Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          yvKV7pq5VZnO3D+N8UxyJCoiiuyZ4T0stgI1LqZHYiY=
Subject key identifier:   67:DB:D5:9A:26:41:CD:60:B2:58:9E:FB:BB:BA:BC:C6:90:B8:C3:AC
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       0196BAB65AE0615D44D9190306DD178FF640
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          126E
Signing time:             Sat 10 May 2025 15:00:35 +0000
Manifest this update:     Sat 10 May 2025 15:00:35 +0000
Manifest next update:     Sun 11 May 2025 15:00:35 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: 21S+eaJAh2D1l0hvvVUd+1x7kjyhxOwF9GqJf/HlGxs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:b6:5a:e0:61:5d:44:d9:19:03:06:dd:17:8f:f6:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: May 10 15:00:35 2025 GMT
            Not After : May 11 15:00:35 2025 GMT
        Subject: CN=67dbd59a2641cd60b2589efbbbbabcc690b8c3ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e0:9a:ce:ae:fe:c9:3f:93:e9:0f:67:87:b1:
                    0b:a7:5e:2b:42:73:4c:1e:91:40:80:40:7f:06:05:
                    a5:c1:67:2a:41:98:55:9b:73:5a:67:7a:67:e0:7b:
                    f0:47:83:35:12:43:25:5b:c6:26:61:a2:b4:e5:44:
                    50:b8:e1:46:53:6e:4e:25:e4:88:39:6f:81:cf:84:
                    d6:b1:2b:74:15:9a:03:2a:db:3b:e9:5c:dd:f1:bb:
                    d1:68:6b:6b:c5:df:21:e5:d0:e4:b4:68:c6:35:e0:
                    bf:5c:41:01:08:dd:bc:b3:76:90:89:c4:33:ca:e7:
                    b4:4f:3c:4a:b7:8c:7d:12:20:46:21:1a:29:c9:a4:
                    fc:55:cb:d5:b1:da:80:ff:84:9f:05:5d:3c:c3:9d:
                    ec:da:89:34:0d:d4:7a:d0:36:31:27:ee:1d:dd:7c:
                    c5:df:ff:a7:ab:96:0f:4b:28:90:83:5e:d7:cf:4b:
                    91:56:1a:45:20:12:99:e0:81:8b:45:b7:e2:f4:8e:
                    31:5f:f6:29:ba:03:f5:91:83:b5:32:5d:2e:8f:de:
                    44:ab:53:08:f8:74:06:04:c4:c4:a7:84:db:be:84:
                    43:5b:86:ae:a6:a5:d8:f9:dd:17:5d:cd:97:1f:ff:
                    65:30:d7:e6:25:99:83:e2:0e:88:a0:6b:66:90:3d:
                    1c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:DB:D5:9A:26:41:CD:60:B2:58:9E:FB:BB:BA:BC:C6:90:B8:C3:AC
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:8a:bb:92:35:82:41:0e:66:57:7c:e7:59:af:ce:82:d8:d3:
         a6:0f:eb:28:7b:b2:9a:12:76:53:3c:a6:c0:58:29:dd:80:fd:
         cb:74:42:99:c8:9a:85:8a:17:67:09:96:af:2d:0b:26:27:ab:
         5b:74:0e:fd:c2:96:3a:83:9f:3a:c2:2a:e4:c1:53:58:96:e1:
         a0:12:46:fc:c6:6b:a3:00:09:db:12:fa:4e:b8:2b:88:b5:bc:
         2a:2a:06:22:76:37:60:65:3a:ff:52:50:a2:ce:71:7f:c3:e0:
         2a:c4:94:1e:78:8f:f1:52:41:35:23:f8:e7:93:96:57:72:da:
         1c:3d:33:39:ce:09:a9:b9:bf:53:8b:f6:bc:91:bb:d6:df:3c:
         e0:df:07:bb:7e:67:9d:da:00:9e:1f:c3:34:b7:df:69:05:9a:
         f2:65:9a:ba:f5:f0:4d:46:4a:cf:fc:cf:a6:01:e5:53:7f:34:
         74:b4:9f:6d:8c:b2:ee:66:f6:43:ec:b4:8d:33:d4:b0:4d:25:
         e7:ae:97:aa:87:b5:4d:7a:08:79:d4:bb:23:87:a2:52:e5:56:
         c2:62:ce:7a:63:3c:f1:22:91:71:28:9e:e8:02:84:d0:0c:ec:
         5f:fd:0e:49:9b:19:9d:6f:ae:2e:67:d5:be:65:c6:89:7c:e8:
         a1:b8:bf:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6tlrgYV1E2RkDBt0Xj/ZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjUwNTEwMTUwMDM1WhcNMjUwNTExMTUwMDM1WjAzMTEwLwYDVQQD
Eyg2N2RiZDU5YTI2NDFjZDYwYjI1ODllZmJiYmJhYmNjNjkwYjhjM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquCazq7+yT+T6Q9nh7ELp14rQnNM
HpFAgEB/BgWlwWcqQZhVm3NaZ3pn4HvwR4M1EkMlW8YmYaK05URQuOFGU25OJeSI
OW+Bz4TWsSt0FZoDKts76Vzd8bvRaGtrxd8h5dDktGjGNeC/XEEBCN28s3aQicQz
yue0TzxKt4x9EiBGIRopyaT8VcvVsdqA/4SfBV08w53s2ok0DdR60DYxJ+4d3XzF
3/+nq5YPSyiQg17Xz0uRVhpFIBKZ4IGLRbfi9I4xX/YpugP1kYO1Ml0uj95Eq1MI
+HQGBMTEp4TbvoRDW4aupqXY+d0XXc2XH/9lMNfmJZmD4g6IoGtmkD0cswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfb1ZomQc1gslie+7u6vMaQuMOsMB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArYq7kjWC
QQ5mV3znWa/OgtjTpg/rKHuymhJ2UzymwFgp3YD9y3RCmciahYoXZwmWry0LJier
W3QO/cKWOoOfOsIq5MFTWJbhoBJG/MZrowAJ2xL6TrgriLW8KioGInY3YGU6/1JQ
os5xf8PgKsSUHniP8VJBNSP455OWV3LaHD0zOc4Jqbm/U4v2vJG71t884N8Hu35n
ndoAnh/DNLffaQWa8mWauvXwTUZKz/zPpgHlU380dLSfbYyy7mb2Q+y0jTPUsE0l
566Xqoe1TXoIedS7I4eiUuVWwmLOemM88SKRcSie6AKE0AzsX/0OSZsZnW+uLmfV
vmXGiXzoobi/IQ==
-----END CERTIFICATE-----