Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
File:                     JUIq59QSPce_KI8TeeQ39uHLKpo.mft (raw, json)
Hash identifier:          xX5zeJwF98mTjz5EhCSabD3xL+aB1hMzf+7L4Luszl4=
Subject key identifier:   D7:2A:73:FA:D7:B6:52:97:62:85:9C:57:91:A6:2F:2D:AD:86:2A:F6
Authority key identifier: 25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A
Certificate issuer:       /CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a
Certificate serial:       0196B66BC0340D7E462F432EAD2CEC262463
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
Manifest number:          0EAC
Signing time:             Fri 09 May 2025 19:00:36 +0000
Manifest this update:     Fri 09 May 2025 19:00:36 +0000
Manifest next update:     Sat 10 May 2025 19:00:36 +0000
Files and hashes:         1: JUIq59QSPce_KI8TeeQ39uHLKpo.crl (hash: AmJQqga7/UsEb3CQhpaTzpc07g86g0tZvkdpjQJoPF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 17:53:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b6:6b:c0:34:0d:7e:46:2f:43:2e:ad:2c:ec:26:24:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a
        Validity
            Not Before: May  9 19:00:36 2025 GMT
            Not After : May 10 19:00:36 2025 GMT
        Subject: CN=d72a73fad7b6529762859c5791a62f2dad862af6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:65:b0:f1:60:23:01:22:59:29:54:31:93:19:
                    39:80:e9:e5:46:b4:db:f3:6a:67:92:d3:d4:cc:59:
                    07:8a:a8:fe:c6:2a:b9:ae:9f:41:fd:f3:fd:69:1e:
                    04:27:00:ab:0c:2f:bc:55:8f:28:43:c5:a3:c4:e7:
                    21:84:94:3c:24:44:8b:aa:d3:71:1b:43:31:4b:a1:
                    e3:07:f8:8c:aa:25:92:f5:b7:da:c8:06:22:7b:3c:
                    6b:e5:50:0a:db:45:62:e7:bb:b7:18:85:21:6d:aa:
                    60:ba:2c:5f:46:08:a0:ad:8b:2e:4c:6c:14:15:cb:
                    58:44:d7:f6:ad:57:97:40:f2:b1:7e:d7:bc:53:dc:
                    22:f5:1b:dd:ff:75:db:5a:f4:93:a0:2e:af:9b:46:
                    47:a2:2c:ab:d0:20:dd:2f:b0:c8:74:c8:fe:bc:1b:
                    08:d4:f8:3c:25:ff:71:c8:a2:44:8f:cb:c9:5e:aa:
                    b7:10:33:07:f3:b4:e8:64:88:14:fe:d8:ad:83:55:
                    a3:a4:95:dd:74:f4:2f:84:70:0b:90:8a:68:cf:39:
                    63:4c:52:8e:17:1a:89:ae:a1:e0:d4:b5:fb:31:c5:
                    71:6b:d7:70:28:7c:be:ae:95:f2:91:da:11:5b:2d:
                    5d:d1:80:93:46:cb:37:47:db:d6:fa:83:f5:a4:e3:
                    17:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:2A:73:FA:D7:B6:52:97:62:85:9C:57:91:A6:2F:2D:AD:86:2A:F6
            X509v3 Authority Key Identifier:
                keyid:25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:22:c0:bd:2b:85:44:61:0e:b4:80:96:48:4b:a6:eb:47:9f:
         58:04:01:14:89:f8:0d:e9:82:70:60:73:9c:bb:f7:42:33:47:
         c9:ef:da:db:db:72:d7:c6:95:8d:de:a8:e9:84:ea:ff:82:44:
         5e:43:96:01:98:e3:c6:57:62:f7:45:bf:ea:64:c2:98:61:68:
         a8:7b:b5:8b:4b:43:ec:48:c4:43:f3:4d:9f:cf:86:4b:bc:3a:
         3f:dd:0f:d6:04:ae:65:e9:6e:5b:18:54:74:de:7c:03:90:3d:
         85:87:d8:72:b9:b4:90:b0:60:d0:78:d8:db:d6:7a:6b:d9:14:
         43:77:f2:cd:6b:8f:93:2f:02:04:62:1e:2c:fb:f4:f3:70:8e:
         2c:75:f7:76:ea:52:8d:a9:59:bf:74:51:c6:de:88:f7:3d:8a:
         4d:95:c6:a8:ec:6c:bb:e2:a8:89:0d:40:7b:2f:a5:41:9c:2a:
         78:99:00:e4:87:e3:fb:20:14:e2:ec:cf:f6:de:a9:6a:cd:5a:
         5f:f3:fe:03:56:51:2f:23:df:3d:68:93:ca:07:c2:b1:63:3a:
         4e:a5:cc:0f:91:4a:28:66:26:52:d4:93:99:32:d3:44:d0:af:
         cd:e3:73:7e:b8:58:65:a5:45:82:ce:02:d1:49:03:fd:2b:68:
         c8:87:08:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa2a8A0DX5GL0MurSzsJiRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDIyYWU3ZDQxMjNkYzdiZjI4OGYxMzc5ZTQzN2Y2ZTFj
YjJhOWEwHhcNMjUwNTA5MTkwMDM2WhcNMjUwNTEwMTkwMDM2WjAzMTEwLwYDVQQD
EyhkNzJhNzNmYWQ3YjY1Mjk3NjI4NTljNTc5MWE2MmYyZGFkODYyYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGWw8WAjASJZKVQxkxk5gOnlRrTb
82pnktPUzFkHiqj+xiq5rp9B/fP9aR4EJwCrDC+8VY8oQ8WjxOchhJQ8JESLqtNx
G0MxS6HjB/iMqiWS9bfayAYiezxr5VAK20Vi57u3GIUhbapguixfRgigrYsuTGwU
FctYRNf2rVeXQPKxfte8U9wi9Rvd/3XbWvSToC6vm0ZHoiyr0CDdL7DIdMj+vBsI
1Pg8Jf9xyKJEj8vJXqq3EDMH87ToZIgU/titg1WjpJXddPQvhHALkIpozzljTFKO
FxqJrqHg1LX7McVxa9dwKHy+rpXykdoRWy1d0YCTRss3R9vW+oP1pOMX5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcqc/rXtlKXYoWcV5GmLy2thir2MB8GA1UdIwQY
MBaAFCVCKufUEj3HvyiPE3nkN/bhyyqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAt
ZmFhNmJlY2RhZjA1LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAtZmFhNmJlY2RhZjA1
LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCLAvSuF
RGEOtICWSEum60efWAQBFIn4DemCcGBznLv3QjNHye/a29ty18aVjd6o6YTq/4JE
XkOWAZjjxldi90W/6mTCmGFoqHu1i0tD7EjEQ/NNn8+GS7w6P90P1gSuZeluWxhU
dN58A5A9hYfYcrm0kLBg0HjY29Z6a9kUQ3fyzWuPky8CBGIeLPv083COLHX3dupS
jalZv3RRxt6I9z2KTZXGqOxsu+KoiQ1Aey+lQZwqeJkA5Ifj+yAU4uzP9t6pas1a
X/P+A1ZRLyPfPWiTygfCsWM6TqXMD5FKKGYmUtSTmTLTRNCvzeNzfrhYZaVFgs4C
0UkD/StoyIcIIw==
-----END CERTIFICATE-----