Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          ZPB3w2EzgIp7hycaIlJZMO3CbkKx21IV3D7T+ZfK84Y=
Subject key identifier:   7D:2B:22:55:13:BC:99:D6:EF:55:C8:23:E5:39:48:97:38:69:3F:33
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       0196C49507F3AA5014E87654094BBD2F9062
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0BCB
Signing time:             Mon 12 May 2025 13:00:23 +0000
Manifest this update:     Mon 12 May 2025 13:00:23 +0000
Manifest next update:     Tue 13 May 2025 13:00:23 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: SumMs9L/tJZW8LkE3FsKTX+8FbNiPRCY67gdpR08r5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 13:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:95:07:f3:aa:50:14:e8:76:54:09:4b:bd:2f:90:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: May 12 13:00:23 2025 GMT
            Not After : May 13 13:00:23 2025 GMT
        Subject: CN=7d2b225513bc99d6ef55c823e539489738693f33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:aa:a0:76:7a:c0:6d:40:da:0b:0d:e4:57:41:
                    de:38:27:ce:c3:66:5f:d8:ab:19:0a:4a:b5:a7:3a:
                    f7:3f:d6:62:ee:72:09:20:f4:4d:80:80:81:b8:8f:
                    6f:f2:40:20:17:65:6a:0c:5c:72:d2:ea:53:a1:25:
                    8b:e1:ce:0b:d6:a0:a4:bf:08:fc:c5:b0:34:b7:e7:
                    c9:4c:35:dc:15:c2:28:1c:1e:d0:90:a4:ed:b3:a2:
                    bd:3d:9c:f8:0a:b8:14:a8:e6:81:03:f4:5d:ff:07:
                    5e:f2:26:06:cd:d2:1f:79:5d:b2:67:10:3b:80:02:
                    d1:7d:6e:6f:24:b2:c3:50:73:67:35:bb:d9:45:31:
                    16:c3:29:58:23:ae:e2:72:25:05:16:f2:5e:ac:fb:
                    85:a4:8a:e4:e0:8c:8b:37:d4:1a:04:58:c7:94:d5:
                    95:7b:4b:65:97:e4:ab:4c:55:e6:de:0e:49:7e:4c:
                    2f:ea:63:e6:b0:c8:26:6b:62:47:69:1c:32:da:5d:
                    19:81:f8:e9:6c:ad:bf:9c:da:04:55:9a:e6:a4:a6:
                    6a:49:54:fd:f3:ce:1c:45:e8:6c:9b:03:93:f1:a9:
                    0c:dc:22:cf:1f:39:2d:81:a6:34:1f:ad:4c:e7:7f:
                    a2:a2:11:fa:b0:dd:63:7e:51:c5:8a:65:07:1f:a8:
                    aa:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2B:22:55:13:BC:99:D6:EF:55:C8:23:E5:39:48:97:38:69:3F:33
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:94:f6:e2:9f:6b:fd:37:1f:26:18:07:55:19:61:14:ae:ec:
         d5:e8:4c:dc:fe:d4:5e:42:08:ad:f8:7d:2e:10:22:b5:a7:4d:
         3f:d8:e0:5d:23:5e:9e:0a:f0:72:0c:9c:d8:2f:c6:a3:39:31:
         6f:42:8f:38:a5:8a:3e:b9:d5:c4:be:e3:7e:36:be:4d:32:a3:
         ea:11:14:ca:20:5c:ee:8d:d2:39:c0:13:07:65:ed:92:40:60:
         ae:5b:7d:24:50:a8:dc:67:96:92:67:cd:a0:51:8c:0d:e3:79:
         86:a4:96:ec:73:cb:44:05:a1:82:00:5d:b8:3e:a4:49:42:e6:
         e6:ea:ed:d6:fd:07:90:81:62:e0:37:0a:0e:ca:a6:e6:49:12:
         bc:83:74:3d:54:f8:5e:18:51:f1:42:b9:11:1b:16:cf:b4:67:
         27:38:4f:da:ef:d4:0f:22:92:d2:03:f6:3b:5a:eb:b5:c5:15:
         4d:4a:fa:c0:0a:85:09:1a:53:d0:3e:6a:c6:75:1e:50:ca:b4:
         4e:20:a3:70:02:44:9a:17:f9:d7:96:72:3b:7b:c6:25:cf:39:
         d8:2e:56:d0:ec:d2:2d:83:7b:20:c7:f3:e0:21:b9:c2:f3:12:
         80:7b:04:7e:a6:fc:2c:72:9e:97:7e:a5:67:bd:32:d4:f2:a3:
         2c:1d:c9:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbElQfzqlAU6HZUCUu9L5BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNTEyMTMwMDIzWhcNMjUwNTEzMTMwMDIzWjAzMTEwLwYDVQQD
Eyg3ZDJiMjI1NTEzYmM5OWQ2ZWY1NWM4MjNlNTM5NDg5NzM4NjkzZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6qgdnrAbUDaCw3kV0HeOCfOw2Zf
2KsZCkq1pzr3P9Zi7nIJIPRNgICBuI9v8kAgF2VqDFxy0upToSWL4c4L1qCkvwj8
xbA0t+fJTDXcFcIoHB7QkKTts6K9PZz4CrgUqOaBA/Rd/wde8iYGzdIfeV2yZxA7
gALRfW5vJLLDUHNnNbvZRTEWwylYI67iciUFFvJerPuFpIrk4IyLN9QaBFjHlNWV
e0tll+SrTFXm3g5Jfkwv6mPmsMgma2JHaRwy2l0ZgfjpbK2/nNoEVZrmpKZqSVT9
884cRehsmwOT8akM3CLPHzktgaY0H61M53+iohH6sN1jflHFimUHH6iqRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0rIlUTvJnW71XII+U5SJc4aT8zMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZT24p9r
/TcfJhgHVRlhFK7s1ehM3P7UXkIIrfh9LhAitadNP9jgXSNengrwcgyc2C/Gozkx
b0KPOKWKPrnVxL7jfja+TTKj6hEUyiBc7o3SOcATB2XtkkBgrlt9JFCo3GeWkmfN
oFGMDeN5hqSW7HPLRAWhggBduD6kSULm5urt1v0HkIFi4DcKDsqm5kkSvIN0PVT4
XhhR8UK5ERsWz7RnJzhP2u/UDyKS0gP2O1rrtcUVTUr6wAqFCRpT0D5qxnUeUMq0
TiCjcAJEmhf515ZyO3vGJc852C5W0OzSLYN7IMfz4CG5wvMSgHsEfqb8LHKel36l
Z70y1PKjLB3Jtw==
-----END CERTIFICATE-----