Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
File:                     I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft (raw, json)
Hash identifier:          fNJBlFP3CK/1bC3Fr4FjV5C6vo/GTU9XstdJ5ogIw6U=
Subject key identifier:   2A:22:0D:51:43:F7:3A:79:9E:02:8E:9B:2C:6C:A7:C5:06:98:DC:08
Authority key identifier: 23:7C:83:44:7D:17:18:33:80:F4:89:BC:94:6C:8B:9E:30:0F:FB:1D
Certificate issuer:       /CN=237c83447d17183380f489bc946c8b9e300ffb1d
Certificate serial:       01969F76129457495635354A1B1823879559
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
Manifest number:          123B
Signing time:             Mon 05 May 2025 08:00:37 +0000
Manifest this update:     Mon 05 May 2025 08:00:37 +0000
Manifest next update:     Tue 06 May 2025 08:00:37 +0000
Files and hashes:         1: I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl (hash: zSGBFJJMP4VOlJHqvU3Nq0TzmObtFCQeiUsVM4ol6xI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 08:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:76:12:94:57:49:56:35:35:4a:1b:18:23:87:95:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237c83447d17183380f489bc946c8b9e300ffb1d
        Validity
            Not Before: May  5 08:00:37 2025 GMT
            Not After : May  6 08:00:37 2025 GMT
        Subject: CN=2a220d5143f73a799e028e9b2c6ca7c50698dc08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:34:dd:6d:95:64:7b:c3:df:83:63:de:8e:c5:
                    29:69:3b:50:47:13:74:ca:f0:b7:c3:52:0e:da:80:
                    40:a5:25:b6:3f:dc:31:72:2a:93:c5:eb:fd:01:69:
                    74:8b:23:35:a7:8c:c8:33:7f:bf:99:de:6a:f0:d0:
                    ac:76:3c:24:c0:a6:50:66:1b:97:c2:08:89:fb:59:
                    62:80:a7:e7:62:3d:25:55:3c:83:dd:fb:1f:66:0c:
                    6d:60:ae:5d:f8:7a:dc:c5:d5:70:8e:40:61:0a:02:
                    83:1d:10:ea:12:77:70:ee:ee:90:5e:09:a0:48:6a:
                    ea:ae:72:3c:25:29:4d:f1:1e:9e:bc:a8:ac:25:50:
                    2f:d2:78:9a:dc:3e:8c:2f:28:1b:60:a3:d6:a4:62:
                    99:e8:7a:b9:3f:e5:a4:78:b2:5c:1b:af:04:31:1d:
                    fc:d1:7f:b8:c2:6c:bd:ff:bc:71:1a:99:db:3d:14:
                    00:b9:1f:35:e7:1f:c6:c9:53:fe:58:b8:a3:46:e5:
                    1a:56:c7:76:90:43:fc:52:f1:83:44:99:bc:51:0b:
                    96:9e:5d:e7:53:51:13:90:c6:fb:9a:b3:97:b5:96:
                    05:13:45:be:95:82:d4:33:49:40:bf:86:6e:e2:4d:
                    f2:69:cf:71:37:72:22:50:69:9b:8d:49:0b:52:d2:
                    ce:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:22:0D:51:43:F7:3A:79:9E:02:8E:9B:2C:6C:A7:C5:06:98:DC:08
