Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
File:                     j07qcuRTHJKm4A708ZGmEn6VbS0.mft (raw, json)
Hash identifier:          rN2bILA2t98hO5S8Tmw3EJJH9yDZ3Y8cdTi8nhENQ2I=
Subject key identifier:   0D:76:9D:65:A8:E8:12:78:1F:F3:2F:71:FA:DF:3D:46:12:83:11:F7
Authority key identifier: 8F:4E:EA:72:E4:53:1C:92:A6:E0:0E:F4:F1:91:A6:12:7E:95:6D:2D
Certificate issuer:       /CN=8f4eea72e4531c92a6e00ef4f191a6127e956d2d
Certificate serial:       0196C15DA7E4505655EBB3996B59A398CA40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
Manifest number:          09ED
Signing time:             Sun 11 May 2025 22:01:02 +0000
Manifest this update:     Sun 11 May 2025 22:01:02 +0000
Manifest next update:     Mon 12 May 2025 22:01:02 +0000
Files and hashes:         1: j07qcuRTHJKm4A708ZGmEn6VbS0.crl (hash: qAvnnU0VVuKEEe7OIZQ8lNKa0bTTL7uORouPTMYY1BA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:a7:e4:50:56:55:eb:b3:99:6b:59:a3:98:ca:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4eea72e4531c92a6e00ef4f191a6127e956d2d
        Validity
            Not Before: May 11 22:01:02 2025 GMT
            Not After : May 12 22:01:02 2025 GMT
        Subject: CN=0d769d65a8e812781ff32f71fadf3d46128311f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:02:f7:aa:dd:a6:32:61:e7:ea:70:fc:0d:f2:
                    87:4d:09:25:d7:80:02:83:6a:79:c0:54:bb:13:1d:
                    e7:42:a3:45:75:4b:ce:dc:6e:ed:cc:86:b3:c3:2e:
                    b4:69:ed:ce:ba:d0:2c:cd:ca:40:42:da:1b:26:1d:
                    89:c8:de:b0:86:8b:4f:61:b4:47:ab:0b:a1:07:0c:
                    01:f3:66:12:2b:1c:f6:15:2f:14:31:10:58:0d:05:
                    09:e1:dc:3b:86:7c:c3:03:f6:b2:fe:1b:f4:32:0a:
                    78:fd:57:fb:02:cf:82:f7:0f:b1:ef:ff:c0:c2:66:
                    6d:5b:60:11:f9:fc:f3:d2:a1:22:bf:d3:90:1d:6d:
                    03:65:30:d9:c0:08:cb:24:ee:09:47:c5:8d:56:9e:
                    1d:71:1f:41:af:d5:0f:63:38:b7:ed:8a:f3:be:9d:
                    1b:b0:3e:0c:fb:47:b1:2a:67:d7:af:98:5d:d0:84:
                    4b:2f:65:e7:c9:12:55:ae:c4:5e:36:f5:fb:86:ab:
                    cf:3a:a8:6c:e5:1c:6f:90:24:4f:54:20:39:7a:18:
                    93:34:af:d5:ca:98:22:0a:1a:78:8b:d1:7e:a2:22:
                    ef:1f:08:83:c3:5b:f0:8a:9c:74:98:8f:51:12:61:
                    19:94:f4:63:df:ea:a1:24:3a:ff:86:ae:70:de:b6:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:76:9D:65:A8:E8:12:78:1F:F3:2F:71:FA:DF:3D:46:12:83:11:F7
