Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
File:                     JQou0RQnyhZIM4Ur1JydtT1j5js.mft (raw, json)
Hash identifier:          DnKdsJ+GRyLrGoUk64mN7BEL0BPbnlZngigHyD7UPbM=
Subject key identifier:   27:58:18:E5:2E:C2:B3:AB:D3:2A:D3:69:97:46:22:DE:F1:EF:57:6F
Authority key identifier: 25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B
Certificate issuer:       /CN=250a2ed11427ca164833852bd49c9db53d63e63b
Certificate serial:       0197B7B356D007090B1FA40A9540B8E1ECE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
Manifest number:          0152
Signing time:             Sat 28 Jun 2025 18:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:12 +0000
Files and hashes:         1: JQou0RQnyhZIM4Ur1JydtT1j5js.crl (hash: 3FbqGS9GcGDvJiDIqAEp56cz08WP93B/aTSN/ZYXjxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:56:d0:07:09:0b:1f:a4:0a:95:40:b8:e1:ec:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=250a2ed11427ca164833852bd49c9db53d63e63b
        Validity
            Not Before: Jun 28 18:01:12 2025 GMT
            Not After : Jun 29 18:01:12 2025 GMT
        Subject: CN=275818e52ec2b3abd32ad369974622def1ef576f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cb:d2:22:06:04:13:8a:aa:db:3e:6f:1f:92:
                    13:cf:06:5d:48:bb:fe:2b:34:a3:28:53:b2:47:8b:
                    5f:ca:61:f2:80:ca:45:e8:9b:fc:9b:94:27:92:79:
                    13:41:20:09:44:72:c9:92:b8:f7:e3:5e:7b:32:7d:
                    76:5b:2d:c2:a2:c3:ca:14:2f:69:0a:f0:f1:56:20:
                    a5:43:f4:38:c6:5b:d4:a8:33:45:9e:d4:e1:1e:52:
                    f2:92:d2:56:b8:e8:c3:ee:fd:73:24:94:2e:8c:87:
                    fa:00:e7:b3:ad:4c:1e:c1:0d:27:b0:fb:9f:57:c5:
                    f7:1b:d1:2c:d9:91:35:95:8c:19:69:ea:f1:ef:ac:
                    fa:ab:00:87:bc:49:18:6e:0f:d1:e4:b5:53:9c:7e:
                    28:41:7b:fc:e3:43:5b:93:85:99:44:38:6c:65:44:
                    ff:d4:0d:88:16:47:b1:a4:98:e6:2a:3f:b9:d5:86:
                    2c:76:8e:d5:e3:83:ae:a9:fd:2f:4d:f6:b2:98:b0:
                    6e:02:bd:76:b7:dc:54:0e:2f:38:42:8b:da:3c:93:
                    bf:46:00:ec:ce:45:68:30:2b:ea:05:36:e0:a9:34:
                    7b:3a:b8:94:bf:cb:3b:de:9f:ab:14:74:a4:bd:f8:
                    79:0d:6b:76:e8:17:4b:64:f1:91:5e:f6:ce:40:af:
                    31:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:58:18:E5:2E:C2:B3:AB:D3:2A:D3:69:97:46:22:DE:F1:EF:57:6F
            X509v3 Authority Key Identifier:
                keyid:25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:93:f8:71:96:63:df:a0:84:f0:0b:c0:a8:87:33:25:ad:b7:
         bc:8b:d0:d2:91:34:d5:30:66:70:60:1e:f7:40:9f:76:a2:14:
         77:29:e8:0e:8e:2c:8a:71:45:3b:2c:75:af:f9:d6:2b:90:cb:
         0c:5a:75:42:96:a4:39:01:a5:34:45:58:3c:ff:8b:28:8c:8e:
         69:c5:0b:68:cd:df:ba:c0:de:ac:9b:ea:28:12:d5:b1:4f:0b:
         43:cf:d4:9d:a3:c5:8e:4b:1d:f0:a4:46:14:9f:c4:9f:0a:9e:
         a5:c2:52:90:b2:67:02:4d:65:5c:6f:ee:ad:f9:03:21:33:e0:
         a0:27:4b:5b:54:ec:2e:bc:64:6d:80:29:24:b0:f4:d7:cf:1f:
         b7:3c:43:ea:69:18:f0:88:41:bf:32:db:03:27:b8:57:a5:f5:
         e9:70:30:5b:05:ba:7b:a3:a4:9d:28:bc:a4:46:ef:f5:4b:18:
         6e:a9:d3:80:a9:2a:bc:09:8c:3d:d7:a7:c8:68:c2:6f:de:95:
         55:b6:60:a0:f6:41:0e:a4:2b:d7:22:2c:72:d6:53:04:16:42:
         41:58:54:70:fb:24:9d:c3:5f:81:4e:2d:f3:3b:84:f5:19:e7:
         e8:5a:c7:15:50:9c:19:47:a2:87:a3:79:f8:6b:74:bb:12:88:
         31:8b:fa:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s1bQBwkLH6QKlUC44ezmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGEyZWQxMTQyN2NhMTY0ODMzODUyYmQ0OWM5ZGI1M2Q2
M2U2M2IwHhcNMjUwNjI4MTgwMTEyWhcNMjUwNjI5MTgwMTEyWjAzMTEwLwYDVQQD
EygyNzU4MThlNTJlYzJiM2FiZDMyYWQzNjk5NzQ2MjJkZWYxZWY1NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8vSIgYEE4qq2z5vH5ITzwZdSLv+
KzSjKFOyR4tfymHygMpF6Jv8m5QnknkTQSAJRHLJkrj34157Mn12Wy3CosPKFC9p
CvDxViClQ/Q4xlvUqDNFntThHlLyktJWuOjD7v1zJJQujIf6AOezrUwewQ0nsPuf
V8X3G9Es2ZE1lYwZaerx76z6qwCHvEkYbg/R5LVTnH4oQXv840Nbk4WZRDhsZUT/
1A2IFkexpJjmKj+51YYsdo7V44Ouqf0vTfaymLBuAr12t9xUDi84QovaPJO/RgDs
zkVoMCvqBTbgqTR7OriUv8s73p+rFHSkvfh5DWt26BdLZPGRXvbOQK8xawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdYGOUuwrOr0yrTaZdGIt7x71dvMB8GA1UdIwQY
MBaAFCUKLtEUJ8oWSDOFK9ScnbU9Y+Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEt
NTVjNjVjNDE1YjM2LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEtNTVjNjVjNDE1YjM2
LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp5P4cZZj
36CE8AvAqIczJa23vIvQ0pE01TBmcGAe90CfdqIUdynoDo4sinFFOyx1r/nWK5DL
DFp1QpakOQGlNEVYPP+LKIyOacULaM3fusDerJvqKBLVsU8LQ8/UnaPFjksd8KRG
FJ/EnwqepcJSkLJnAk1lXG/urfkDITPgoCdLW1TsLrxkbYApJLD0188ftzxD6mkY
8IhBvzLbAye4V6X16XAwWwW6e6OknSi8pEbv9UsYbqnTgKkqvAmMPdenyGjCb96V
VbZgoPZBDqQr1yIsctZTBBZCQVhUcPskncNfgU4t8zuE9Rnn6FrHFVCcGUeih6N5
+Gt0uxKIMYv6Bw==
-----END CERTIFICATE-----