            X509v3 Authority Key Identifier:
                keyid:23:7C:83:44:7D:17:18:33:80:F4:89:BC:94:6C:8B:9E:30:0F:FB:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:45:83:18:32:86:03:4b:83:9a:6f:00:86:e8:be:0a:2e:6e:
         6b:24:73:87:0c:c3:a7:0f:66:d6:fa:9c:81:71:a4:14:d8:b6:
         1b:c0:a6:0d:4b:b0:57:b2:d3:6e:6d:90:75:03:86:14:31:8d:
         10:2d:c7:29:76:ae:f0:28:4f:60:b6:86:78:8a:c0:c2:e8:98:
         09:1b:85:38:63:ab:30:2b:14:9b:92:dd:73:d2:f3:81:7b:35:
         a3:70:2b:99:3c:0d:c8:28:52:17:e6:a0:f2:84:08:b3:ce:63:
         cc:87:72:16:43:a4:1d:65:65:7e:51:17:95:36:02:3b:40:83:
         f4:11:a0:1b:72:8b:b8:f4:7a:de:72:81:a2:1e:96:3b:ad:8a:
         93:d1:86:e9:48:6e:08:cf:26:f3:08:85:b1:95:3e:d9:e5:81:
         e5:f3:53:7b:55:4a:4a:e5:a5:b4:e6:46:f0:4c:b8:27:72:3c:
         b7:2b:28:4c:ee:a9:4d:e0:69:3a:89:f8:5b:19:39:27:14:ee:
         4f:3c:e6:b7:7f:34:df:1b:58:ae:bf:44:82:f7:3b:24:8c:04:
         39:fc:cd:75:60:58:bc:2d:4d:28:3a:2f:ed:a5:15:91:49:51:
         e2:9e:c7:a5:4e:ff:fd:57:a6:d6:11:27:97:46:dd:59:1e:e7:
         a1:73:f1:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafdhKUV0lWNTVKGxgjh5VZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2M4MzQ0N2QxNzE4MzM4MGY0ODliYzk0NmM4YjllMzAw
ZmZiMWQwHhcNMjUwNTA1MDgwMDM3WhcNMjUwNTA2MDgwMDM3WjAzMTEwLwYDVQQD
EygyYTIyMGQ1MTQzZjczYTc5OWUwMjhlOWIyYzZjYTdjNTA2OThkYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzTdbZVke8Pfg2PejsUpaTtQRxN0
yvC3w1IO2oBApSW2P9wxciqTxev9AWl0iyM1p4zIM3+/md5q8NCsdjwkwKZQZhuX
wgiJ+1ligKfnYj0lVTyD3fsfZgxtYK5d+HrcxdVwjkBhCgKDHRDqEndw7u6QXgmg
SGrqrnI8JSlN8R6evKisJVAv0nia3D6MLygbYKPWpGKZ6Hq5P+WkeLJcG68EMR38
0X+4wmy9/7xxGpnbPRQAuR815x/GyVP+WLijRuUaVsd2kEP8UvGDRJm8UQuWnl3n
U1ETkMb7mrOXtZYFE0W+lYLUM0lAv4Zu4k3yac9xN3IiUGmbjUkLUtLOqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoiDVFD9zp5ngKOmyxsp8UGmNwIMB8GA1UdIwQY
MBaAFCN8g0R9FxgzgPSJvJRsi54wD/sdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85ZDU5ZTEtN2E2Ny00NjlkLWI0ZGEt
OGIzMzcyMjM0ZGMwLzEvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85ZDU5ZTEtN2E2Ny00NjlkLWI0ZGEtOGIzMzcyMjM0ZGMw
LzEvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUEWDGDKG
A0uDmm8Ahui+Ci5uayRzhwzDpw9m1vqcgXGkFNi2G8CmDUuwV7LTbm2QdQOGFDGN
EC3HKXau8ChPYLaGeIrAwuiYCRuFOGOrMCsUm5Ldc9LzgXs1o3ArmTwNyChSF+ag
8oQIs85jzIdyFkOkHWVlflEXlTYCO0CD9BGgG3KLuPR63nKBoh6WO62Kk9GG6Uhu
CM8m8wiFsZU+2eWB5fNTe1VKSuWltOZG8Ey4J3I8tysoTO6pTeBpOon4Wxk5JxTu
Tzzmt3803xtYrr9Egvc7JIwEOfzNdWBYvC1NKDov7aUVkUlR4p7HpU7//Vem1hEn
l0bdWR7noXPxXQ==
-----END CERTIFICATE-----