Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          QZZqy0lFhzDq2PFS2z/i14mgh3/08QlxFiRjLVLeBPc=
Subject key identifier:   C0:68:1E:21:7A:94:61:FC:A1:06:E2:AA:E2:4D:C5:78:A0:7D:74:68
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       0196C013E331C5A3CCE8F25184976FC995A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          0995
Signing time:             Sun 11 May 2025 16:00:50 +0000
Manifest this update:     Sun 11 May 2025 16:00:50 +0000
Manifest next update:     Mon 12 May 2025 16:00:50 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: k6wZe9+ChHN4VWwJ90dTBw2+sejV2c1nbZYCOSs9zb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:13:e3:31:c5:a3:cc:e8:f2:51:84:97:6f:c9:95:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: May 11 16:00:50 2025 GMT
            Not After : May 12 16:00:50 2025 GMT
        Subject: CN=c0681e217a9461fca106e2aae24dc578a07d7468
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3f:f8:8f:f0:2e:ea:13:ce:03:17:b9:16:fe:
                    08:ff:63:1c:18:09:0e:65:3c:f3:8b:ba:c4:b2:58:
                    ed:de:4a:0d:47:53:eb:24:49:17:44:a2:79:6c:d0:
                    a4:04:aa:e0:61:13:57:76:db:eb:ac:f4:e2:cd:5c:
                    02:db:bb:77:ca:74:96:c3:b6:f4:b7:5d:11:48:c4:
                    1a:e8:d9:df:b8:e8:d8:31:9e:79:03:db:ae:e5:e1:
                    c5:5d:7a:6c:fd:da:ff:d2:cc:da:d8:9f:35:d1:57:
                    30:11:10:6b:7d:3b:44:eb:b0:ea:bf:90:dd:84:d9:
                    b7:4d:ac:63:e0:43:27:4b:b2:57:1a:b7:ad:56:56:
                    2e:ab:59:5e:18:04:93:c5:1d:fb:eb:4b:cf:38:b0:
                    35:47:72:68:92:18:a4:09:fe:81:14:43:3c:dc:06:
                    09:af:d1:52:f6:7e:5b:64:3c:4b:10:0a:10:63:bf:
                    cc:3c:dd:da:e3:a2:ff:3e:a0:39:1a:37:77:53:af:
                    e1:71:5c:bb:ff:e8:96:0e:79:0b:9a:56:fb:cf:25:
                    23:51:ae:32:71:90:60:78:65:6f:68:0d:18:94:bb:
                    6c:53:8e:7d:4b:a0:68:f1:97:c6:58:d0:80:3a:07:
                    81:5c:b2:a1:29:c4:d2:22:a8:3f:05:7a:72:8f:a3:
                    35:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:68:1E:21:7A:94:61:FC:A1:06:E2:AA:E2:4D:C5:78:A0:7D:74:68
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:7f:c0:52:7c:42:df:cb:41:92:ee:21:1f:dd:d6:40:a6:f7:
         4b:43:8b:47:f6:e9:fb:bc:47:34:9f:2a:7b:72:f5:35:73:12:
         8c:7f:09:01:45:18:38:62:4f:ac:48:4d:7b:5e:37:2d:5c:07:
         7b:11:f8:09:7b:43:98:46:4a:a6:3e:a2:ba:c0:a8:2b:8c:ff:
         54:d8:7c:90:ac:7d:1b:01:1a:79:19:62:47:08:f3:fe:d4:c0:
         30:cb:68:71:a4:e1:1e:bf:ba:05:a2:3d:9d:da:13:d4:7d:dd:
         6b:97:d3:02:2b:8c:02:7b:61:e8:54:2f:b0:bb:20:1b:53:14:
         e7:ca:3f:c3:67:4b:ef:61:90:4c:fb:97:ee:e0:56:f0:4a:a3:
         ec:95:a5:2f:a4:28:ee:8f:52:4c:57:eb:09:40:2a:7e:c7:ed:
         14:f6:e6:88:f9:d5:3d:33:0a:f1:11:2a:fd:ee:0e:9a:17:f1:
         bf:7a:eb:df:59:7c:68:d2:c8:d4:80:cd:89:97:aa:75:c7:40:
         8d:c3:2d:73:09:4c:30:fa:c5:8c:9e:2c:e1:33:2d:d1:6f:f1:
         9b:74:04:f6:ca:1b:1d:f4:81:f3:a5:08:42:1a:03:43:fc:ad:
         8b:15:01:a2:5e:38:23:4a:71:37:ea:b3:95:2c:7e:a2:4b:f3:
         38:fb:8e:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAE+MxxaPM6PJRhJdvyZWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjUwNTExMTYwMDUwWhcNMjUwNTEyMTYwMDUwWjAzMTEwLwYDVQQD
EyhjMDY4MWUyMTdhOTQ2MWZjYTEwNmUyYWFlMjRkYzU3OGEwN2Q3NDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD/4j/Au6hPOAxe5Fv4I/2McGAkO
ZTzzi7rEsljt3koNR1PrJEkXRKJ5bNCkBKrgYRNXdtvrrPTizVwC27t3ynSWw7b0
t10RSMQa6NnfuOjYMZ55A9uu5eHFXXps/dr/0sza2J810VcwERBrfTtE67Dqv5Dd
hNm3Taxj4EMnS7JXGretVlYuq1leGASTxR3760vPOLA1R3JokhikCf6BFEM83AYJ
r9FS9n5bZDxLEAoQY7/MPN3a46L/PqA5Gjd3U6/hcVy7/+iWDnkLmlb7zyUjUa4y
cZBgeGVvaA0YlLtsU459S6Bo8ZfGWNCAOgeBXLKhKcTSIqg/BXpyj6M1kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBoHiF6lGH8oQbiquJNxXigfXRoMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa3/AUnxC
38tBku4hH93WQKb3S0OLR/bp+7xHNJ8qe3L1NXMSjH8JAUUYOGJPrEhNe143LVwH
exH4CXtDmEZKpj6iusCoK4z/VNh8kKx9GwEaeRliRwjz/tTAMMtocaThHr+6BaI9
ndoT1H3da5fTAiuMAnth6FQvsLsgG1MU58o/w2dL72GQTPuX7uBW8Eqj7JWlL6Qo
7o9STFfrCUAqfsftFPbmiPnVPTMK8REq/e4Omhfxv3rr31l8aNLI1IDNiZeqdcdA
jcMtcwlMMPrFjJ4s4TMt0W/xm3QE9sobHfSB86UIQhoDQ/ytixUBol44I0pxN+qz
lSx+okvzOPuOjA==
-----END CERTIFICATE-----