Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
File:                     OUjkpbK65iNUmZE9y-wE38pTHpA.mft (raw, json)
Hash identifier:          si5IpEOTGCEvMp1WzdtYtmf7bukOxfw0EH/xHmzPgJI=
Subject key identifier:   2E:CB:70:81:AC:5D:64:1C:3A:75:79:0A:24:A3:31:C9:29:A9:DF:BE
Authority key identifier: 39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90
Certificate issuer:       /CN=3948e4a5b2bae6235499913dcbec04dfca531e90
Certificate serial:       019651FF99DE505816C70A0262046D8EC10A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
Manifest number:          13CE
Signing time:             Sun 20 Apr 2025 07:00:27 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:27 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:27 +0000
Files and hashes:         1: OUjkpbK65iNUmZE9y-wE38pTHpA.crl (hash: XeWVC3uPvtkEKWF1Gw2dSKNicJKperzkQ0I5MXWcyhM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:99:de:50:58:16:c7:0a:02:62:04:6d:8e:c1:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3948e4a5b2bae6235499913dcbec04dfca531e90
        Validity
            Not Before: Apr 20 07:00:27 2025 GMT
            Not After : Apr 21 07:00:27 2025 GMT
        Subject: CN=2ecb7081ac5d641c3a75790a24a331c929a9dfbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:6e:9c:a3:ee:ac:7b:f2:60:f3:26:a0:3c:fd:
                    00:c8:79:ba:17:1d:fb:e2:ab:59:99:e3:fc:a8:8b:
                    f3:78:4e:93:c7:39:ed:7d:bf:25:3c:83:67:e1:cd:
                    3d:70:a6:60:2e:87:53:b0:e5:8a:60:8d:54:2a:d6:
                    d9:d8:37:8c:9f:c3:8c:e2:f0:a5:02:36:8b:45:24:
                    59:a2:0f:c7:01:cb:a9:55:8e:fa:a6:f9:c8:fc:1f:
                    2f:86:7f:e4:fd:7c:4c:58:95:ad:b7:1c:b7:67:04:
                    d4:cc:c9:fc:32:82:e2:e9:33:2d:3c:8f:3e:78:03:
                    74:95:8a:38:94:08:72:2c:11:65:8e:e5:5a:cb:92:
                    1a:ca:d2:3d:fe:f9:ba:68:aa:7d:38:13:6f:ea:28:
                    28:fa:b9:b8:96:bb:73:a0:57:5b:eb:02:e3:72:a5:
                    46:05:e7:e7:5d:2b:c9:41:c1:fd:fb:00:1e:5c:94:
                    ec:44:a6:fa:f2:69:48:e1:ed:81:98:a8:d0:13:ef:
                    c3:f8:c2:7b:ab:ea:de:fb:b6:9c:58:45:dd:aa:c5:
                    0a:cd:be:5d:2e:fb:46:0d:c2:0c:c2:1b:ac:ed:9f:
                    22:77:f0:5a:85:17:1f:47:83:4f:c7:17:f5:11:34:
                    1a:a1:51:fb:bf:f7:dd:2c:aa:fd:4a:5a:97:7b:6a:
                    b4:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CB:70:81:AC:5D:64:1C:3A:75:79:0A:24:A3:31:C9:29:A9:DF:BE
            X509v3 Authority Key Identifier:
                keyid:39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:e8:5d:25:74:b9:e0:50:16:93:53:20:c0:80:1d:fb:bc:06:
         a7:2a:85:e1:0a:dd:a0:23:56:2b:fe:30:2e:f0:9d:50:df:ca:
         26:4f:73:19:ec:4d:66:cb:9e:01:00:87:e3:5d:5b:93:ce:67:
         85:fc:03:a5:c3:72:fb:e9:76:39:fa:99:53:81:8c:5e:32:99:
         ce:c7:e6:44:61:35:86:c1:52:bd:a1:ee:fe:36:eb:03:ed:71:
         4c:b7:95:53:5a:81:60:7d:58:2a:d7:b7:33:1e:26:ca:fe:0d:
         21:8a:aa:ed:d5:4c:76:b9:05:8a:22:08:3b:d8:3a:41:0e:8a:
         cf:25:a6:14:35:11:07:b3:24:49:7d:eb:17:11:e8:5e:c3:c4:
         00:41:ce:b3:93:01:62:80:cd:b7:de:5c:08:0a:a1:eb:dd:96:
         01:cf:ed:27:4b:ae:20:0b:39:f5:54:b5:4b:8d:ad:55:7a:2b:
         ce:94:2b:fe:d9:ce:3d:7f:de:e7:e0:2e:f1:4a:56:00:74:d1:
         b4:3b:0f:61:db:2d:2f:d4:40:52:20:7f:e4:7c:89:bb:af:52:
         0e:4a:bf:06:5c:4d:b9:45:96:3f:d4:fe:52:a2:4d:c9:b9:ca:
         25:c7:a7:2d:96:ed:e0:9b:b3:d0:fc:5a:db:2f:52:10:69:d2:
         8c:6a:b0:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/5neUFgWxwoCYgRtjsEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDhlNGE1YjJiYWU2MjM1NDk5OTEzZGNiZWMwNGRmY2E1
MzFlOTAwHhcNMjUwNDIwMDcwMDI3WhcNMjUwNDIxMDcwMDI3WjAzMTEwLwYDVQQD
EygyZWNiNzA4MWFjNWQ2NDFjM2E3NTc5MGEyNGEzMzFjOTI5YTlkZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG6co+6se/Jg8yagPP0AyHm6Fx37
4qtZmeP8qIvzeE6Txzntfb8lPINn4c09cKZgLodTsOWKYI1UKtbZ2DeMn8OM4vCl
AjaLRSRZog/HAcupVY76pvnI/B8vhn/k/XxMWJWttxy3ZwTUzMn8MoLi6TMtPI8+
eAN0lYo4lAhyLBFljuVay5IaytI9/vm6aKp9OBNv6igo+rm4lrtzoFdb6wLjcqVG
BefnXSvJQcH9+wAeXJTsRKb68mlI4e2BmKjQE+/D+MJ7q+re+7acWEXdqsUKzb5d
LvtGDcIMwhus7Z8id/BahRcfR4NPxxf1ETQaoVH7v/fdLKr9SlqXe2q03QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7LcIGsXWQcOnV5CiSjMckpqd++MB8GA1UdIwQY
MBaAFDlI5KWyuuYjVJmRPcvsBN/KUx6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUt
ZjY1MGU1MDdhNzZkLzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUtZjY1MGU1MDdhNzZk
LzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOuhdJXS5
4FAWk1MgwIAd+7wGpyqF4QrdoCNWK/4wLvCdUN/KJk9zGexNZsueAQCH411bk85n
hfwDpcNy++l2OfqZU4GMXjKZzsfmRGE1hsFSvaHu/jbrA+1xTLeVU1qBYH1YKte3
Mx4myv4NIYqq7dVMdrkFiiIIO9g6QQ6KzyWmFDURB7MkSX3rFxHoXsPEAEHOs5MB
YoDNt95cCAqh692WAc/tJ0uuIAs59VS1S42tVXorzpQr/tnOPX/e5+Au8UpWAHTR
tDsPYdstL9RAUiB/5HyJu69SDkq/BlxNuUWWP9T+UqJNybnKJcenLZbt4Juz0Pxa
2y9SEGnSjGqwgg==
-----END CERTIFICATE-----