Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          bNOb5jiLNBfhPWFDv1Oa0aCepr5EUqVTThjMYaGBPkA=
Subject key identifier:   A6:61:A2:B5:71:99:16:FF:B6:E3:AB:A3:67:28:81:6B:A3:45:C4:4D
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       01969E9A428A59DACAB51AA90E962961ADC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          1522
Signing time:             Mon 05 May 2025 04:00:31 +0000
Manifest this update:     Mon 05 May 2025 04:00:31 +0000
Manifest next update:     Tue 06 May 2025 04:00:31 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: DWB3hqpVCQRahUyNThWZ+fMxfjcqTai7tnxVEUTZeV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:42:8a:59:da:ca:b5:1a:a9:0e:96:29:61:ad:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: May  5 04:00:31 2025 GMT
            Not After : May  6 04:00:31 2025 GMT
        Subject: CN=a661a2b5719916ffb6e3aba36728816ba345c44d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b7:cb:77:fc:f6:35:ae:05:3a:3b:5f:b6:32:
                    c3:85:ff:36:1b:16:d9:6f:9a:5c:6f:b7:ca:06:b9:
                    35:9f:9e:bb:ed:9b:5f:49:26:8c:42:11:8c:30:0c:
                    18:c6:45:8f:5b:4f:3d:3b:18:07:9f:0b:a1:d7:29:
                    e7:f6:09:8d:e4:64:6c:fb:85:b5:65:e1:9f:29:fd:
                    0c:9e:9a:05:99:36:b9:16:a1:ca:e6:6f:36:71:1e:
                    63:c4:a7:78:1d:03:43:86:a5:52:c8:fe:7f:34:df:
                    eb:44:45:74:96:dd:91:e7:54:19:b1:90:ba:7b:40:
                    eb:6b:8b:59:7f:c4:3f:18:89:fb:35:3b:1b:9a:93:
                    77:53:06:ce:56:84:a9:a8:05:09:fa:45:e2:b3:cd:
                    1e:e2:66:40:ba:2f:4c:62:22:ff:6d:fb:61:34:1c:
                    7f:96:a0:41:69:99:79:79:83:01:28:c6:f5:c0:e4:
                    74:55:2a:8e:30:ea:08:91:8c:59:2d:79:79:bf:2e:
                    6d:0e:a8:bc:95:03:4f:2a:4e:12:b3:5c:8b:3d:65:
                    49:cf:8b:c3:88:75:db:75:44:74:94:96:d2:f1:bf:
                    6d:31:e8:1f:ce:d3:44:73:32:91:6b:b9:47:90:ff:
                    9a:ed:13:2c:64:d3:96:2b:22:4e:49:f0:34:17:4e:
                    db:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:61:A2:B5:71:99:16:FF:B6:E3:AB:A3:67:28:81:6B:A3:45:C4:4D
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:7c:e1:36:36:c8:40:7b:ec:11:1c:99:37:34:71:c4:1d:9b:
         4e:ce:3d:fd:79:e4:b0:41:2b:97:d2:62:74:e5:bb:4f:5e:e7:
         f2:15:21:30:db:43:b1:1f:fd:c2:c5:85:5f:a1:2e:08:76:9c:
         cb:97:cc:70:22:c8:54:76:2e:e8:17:d8:59:f1:fd:39:2f:27:
         57:05:86:d3:10:31:c3:26:d1:a5:fb:81:59:c2:a5:05:96:8d:
         3c:ad:f3:db:3b:ea:92:62:75:eb:46:57:b3:79:ec:54:80:19:
         6b:29:0e:e9:1d:39:57:8f:26:db:6f:91:10:95:a3:8b:4d:32:
         c3:fb:86:8f:a3:c5:0c:f3:56:52:f3:34:e6:71:26:33:89:36:
         86:ab:b2:e3:e7:ee:92:61:7e:63:2f:e5:20:84:f4:d0:8b:0e:
         57:1f:8b:2e:fe:34:5c:eb:0b:8c:2c:83:b4:db:db:bd:e2:aa:
         4f:99:54:8d:82:f2:91:f3:12:cd:a2:b8:0d:a4:b8:eb:32:a3:
         35:4a:aa:9f:fd:1f:ac:16:cc:1e:fc:9b:24:d7:31:3e:0c:e3:
         bf:61:a4:12:f1:3c:d8:3c:91:69:5a:02:c9:82:a2:63:47:26:
         bf:db:f2:54:59:88:4c:98:62:9f:4d:3c:a4:c7:05:d3:06:12:
         50:0c:15:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemkKKWdrKtRqpDpYpYa3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjUwNTA1MDQwMDMxWhcNMjUwNTA2MDQwMDMxWjAzMTEwLwYDVQQD
EyhhNjYxYTJiNTcxOTkxNmZmYjZlM2FiYTM2NzI4ODE2YmEzNDVjNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLfLd/z2Na4FOjtftjLDhf82GxbZ
b5pcb7fKBrk1n5677ZtfSSaMQhGMMAwYxkWPW089OxgHnwuh1ynn9gmN5GRs+4W1
ZeGfKf0MnpoFmTa5FqHK5m82cR5jxKd4HQNDhqVSyP5/NN/rREV0lt2R51QZsZC6
e0Dra4tZf8Q/GIn7NTsbmpN3UwbOVoSpqAUJ+kXis80e4mZAui9MYiL/bfthNBx/
lqBBaZl5eYMBKMb1wOR0VSqOMOoIkYxZLXl5vy5tDqi8lQNPKk4Ss1yLPWVJz4vD
iHXbdUR0lJbS8b9tMegfztNEczKRa7lHkP+a7RMsZNOWKyJOSfA0F07bswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZhorVxmRb/tuOro2cogWujRcRNMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaXzhNjbI
QHvsERyZNzRxxB2bTs49/XnksEErl9JidOW7T17n8hUhMNtDsR/9wsWFX6EuCHac
y5fMcCLIVHYu6BfYWfH9OS8nVwWG0xAxwybRpfuBWcKlBZaNPK3z2zvqkmJ160ZX
s3nsVIAZaykO6R05V48m22+REJWji00yw/uGj6PFDPNWUvM05nEmM4k2hquy4+fu
kmF+Yy/lIIT00IsOVx+LLv40XOsLjCyDtNvbveKqT5lUjYLykfMSzaK4DaS46zKj
NUqqn/0frBbMHvybJNcxPgzjv2GkEvE82DyRaVoCyYKiY0cmv9vyVFmITJhin008
pMcF0wYSUAwV5w==
-----END CERTIFICATE-----