Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
File:                     JUIq59QSPce_KI8TeeQ39uHLKpo.mft (raw, json)
Hash identifier:          Sd2kzaxGfi4S7n8sCFoUi8/ODjnxQSr1B//9LZII0uk=
Subject key identifier:   F1:5E:3A:69:16:17:67:1B:82:AC:71:B4:66:51:A8:CF:D6:AB:AB:51
Authority key identifier: 25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A
Certificate issuer:       /CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a
Certificate serial:       0197B745B7489214110EAC4F76E05EE27D9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
Manifest number:          0F31
Signing time:             Sat 28 Jun 2025 16:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:28 +0000
Files and hashes:         1: JUIq59QSPce_KI8TeeQ39uHLKpo.crl (hash: gn9k2ErueVRLogrMwhGmvJHYyXiIktXLMVTRwvmrdGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:b7:48:92:14:11:0e:ac:4f:76:e0:5e:e2:7d:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a
        Validity
            Not Before: Jun 28 16:01:28 2025 GMT
            Not After : Jun 29 16:01:28 2025 GMT
        Subject: CN=f15e3a691617671b82ac71b46651a8cfd6abab51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:66:e8:0c:42:a3:96:20:c9:ce:e8:ae:e2:9d:
                    31:64:01:01:e2:7f:80:ae:52:5d:11:a4:31:fd:cb:
                    82:4d:e1:4d:83:fc:f7:40:3a:f2:fa:0f:3b:dc:84:
                    57:ec:ab:51:b3:c6:09:5d:b2:87:10:49:f3:eb:b5:
                    02:94:9d:51:7a:d0:29:c0:72:1a:61:4b:ca:38:3d:
                    e7:4d:0e:69:39:ec:d5:c6:bf:58:a3:9d:ca:93:10:
                    60:b7:5d:84:46:58:5d:d9:18:14:bb:6a:ee:50:d8:
                    1d:4a:dd:a6:0c:d2:60:6a:eb:b3:25:e4:fc:ac:ad:
                    04:43:f6:85:ec:a1:dd:53:25:f1:68:47:59:4d:f0:
                    6a:81:9d:e6:65:47:3f:5e:fd:01:64:02:47:66:c6:
                    75:35:ad:0a:8a:75:49:65:f9:94:39:f1:6d:f9:0f:
                    95:f2:61:32:c2:b1:e0:72:1b:be:8e:01:1b:8d:ef:
                    80:ed:10:0f:4e:37:a0:1e:fe:0d:d4:2b:f9:cc:11:
                    b5:b3:ed:e8:c3:d0:46:68:83:71:67:31:48:5e:a1:
                    21:8c:b8:9a:95:db:b7:f5:ee:05:9c:c5:8b:ef:87:
                    5e:15:2f:4e:20:71:22:bc:b4:f0:f9:97:97:dd:13:
                    70:43:4f:3f:74:a0:92:6c:b9:62:f2:36:ea:a9:7b:
                    80:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:5E:3A:69:16:17:67:1B:82:AC:71:B4:66:51:A8:CF:D6:AB:AB:51
            X509v3 Authority Key Identifier:
                keyid:25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:1e:a5:0b:9d:ff:b4:c8:bf:fc:29:9a:95:0b:6f:3a:be:2a:
         36:05:0d:17:59:5a:3a:da:1a:b6:0b:65:5a:bf:cf:62:8e:61:
         89:44:9f:b7:8c:87:cb:70:7d:c4:2a:a8:49:70:8d:d4:63:19:
         b0:ac:92:29:da:f8:23:b9:b5:c0:9e:ee:81:eb:2e:fe:f4:1b:
         f6:d9:2f:78:30:26:40:19:84:df:c3:8b:36:2f:55:12:1c:73:
         42:34:af:6a:55:55:e1:58:5b:d5:a2:2d:a3:9f:8f:ce:45:8b:
         8e:c4:95:d1:f1:b2:46:8f:18:e6:85:cd:d9:1d:7e:ec:c4:e1:
         5e:39:eb:71:f9:9b:49:5a:be:34:25:40:f1:d1:85:5e:81:cb:
         45:7d:60:c7:5d:e4:d3:47:fc:99:27:55:fb:18:f7:83:bd:61:
         62:66:c3:7d:80:eb:49:9b:8e:ec:ec:3b:c6:a8:6c:82:39:90:
         40:b3:ab:a2:ab:04:cb:be:21:f2:35:25:af:53:a1:cb:b5:16:
         9a:e4:d3:8b:f4:b0:48:00:e1:55:74:7f:88:86:05:31:48:9e:
         f3:1f:8b:13:0a:96:f5:56:0c:f1:46:f7:1c:1c:2f:91:f7:f9:
         69:0b:91:07:1d:1f:f4:f9:0f:d1:e7:aa:03:ba:20:64:86:7e:
         11:82:df:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RbdIkhQRDqxPduBe4n2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDIyYWU3ZDQxMjNkYzdiZjI4OGYxMzc5ZTQzN2Y2ZTFj
YjJhOWEwHhcNMjUwNjI4MTYwMTI4WhcNMjUwNjI5MTYwMTI4WjAzMTEwLwYDVQQD
EyhmMTVlM2E2OTE2MTc2NzFiODJhYzcxYjQ2NjUxYThjZmQ2YWJhYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmboDEKjliDJzuiu4p0xZAEB4n+A
rlJdEaQx/cuCTeFNg/z3QDry+g873IRX7KtRs8YJXbKHEEnz67UClJ1RetApwHIa
YUvKOD3nTQ5pOezVxr9Yo53KkxBgt12ERlhd2RgUu2ruUNgdSt2mDNJgauuzJeT8
rK0EQ/aF7KHdUyXxaEdZTfBqgZ3mZUc/Xv0BZAJHZsZ1Na0KinVJZfmUOfFt+Q+V
8mEywrHgchu+jgEbje+A7RAPTjegHv4N1Cv5zBG1s+3ow9BGaINxZzFIXqEhjLia
ldu39e4FnMWL74deFS9OIHEivLTw+ZeX3RNwQ08/dKCSbLli8jbqqXuANQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFeOmkWF2cbgqxxtGZRqM/Wq6tRMB8GA1UdIwQY
MBaAFCVCKufUEj3HvyiPE3nkN/bhyyqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAt
ZmFhNmJlY2RhZjA1LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAtZmFhNmJlY2RhZjA1
LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADB6lC53/
tMi//CmalQtvOr4qNgUNF1laOtoatgtlWr/PYo5hiUSft4yHy3B9xCqoSXCN1GMZ
sKySKdr4I7m1wJ7ugesu/vQb9tkveDAmQBmE38OLNi9VEhxzQjSvalVV4Vhb1aIt
o5+PzkWLjsSV0fGyRo8Y5oXN2R1+7MThXjnrcfmbSVq+NCVA8dGFXoHLRX1gx13k
00f8mSdV+xj3g71hYmbDfYDrSZuO7Ow7xqhsgjmQQLOroqsEy74h8jUlr1Ohy7UW
muTTi/SwSADhVXR/iIYFMUie8x+LEwqW9VYM8Ub3HBwvkff5aQuRBx0f9PkP0eeq
A7ogZIZ+EYLfyA==
-----END CERTIFICATE-----