Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          vT0If9ph6Ozc7F24Xn9SXVg/WSylg+QEI/9jawQtpr0=
Subject key identifier:   98:11:B2:07:6F:21:E1:DC:52:6C:44:38:71:0F:A4:ED:B8:68:38:B6
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       0197B7EA74B8E1CB3B0E7A144996CFF6C956
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0C49
Signing time:             Sat 28 Jun 2025 19:01:25 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:25 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:25 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: c/WJHPGHWkVEq04OhITWFu8KHexqGl2QCaVAbsXxQfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:74:b8:e1:cb:3b:0e:7a:14:49:96:cf:f6:c9:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Jun 28 19:01:25 2025 GMT
            Not After : Jun 29 19:01:25 2025 GMT
        Subject: CN=9811b2076f21e1dc526c4438710fa4edb86838b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a3:0b:87:8e:68:88:bb:b6:3b:9f:c1:fb:89:
                    e6:3e:8c:d0:40:9d:3b:db:70:0d:f7:37:6e:27:10:
                    a7:98:fb:44:54:48:e1:3f:23:c9:ab:56:43:cd:20:
                    fa:2a:30:78:23:1f:38:d3:24:38:75:c5:27:2f:02:
                    04:58:e7:d2:85:c1:87:33:e3:ab:be:7a:76:76:27:
                    c0:9c:dd:c0:cd:55:e5:67:4a:6e:01:33:4a:5e:f0:
                    bd:66:47:d0:dc:42:17:ac:af:3f:4d:a1:3a:07:7f:
                    fa:ea:2f:0e:50:60:ab:f9:67:e7:70:68:b7:d8:5f:
                    f3:e4:7c:1a:4c:86:f6:c3:7e:2c:30:40:ec:21:50:
                    b2:3b:30:06:ef:e3:6f:79:c7:fb:01:dc:f9:2b:45:
                    ea:47:33:7b:56:cd:56:3a:48:ce:cc:00:ec:25:61:
                    70:1b:1d:0d:50:61:dd:99:51:1c:b1:12:ad:62:46:
                    02:5f:65:2e:fe:ea:5b:9e:5a:5e:ea:18:01:14:1a:
                    d9:47:b4:96:ea:a8:75:de:a0:dd:d5:c1:71:b6:2c:
                    ee:39:5c:15:13:47:9c:20:03:a2:96:d7:59:df:7c:
                    9c:8c:98:f4:8f:ab:48:84:0a:c5:94:69:5a:13:02:
                    36:60:06:0a:83:d6:51:7d:83:62:76:2e:99:39:4f:
                    01:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:11:B2:07:6F:21:E1:DC:52:6C:44:38:71:0F:A4:ED:B8:68:38:B6
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:61:4e:19:71:13:35:f8:02:c0:52:81:eb:8d:46:dd:b4:f9:
         8a:1c:b5:2e:53:2a:bc:15:bc:6a:df:31:6e:45:6a:e4:26:06:
         f5:6f:c7:f3:19:c6:54:08:30:20:23:67:0a:c9:95:b0:8b:5b:
         2b:8d:bb:bb:84:9c:19:7d:8f:e9:50:7b:22:4c:59:38:ff:cb:
         f7:9b:76:48:d2:de:49:bd:79:52:12:25:fa:b8:02:47:79:87:
         8e:d5:89:6d:49:5b:0c:80:68:25:55:8b:af:2d:a8:95:9c:6f:
         ef:33:47:6d:27:d9:88:b2:0c:99:75:57:11:b7:c3:04:73:cc:
         4f:86:7e:1c:53:4c:80:bd:14:50:f9:b9:6e:02:b8:2a:74:1c:
         c1:66:cf:b0:59:29:0a:cf:59:b7:32:f8:94:c9:c6:da:b6:e9:
         65:84:18:82:d7:d4:f5:df:16:29:0f:30:20:39:4f:39:9c:08:
         ef:4c:f7:8e:2f:d2:fd:2f:cc:e9:73:25:26:5a:97:e3:2c:6a:
         b0:68:76:f1:1f:1e:65:7b:ea:4b:79:ce:74:d3:07:6c:3d:74:
         67:58:bd:a6:d9:38:70:59:67:07:ef:33:af:99:17:9a:af:07:
         1a:4e:4a:57:18:2f:9c:af:04:24:9e:6d:8f:dd:ee:47:8f:a4:
         b2:55:99:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36nS44cs7DnoUSZbP9slWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNjI4MTkwMTI1WhcNMjUwNjI5MTkwMTI1WjAzMTEwLwYDVQQD
Eyg5ODExYjIwNzZmMjFlMWRjNTI2YzQ0Mzg3MTBmYTRlZGI4NjgzOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26MLh45oiLu2O5/B+4nmPozQQJ07
23AN9zduJxCnmPtEVEjhPyPJq1ZDzSD6KjB4Ix840yQ4dcUnLwIEWOfShcGHM+Or
vnp2difAnN3AzVXlZ0puATNKXvC9ZkfQ3EIXrK8/TaE6B3/66i8OUGCr+WfncGi3
2F/z5HwaTIb2w34sMEDsIVCyOzAG7+Nvecf7Adz5K0XqRzN7Vs1WOkjOzADsJWFw
Gx0NUGHdmVEcsRKtYkYCX2Uu/upbnlpe6hgBFBrZR7SW6qh13qDd1cFxtizuOVwV
E0ecIAOiltdZ33ycjJj0j6tIhArFlGlaEwI2YAYKg9ZRfYNidi6ZOU8BrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgRsgdvIeHcUmxEOHEPpO24aDi2MB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWFOGXET
NfgCwFKB641G3bT5ihy1LlMqvBW8at8xbkVq5CYG9W/H8xnGVAgwICNnCsmVsItb
K427u4ScGX2P6VB7IkxZOP/L95t2SNLeSb15UhIl+rgCR3mHjtWJbUlbDIBoJVWL
ry2olZxv7zNHbSfZiLIMmXVXEbfDBHPMT4Z+HFNMgL0UUPm5bgK4KnQcwWbPsFkp
Cs9ZtzL4lMnG2rbpZYQYgtfU9d8WKQ8wIDlPOZwI70z3ji/S/S/M6XMlJlqX4yxq
sGh28R8eZXvqS3nOdNMHbD10Z1i9ptk4cFlnB+8zr5kXmq8HGk5KVxgvnK8EJJ5t
j93uR4+kslWZlQ==
-----END CERTIFICATE-----