47:72:e3:f4:3c:ee:2e:e7:1b:f1:1f:
                    32:36:4d:2d:a1:ac:67:25:5e:ba:e1:a3:cb:c8:86:
                    23:63:c0:49:03:45:5c:73:e1:69:12:60:0c:1d:cd:
                    9d:10:89:97:cd:26:5c:7c:4e:89:3e:4e:41:36:64:
                    21:41:ab:62:94:11:6d:2c:8d:0e:49:40:00:fd:f1:
                    a8:0a:c3:7a:d2:44:52:48:d8:13:f5:d3:91:d0:cc:
                    9e:f7:f6:4c:88:3c:95:42:fc:26:2d:82:a5:2a:bb:
                    ed:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:0C:80:C5:A2:B9:A3:D0:3C:F9:79:71:8D:C8:C2:29:0A:35:1A:07
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:40:13:14:bf:06:c6:4a:75:79:3e:5e:2a:fb:70:d3:87:18:
         a2:c1:6c:dd:72:c1:48:47:5d:12:88:16:a3:64:53:c4:c3:16:
         9b:fe:89:34:69:7f:77:69:7e:53:7e:12:b4:02:d2:64:cf:05:
         bf:9c:55:0d:02:25:81:eb:ed:e7:80:c2:8c:b8:51:fe:b7:76:
         8b:2f:db:da:6b:67:f0:c2:b3:a6:8f:39:d4:1e:3c:a9:0d:2a:
         cd:f6:63:95:af:c3:64:0d:1c:a8:e5:ed:aa:25:82:69:4b:3a:
         71:b8:f8:d5:25:92:fc:fc:78:b2:e9:ee:b5:b5:3d:cb:63:92:
         1a:81:fa:ca:4f:6a:4c:8c:9b:ef:26:54:d5:8c:52:db:40:59:
         f3:22:2c:1a:b5:b1:95:1c:10:f7:a7:eb:4e:a1:c9:fe:5e:f6:
         39:a9:8c:ad:95:b6:42:b7:6c:4f:49:9c:51:a3:37:b7:6b:11:
         e7:4f:a9:cb:22:d6:9d:b8:26:7b:23:f7:98:93:89:10:03:b4:
         7f:da:42:52:51:0f:5e:33:48:80:58:f3:e7:14:dc:f1:b7:a1:
         29:2b:53:51:3f:e9:20:1e:77:cf:e6:df:03:72:d7:2d:9e:62:
         1d:3c:68:5e:8a:8d:6b:8c:59:64:9c:ae:df:65:d0:74:52:0a:
         41:26:e4:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbGgz2qi4fRfIEjIxwqH5sJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUwNTEyMjIwMDExWhcNMjUwNTEzMjIwMDExWjAzMTEwLwYDVQQD
Eyg0MzBjODBjNWEyYjlhM2QwM2NmOTc5NzE4ZGM4YzIyOTBhMzUxYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qdUgUqbkIYbwdDG60JIE30at1RY
rdzaS1Qdebl+qVs8V962CZlRytStBPJydd/eta6pez4rbgPt85sctDiGDCx+cqQ1
ickxuzSMPII9Ir2xLM7n4Xp/xsXyQDSWFJtMAUsdJd47cf809v3qJRvzBUvPQdtH
P2p8rzdLG+wQuqa5PEYUNmK+1TOKEsX6iJInuuxFP9I9eGD3R3Lj9DzuLucb8R8y
Nk0toaxnJV664aPLyIYjY8BJA0Vcc+FpEmAMHc2dEImXzSZcfE6JPk5BNmQhQati
lBFtLI0OSUAA/fGoCsN60kRSSNgT9dOR0Mye9/ZMiDyVQvwmLYKlKrvtKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMMgMWiuaPQPPl5cY3IwikKNRoHMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr0ATFL8G
xkp1eT5eKvtw04cYosFs3XLBSEddEogWo2RTxMMWm/6JNGl/d2l+U34StALSZM8F
v5xVDQIlgevt54DCjLhR/rd2iy/b2mtn8MKzpo851B48qQ0qzfZjla/DZA0cqOXt
qiWCaUs6cbj41SWS/Px4sunutbU9y2OSGoH6yk9qTIyb7yZU1YxS20BZ8yIsGrWx
lRwQ96frTqHJ/l72OamMrZW2QrdsT0mcUaM3t2sR50+pyyLWnbgmeyP3mJOJEAO0
f9pCUlEPXjNIgFjz5xTc8behKStTUT/pIB53z+bfA3LXLZ5iHTxoXoqNa4xZZJyu
32XQdFIKQSbkFw==
-----END CERTIFICATE-----