Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          Zywlh3pcKHIscy4PDV3t1jXvjVux4qd08hK55kdRF+k=
Subject key identifier:   5E:3F:32:00:8F:0A:3E:A9:7F:BC:5E:B3:C1:43:B2:EA:04:10:EF:4E
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       019653EE17766AE4AAE2E92399A946C4C1DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          0147
Signing time:             Sun 20 Apr 2025 16:00:34 +0000
Manifest this update:     Sun 20 Apr 2025 16:00:34 +0000
Manifest next update:     Mon 21 Apr 2025 16:00:34 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: XPMs9ocNgyY6Dbvy+rfGmFiP13J5xeGBo7rXCyYmxIY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:17:76:6a:e4:aa:e2:e9:23:99:a9:46:c4:c1:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Apr 20 16:00:34 2025 GMT
            Not After : Apr 21 16:00:34 2025 GMT
        Subject: CN=5e3f32008f0a3ea97fbc5eb3c143b2ea0410ef4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3a:e8:03:93:03:a1:c3:2d:f4:8e:a8:ea:d2:
                    a3:6f:37:3f:a5:d0:1a:61:cb:db:60:9c:3e:98:bc:
                    a7:ff:50:f8:7c:7a:c1:09:8a:39:7f:d8:a8:fb:e1:
                    ae:02:a8:78:93:36:38:af:bf:18:1e:3f:45:ac:3a:
                    56:ba:fb:6c:c9:e3:96:7c:0e:9b:f1:2f:09:c6:aa:
                    36:83:ab:84:59:85:f7:a6:84:2a:d9:b0:5c:d1:57:
                    e6:6c:dc:fd:bf:16:9d:16:39:7f:e2:94:bb:51:cb:
                    e3:8e:83:7b:2b:a0:3b:0f:ab:5e:cd:97:9d:b9:12:
                    d3:80:33:1d:94:7a:3f:f6:5b:32:32:14:02:ee:ee:
                    2c:38:60:a5:2b:2c:e9:a5:9a:ab:ad:bd:4c:0c:54:
                    d9:ee:57:a0:75:e2:fa:9f:92:c5:40:8d:77:9b:4c:
                    2e:87:81:93:cb:26:53:c3:5f:25:86:1a:82:a6:72:
                    0e:01:3f:66:da:f0:3a:6d:bc:69:c5:57:db:47:0b:
                    56:55:cb:80:9a:ee:df:b4:00:9b:eb:6a:82:05:23:
                    e4:cd:18:7f:2a:55:f3:9c:ce:26:40:82:ee:90:9b:
                    47:f6:90:f3:ff:c9:8f:dc:37:d9:dc:be:d3:90:46:
                    ad:bd:c7:a0:24:e6:2c:92:eb:36:55:d0:a6:f0:13:
                    ff:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:3F:32:00:8F:0A:3E:A9:7F:BC:5E:B3:C1:43:B2:EA:04:10:EF:4E
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a5:00:62:a9:48:e7:fd:47:3b:0b:29:95:b5:86:84:43:7a:
         a2:72:9b:b7:4f:06:7f:59:46:d1:b6:a8:67:d9:11:da:34:2e:
         3d:a7:dc:c2:0f:fe:2c:06:c7:46:f3:15:b2:86:87:c8:90:95:
         31:72:89:e5:47:7e:ed:89:19:f9:cb:68:7e:2b:ef:76:71:12:
         e5:ba:16:14:95:e5:74:de:31:41:06:6d:16:a7:7c:55:9b:1f:
         5f:02:40:0d:f2:d7:4b:e6:70:48:cd:56:49:73:0c:25:01:ef:
         c9:71:7d:28:c2:3b:0f:ac:6e:e5:ed:a3:55:5d:ec:27:b2:7e:
         d8:ee:d6:d6:eb:d4:77:a2:64:34:88:d5:1b:52:ce:ac:18:fa:
         99:53:ad:e8:88:3b:5e:c2:9a:e9:91:3c:f1:8c:38:3e:b2:47:
         ad:75:78:ee:3d:f6:e0:9a:eb:96:9a:75:84:d7:b6:17:3a:94:
         8a:39:b1:60:5a:bd:a5:41:7e:b8:db:14:97:59:3a:4d:fb:1c:
         74:b7:67:e5:23:d1:f8:01:72:34:c4:02:9c:48:76:81:9b:bb:
         44:94:22:ff:d3:d3:be:91:10:0b:33:26:8b:56:67:09:3f:cd:
         31:b3:b5:c9:6e:4e:37:f4:b8:8b:cd:c1:83:12:d7:02:b8:71:
         e8:66:58:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7hd2auSq4ukjmalGxMHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUwNDIwMTYwMDM0WhcNMjUwNDIxMTYwMDM0WjAzMTEwLwYDVQQD
Eyg1ZTNmMzIwMDhmMGEzZWE5N2ZiYzVlYjNjMTQzYjJlYTA0MTBlZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjroA5MDocMt9I6o6tKjbzc/pdAa
YcvbYJw+mLyn/1D4fHrBCYo5f9io++GuAqh4kzY4r78YHj9FrDpWuvtsyeOWfA6b
8S8Jxqo2g6uEWYX3poQq2bBc0VfmbNz9vxadFjl/4pS7UcvjjoN7K6A7D6tezZed
uRLTgDMdlHo/9lsyMhQC7u4sOGClKyzppZqrrb1MDFTZ7legdeL6n5LFQI13m0wu
h4GTyyZTw18lhhqCpnIOAT9m2vA6bbxpxVfbRwtWVcuAmu7ftACb62qCBSPkzRh/
KlXznM4mQILukJtH9pDz/8mP3DfZ3L7TkEatvcegJOYskus2VdCm8BP/sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4/MgCPCj6pf7xes8FDsuoEEO9OMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqUAYqlI
5/1HOwsplbWGhEN6onKbt08Gf1lG0baoZ9kR2jQuPafcwg/+LAbHRvMVsoaHyJCV
MXKJ5Ud+7YkZ+ctofivvdnES5boWFJXldN4xQQZtFqd8VZsfXwJADfLXS+ZwSM1W
SXMMJQHvyXF9KMI7D6xu5e2jVV3sJ7J+2O7W1uvUd6JkNIjVG1LOrBj6mVOt6Ig7
XsKa6ZE88Yw4PrJHrXV47j324Jrrlpp1hNe2FzqUijmxYFq9pUF+uNsUl1k6Tfsc
dLdn5SPR+AFyNMQCnEh2gZu7RJQi/9PTvpEQCzMmi1ZnCT/NMbO1yW5ON/S4i83B
gxLXArhx6GZYHw==
-----END CERTIFICATE-----