            X509v3 Authority Key Identifier:
                keyid:8F:4E:EA:72:E4:53:1C:92:A6:E0:0E:F4:F1:91:A6:12:7E:95:6D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:d7:68:db:d7:b1:65:6f:92:b1:70:97:97:c7:5b:cf:83:18:
         55:33:24:7d:bb:65:0a:9c:99:fa:14:1a:c5:e7:8b:29:c5:ad:
         8d:de:57:7e:1b:66:4a:2c:72:62:70:6c:c6:a1:cc:a4:00:59:
         1c:a7:65:f0:94:58:ed:51:27:2f:01:e2:71:74:4d:2d:5a:2a:
         c6:d5:bf:81:30:0c:c0:21:bc:80:3b:4a:31:16:cc:66:f9:8a:
         5c:e3:40:0c:ca:42:f7:36:11:9e:40:ae:a5:4b:db:f0:74:3e:
         ee:76:31:69:06:ab:75:d8:f9:2d:1e:bc:1e:62:e0:c7:d1:81:
         a0:7f:5d:0f:11:e8:3b:a7:87:ac:37:f2:e5:12:03:58:31:7b:
         ad:90:64:cf:ae:05:9a:74:f8:c3:bb:15:90:18:c3:e4:ae:ca:
         20:25:37:ff:d8:5d:07:4e:6a:6f:b6:b0:2d:77:5d:3a:76:74:
         83:29:d7:c2:ef:13:b5:34:e3:98:0a:cb:9b:ae:c9:01:54:e7:
         84:27:35:88:39:25:6d:b5:a7:51:1a:37:14:4f:46:b9:bb:c2:
         db:d1:67:f5:fb:2d:88:18:63:f3:f9:13:d6:6f:a9:f8:66:3a:
         33:0e:d7:ff:34:e9:37:b0:90:d2:9d:59:3d:31:fe:2f:1e:fb:
         eb:2c:7b:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXafkUFZV67OZa1mjmMpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNGVlYTcyZTQ1MzFjOTJhNmUwMGVmNGYxOTFhNjEyN2U5
NTZkMmQwHhcNMjUwNTExMjIwMTAyWhcNMjUwNTEyMjIwMTAyWjAzMTEwLwYDVQQD
EygwZDc2OWQ2NWE4ZTgxMjc4MWZmMzJmNzFmYWRmM2Q0NjEyODMxMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowL3qt2mMmHn6nD8DfKHTQkl14AC
g2p5wFS7Ex3nQqNFdUvO3G7tzIazwy60ae3OutAszcpAQtobJh2JyN6whotPYbRH
qwuhBwwB82YSKxz2FS8UMRBYDQUJ4dw7hnzDA/ay/hv0Mgp4/Vf7As+C9w+x7//A
wmZtW2AR+fzz0qEiv9OQHW0DZTDZwAjLJO4JR8WNVp4dcR9Br9UPYzi37Yrzvp0b
sD4M+0exKmfXr5hd0IRLL2XnyRJVrsReNvX7hqvPOqhs5RxvkCRPVCA5ehiTNK/V
ypgiChp4i9F+oiLvHwiDw1vwipx0mI9REmEZlPRj3+qhJDr/hq5w3rbfoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA12nWWo6BJ4H/MvcfrfPUYSgxH3MB8GA1UdIwQY
MBaAFI9O6nLkUxySpuAO9PGRphJ+lW0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82N2U2MjMtNzk0NS00MDllLWFkMzIt
NDYxOGZiZmE0Yzg5LzEvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82N2U2MjMtNzk0NS00MDllLWFkMzItNDYxOGZiZmE0Yzg5
LzEvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdNdo29ex
ZW+SsXCXl8dbz4MYVTMkfbtlCpyZ+hQaxeeLKcWtjd5XfhtmSixyYnBsxqHMpABZ
HKdl8JRY7VEnLwHicXRNLVoqxtW/gTAMwCG8gDtKMRbMZvmKXONADMpC9zYRnkCu
pUvb8HQ+7nYxaQarddj5LR68HmLgx9GBoH9dDxHoO6eHrDfy5RIDWDF7rZBkz64F
mnT4w7sVkBjD5K7KICU3/9hdB05qb7awLXddOnZ0gynXwu8TtTTjmArLm67JAVTn
hCc1iDklbbWnURo3FE9GubvC29Fn9fstiBhj8/kT1m+p+GY6Mw7X/zTpN7CQ0p1Z
PTH+Lx776yx7dQ==
-----END CERTIFICATE-----