Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          +W0vFe6VFAGY1CGhuYpMIZvYKa0FRCNn5TuQgYU9m80=
Subject key identifier:   69:6D:AB:09:47:94:E7:08:30:13:BD:7D:CD:E5:2B:34:65:99:8A:E4
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       0198D473F85FDDB4539D02BB3F9D8FE1744E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          14F3
Signing time:             Sat 23 Aug 2025 01:03:46 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:46 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:46 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: eZcAcBPW2MWOMy6a/VDlynMpWSfDDFw291jD6PXBHN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:f8:5f:dd:b4:53:9d:02:bb:3f:9d:8f:e1:74:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Aug 23 01:03:46 2025 GMT
            Not After : Aug 24 01:03:46 2025 GMT
        Subject: CN=696dab094794e7083013bd7dcde52b3465998ae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:93:63:4b:fb:f1:95:8f:91:c6:f8:bd:b1:7c:
                    24:cb:21:24:73:b7:b7:a2:fb:bf:46:c1:61:07:8a:
                    62:73:ea:02:b2:e0:af:67:77:ee:6c:a7:e8:1d:41:
                    0d:67:3a:a0:f3:3f:00:93:33:e8:7a:b1:12:45:7d:
                    51:00:e6:fa:30:c5:1d:3a:62:e5:63:f3:de:55:7f:
                    8e:dd:8c:7a:2e:2b:84:3e:f5:50:ca:cd:ac:c6:28:
                    58:a6:87:94:dd:0e:eb:a6:8c:79:59:67:46:32:74:
                    71:ab:cb:dd:5b:45:00:03:10:0a:88:8e:16:1b:3d:
                    1f:b6:fd:e6:9f:12:b0:18:76:4e:72:21:d8:9e:fe:
                    36:ac:b1:f1:b9:68:57:f0:6e:38:be:f5:a0:10:1c:
                    95:d2:26:79:27:85:52:a8:ba:d0:39:3c:c8:c5:8e:
                    39:79:62:d5:62:8d:81:62:4e:79:c5:1b:19:2e:90:
                    9b:c8:5e:d9:04:f6:79:ae:f0:0e:54:86:e0:09:d2:
                    4a:64:5c:3d:f9:ff:de:4b:51:e8:6c:0e:cb:e9:c4:
                    31:c2:73:04:45:48:8d:fc:e9:1a:ab:fb:d8:55:87:
                    10:2d:10:7a:cb:15:5a:78:e1:8d:68:b9:ad:f1:2a:
                    9b:b3:08:22:ae:85:db:9f:bc:1e:75:4f:bd:c7:39:
                    12:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:6D:AB:09:47:94:E7:08:30:13:BD:7D:CD:E5:2B:34:65:99:8A:E4
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:a2:3f:fc:b6:cb:2c:9d:96:e8:92:72:91:5a:d9:19:d2:5b:
         20:ee:dc:b3:e7:c7:f3:87:76:5b:09:db:7d:f5:98:f0:9d:ed:
         a4:95:2e:8d:78:03:ea:35:49:db:b7:d9:f9:a5:ff:3d:f4:09:
         38:f7:be:3f:32:5b:e4:5b:8e:ff:c5:83:92:b3:d3:f7:a6:98:
         34:bb:c7:7d:78:88:48:36:0f:78:66:47:2f:19:91:a1:8b:f9:
         47:f3:59:1f:47:66:b0:0f:56:2b:a2:2d:f4:e7:94:c6:0d:2c:
         4c:ba:45:bd:cf:45:87:98:6c:c0:0c:3a:00:93:52:db:f7:ef:
         e1:bc:d1:f8:6d:bc:1b:e1:f2:7c:db:fa:cb:bd:01:cd:8a:80:
         f7:e2:c0:86:38:77:0b:16:14:e2:40:09:86:90:6b:e0:32:6e:
         25:fb:dd:d2:f6:7e:49:55:16:12:0f:17:6e:b5:c3:c5:0f:93:
         32:5e:db:da:2a:f2:f5:d8:93:53:7e:d7:c0:b7:8d:eb:dc:21:
         7b:17:a4:6d:fd:9b:13:9d:8f:4f:d4:c0:7e:9b:e5:89:f7:51:
         c1:17:7c:26:a8:10:32:1d:47:9c:78:74:b8:d3:da:f7:e1:30:
         37:9c:ed:b9:97:a3:9f:c1:6a:92:8d:67:ed:56:8c:bf:53:54:
         fd:e3:8d:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc/hf3bRTnQK7P52P4XROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjUwODIzMDEwMzQ2WhcNMjUwODI0MDEwMzQ2WjAzMTEwLwYDVQQD
Eyg2OTZkYWIwOTQ3OTRlNzA4MzAxM2JkN2RjZGU1MmIzNDY1OTk4YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZNjS/vxlY+Rxvi9sXwkyyEkc7e3
ovu/RsFhB4pic+oCsuCvZ3fubKfoHUENZzqg8z8AkzPoerESRX1RAOb6MMUdOmLl
Y/PeVX+O3Yx6LiuEPvVQys2sxihYpoeU3Q7rpox5WWdGMnRxq8vdW0UAAxAKiI4W
Gz0ftv3mnxKwGHZOciHYnv42rLHxuWhX8G44vvWgEByV0iZ5J4VSqLrQOTzIxY45
eWLVYo2BYk55xRsZLpCbyF7ZBPZ5rvAOVIbgCdJKZFw9+f/eS1HobA7L6cQxwnME
RUiN/Okaq/vYVYcQLRB6yxVaeOGNaLmt8SqbswgiroXbn7wedU+9xzkSWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGltqwlHlOcIMBO9fc3lKzRlmYrkMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6I//LbL
LJ2W6JJykVrZGdJbIO7cs+fH84d2WwnbffWY8J3tpJUujXgD6jVJ27fZ+aX/PfQJ
OPe+PzJb5FuO/8WDkrPT96aYNLvHfXiISDYPeGZHLxmRoYv5R/NZH0dmsA9WK6It
9OeUxg0sTLpFvc9Fh5hswAw6AJNS2/fv4bzR+G28G+HyfNv6y70BzYqA9+LAhjh3
CxYU4kAJhpBr4DJuJfvd0vZ+SVUWEg8XbrXDxQ+TMl7b2iry9diTU37XwLeN69wh
exekbf2bE52PT9TAfpvlifdRwRd8JqgQMh1HnHh0uNPa9+EwN5ztuZejn8Fqko1n
7VaMv1NU/eON8Q==
-----END CERTIFICATE-----