Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
File:                     izHINiDus1ExJXtb-vqrOTRSyJE.mft (raw, json)
Hash identifier:          dcIkHVDTYfBgR4RGpmydCLlPzXXvYWxsTr6wpMrx8pk=
Subject key identifier:   B9:26:FD:46:EC:24:E0:E8:46:AF:3A:07:4D:21:51:21:56:26:69:22
Authority key identifier: 8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91
Certificate issuer:       /CN=8b31c83620eeb35131257b5bfafaab393452c891
Certificate serial:       0196C0B88D7673DEFB5489F381937D7747B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
Manifest number:          1531
Signing time:             Sun 11 May 2025 19:00:42 +0000
Manifest this update:     Sun 11 May 2025 19:00:42 +0000
Manifest next update:     Mon 12 May 2025 19:00:42 +0000
Files and hashes:         1: izHINiDus1ExJXtb-vqrOTRSyJE.crl (hash: ce3uAbNgpNv2QYxe71sAEGUno/jgQc7Du7CecjpUsQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:b8:8d:76:73:de:fb:54:89:f3:81:93:7d:77:47:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b31c83620eeb35131257b5bfafaab393452c891
        Validity
            Not Before: May 11 19:00:42 2025 GMT
            Not After : May 12 19:00:42 2025 GMT
        Subject: CN=b926fd46ec24e0e846af3a074d21512156266922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:16:71:86:39:26:93:ed:35:5f:29:fd:1a:45:
                    bb:ba:49:04:50:78:84:31:37:da:24:91:dc:3d:9c:
                    6e:ab:c6:e9:bc:5c:1c:92:fd:08:9f:d2:e3:ed:02:
                    ff:ae:b7:73:81:14:fb:6e:7d:27:94:84:b8:45:d9:
                    bc:9c:96:93:ec:29:af:6b:a4:54:be:80:42:60:d0:
                    a2:79:2a:61:c0:81:7d:de:4e:62:c5:74:ce:bf:c1:
                    26:fe:74:65:c8:b1:e9:53:27:ca:63:0e:f3:5b:ea:
                    6c:9e:27:1a:8d:d2:95:ae:95:26:e2:fe:1b:09:f8:
                    0a:53:87:b0:a9:2c:96:42:95:24:74:9d:96:1e:7d:
                    85:f1:8b:de:0f:18:60:2b:ca:d7:50:0e:cc:36:e2:
                    25:9f:80:f3:65:88:48:11:0a:b9:81:c7:da:2d:1f:
                    b3:45:19:48:c4:ed:ab:30:2e:e0:c9:2b:64:e2:67:
                    fa:82:4c:6b:32:b6:56:86:16:53:75:d7:c2:c4:76:
                    5e:d5:fb:d2:d6:52:e2:ba:18:05:3d:13:23:4b:1e:
                    ea:a5:e2:a5:6d:33:f3:10:e6:2c:2d:41:71:15:ba:
                    91:38:7f:e7:6f:62:90:eb:fc:1c:a9:ff:04:4d:60:
                    5f:6d:d5:46:e1:36:05:d5:30:7c:76:f4:d4:1f:23:
                    a3:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:26:FD:46:EC:24:E0:E8:46:AF:3A:07:4D:21:51:21:56:26:69:22
            X509v3 Authority Key Identifier:
                keyid:8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:a9:19:eb:cb:88:9e:71:4f:8f:ac:62:7a:b7:58:2a:86:ac:
         7f:dd:97:f7:cd:02:a8:3a:e5:66:75:f2:92:fa:38:61:f1:8d:
         a8:a9:91:ae:f3:7d:89:16:4f:99:e1:3f:64:cc:77:31:2e:eb:
         e1:b5:bd:1d:51:cc:f6:6f:c3:dd:c2:aa:d1:cf:a8:18:53:07:
         65:aa:e1:39:7b:6d:1c:bb:a4:1c:5f:82:65:7b:2b:7a:3d:43:
         b8:8d:21:0f:d5:c5:cb:32:47:19:9a:be:a9:b7:22:da:67:9c:
         bd:d3:98:79:56:c4:f4:bf:e0:f3:21:a0:4f:c6:ff:a8:a5:98:
         39:a5:30:48:d3:49:b1:1c:fd:0b:86:9e:0c:46:4e:ae:55:56:
         3e:8f:cb:e7:f2:8f:bc:6d:81:21:a2:1a:19:f1:f4:95:3e:78:
         4a:5c:9f:9a:47:61:f0:bd:3c:f2:84:6a:6e:a0:36:57:61:96:
         12:1e:3f:25:3a:48:cb:db:0b:80:9f:f1:71:b3:07:c1:7e:f0:
         c0:80:08:1e:0e:ee:81:2f:93:8e:c6:c3:b2:ff:ad:59:47:a5:
         0f:4f:ec:2a:92:1d:44:a3:28:da:63:a9:2b:54:17:1b:7e:25:
         1a:f6:be:c2:7b:b0:7f:1c:22:e0:ca:9e:66:4f:ee:f2:d7:45:
         bd:fe:67:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAuI12c977VInzgZN9d0eyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzFjODM2MjBlZWIzNTEzMTI1N2I1YmZhZmFhYjM5MzQ1
MmM4OTEwHhcNMjUwNTExMTkwMDQyWhcNMjUwNTEyMTkwMDQyWjAzMTEwLwYDVQQD
EyhiOTI2ZmQ0NmVjMjRlMGU4NDZhZjNhMDc0ZDIxNTEyMTU2MjY2OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRZxhjkmk+01Xyn9GkW7ukkEUHiE
MTfaJJHcPZxuq8bpvFwckv0In9Lj7QL/rrdzgRT7bn0nlIS4Rdm8nJaT7Cmva6RU
voBCYNCieSphwIF93k5ixXTOv8Em/nRlyLHpUyfKYw7zW+psnicajdKVrpUm4v4b
CfgKU4ewqSyWQpUkdJ2WHn2F8YveDxhgK8rXUA7MNuIln4DzZYhIEQq5gcfaLR+z
RRlIxO2rMC7gyStk4mf6gkxrMrZWhhZTddfCxHZe1fvS1lLiuhgFPRMjSx7qpeKl
bTPzEOYsLUFxFbqROH/nb2KQ6/wcqf8ETWBfbdVG4TYF1TB8dvTUHyOj8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkm/UbsJODoRq86B00hUSFWJmkiMB8GA1UdIwQY
MBaAFIsxyDYg7rNRMSV7W/r6qzk0UsiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEt
Zjg0Njc0ZDQ2MzAzLzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEtZjg0Njc0ZDQ2MzAz
LzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATKkZ68uI
nnFPj6xierdYKoasf92X980CqDrlZnXykvo4YfGNqKmRrvN9iRZPmeE/ZMx3MS7r
4bW9HVHM9m/D3cKq0c+oGFMHZarhOXttHLukHF+CZXsrej1DuI0hD9XFyzJHGZq+
qbci2mecvdOYeVbE9L/g8yGgT8b/qKWYOaUwSNNJsRz9C4aeDEZOrlVWPo/L5/KP
vG2BIaIaGfH0lT54Slyfmkdh8L088oRqbqA2V2GWEh4/JTpIy9sLgJ/xcbMHwX7w
wIAIHg7ugS+TjsbDsv+tWUelD0/sKpIdRKMo2mOpK1QXG34lGva+wnuwfxwi4Mqe
Zk/u8tdFvf5noA==
-----END CERTIFICATE-----