Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
File:                     OstMHbOigqLFrhaULo1gYb50UWs.mft (raw, json)
Hash identifier:          KNS6MU59zEEwJTOzUwgptNPmMI16DYi/Pyo/ZgsYr1M=
Subject key identifier:   FB:A8:B8:37:63:E5:F8:4B:23:ED:69:24:32:22:8A:06:AA:C0:D4:5C
Authority key identifier: 3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B
Certificate issuer:       /CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
Certificate serial:       01975046C6510025009CD7F9B596B24F3904
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
Manifest number:          0DEE
Signing time:             Sun 08 Jun 2025 16:01:44 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:44 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:44 +0000
Files and hashes:         1: OstMHbOigqLFrhaULo1gYb50UWs.crl (hash: ReS1u7/SiD/l8ngAZVcpnxYtI+MXAPCPCT3qEf/PdSk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:44:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:c6:51:00:25:00:9c:d7:f9:b5:96:b2:4f:39:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
        Validity
            Not Before: Jun  8 16:01:44 2025 GMT
            Not After : Jun  9 16:01:44 2025 GMT
        Subject: CN=fba8b83763e5f84b23ed692432228a06aac0d45c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d4:5c:3d:fc:f3:5b:44:60:65:ce:32:cf:c6:
                    4b:35:dc:05:30:88:71:2d:3b:1e:f0:b6:f6:06:74:
                    45:69:8d:76:4b:20:f9:31:0d:46:61:3e:fe:7a:0e:
                    56:60:2b:ca:2c:f9:70:07:3a:2c:07:6c:e7:39:cb:
                    e0:a4:4d:8c:2d:40:75:6e:04:3a:dc:2b:d6:e1:89:
                    80:55:4a:8d:fa:6c:a2:04:e8:77:d6:eb:b7:10:47:
                    98:ce:c8:2c:61:f1:d4:68:90:58:c2:17:ef:2a:9b:
                    db:38:8f:bf:3f:a4:cb:77:6e:3d:94:2b:f7:e5:62:
                    6c:97:6a:a0:0d:9e:cb:8b:2c:67:fe:79:18:16:bc:
                    ca:f7:67:45:91:17:d9:bd:06:ab:f5:15:77:5f:77:
                    0e:d1:33:da:78:af:df:6f:ca:69:87:f8:38:97:2d:
                    ac:62:66:74:c8:a3:e7:dc:42:54:c4:77:6e:27:d8:
                    18:01:85:9f:61:2b:ed:c4:ef:ae:bb:ed:c3:c9:56:
                    d4:d2:f0:6f:53:f4:b8:1b:a7:9b:ab:99:33:19:ec:
                    76:58:fb:d4:be:49:53:80:9b:ce:a6:3a:9a:b2:04:
                    81:0b:ad:0b:54:78:4b:38:68:28:8f:90:ca:1a:07:
                    74:83:4a:54:ec:3e:bd:e3:b5:d1:9c:09:9a:50:60:
                    29:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A8:B8:37:63:E5:F8:4B:23:ED:69:24:32:22:8A:06:AA:C0:D4:5C
            X509v3 Authority Key Identifier:
                keyid:3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:87:c7:72:bc:b5:a9:d6:bd:b1:72:f2:89:d6:7d:5a:25:89:
         aa:24:69:9d:9a:67:76:17:7d:7e:1a:dd:25:85:ce:e8:6f:3e:
         82:60:1d:1a:dd:34:35:3a:69:b7:54:bc:cb:03:60:a4:e8:ac:
         12:6e:cc:8a:e2:23:a7:77:ee:e4:4d:bf:6e:d9:91:25:9c:92:
         db:9c:45:b1:e1:ae:cb:94:1d:09:bb:7a:af:21:d9:b2:4c:c7:
         bf:16:fd:07:49:8d:76:ed:67:d5:67:64:f0:7f:5b:1d:70:9d:
         79:6a:61:79:0f:b2:3f:c8:c7:4c:7a:88:4d:0b:6f:6c:80:2e:
         76:5a:f2:37:44:9e:59:cf:cf:da:f9:27:f4:ec:64:dc:7f:35:
         ad:b0:ac:be:20:5b:0b:9b:b5:90:ba:17:bc:e5:c7:a8:f3:f7:
         38:65:6a:46:91:a0:ae:7b:e3:17:3c:c0:e3:2c:24:ab:76:da:
         f8:43:6e:67:15:f4:08:84:27:3c:60:36:7c:ba:7e:94:c7:7b:
         47:c6:58:34:1c:bc:ff:3a:c9:3f:d5:99:37:0c:da:64:5a:2e:
         ca:ed:60:48:12:be:73:98:49:9f:ca:25:00:38:32:2f:6b:d3:
         9d:4a:39:1d:b1:4d:79:d0:e6:ba:5c:d6:55:ef:da:46:75:8b:
         c9:a8:38:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRsZRACUAnNf5tZayTzkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2I0YzFkYjNhMjgyYTJjNWFlMTY5NDJlOGQ2MDYxYmU3
NDUxNmIwHhcNMjUwNjA4MTYwMTQ0WhcNMjUwNjA5MTYwMTQ0WjAzMTEwLwYDVQQD
EyhmYmE4YjgzNzYzZTVmODRiMjNlZDY5MjQzMjIyOGEwNmFhYzBkNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutRcPfzzW0RgZc4yz8ZLNdwFMIhx
LTse8Lb2BnRFaY12SyD5MQ1GYT7+eg5WYCvKLPlwBzosB2znOcvgpE2MLUB1bgQ6
3CvW4YmAVUqN+myiBOh31uu3EEeYzsgsYfHUaJBYwhfvKpvbOI+/P6TLd249lCv3
5WJsl2qgDZ7Liyxn/nkYFrzK92dFkRfZvQar9RV3X3cO0TPaeK/fb8pph/g4ly2s
YmZ0yKPn3EJUxHduJ9gYAYWfYSvtxO+uu+3DyVbU0vBvU/S4G6ebq5kzGex2WPvU
vklTgJvOpjqasgSBC60LVHhLOGgoj5DKGgd0g0pU7D6947XRnAmaUGAp9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuouDdj5fhLI+1pJDIiigaqwNRcMB8GA1UdIwQY
MBaAFDrLTB2zooKixa4WlC6NYGG+dFFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgt
Y2JmMzRlYmNhNGI5LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgtY2JmMzRlYmNhNGI5
LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANYfHcry1
qda9sXLyidZ9WiWJqiRpnZpndhd9fhrdJYXO6G8+gmAdGt00NTppt1S8ywNgpOis
Em7MiuIjp3fu5E2/btmRJZyS25xFseGuy5QdCbt6ryHZskzHvxb9B0mNdu1n1Wdk
8H9bHXCdeWpheQ+yP8jHTHqITQtvbIAudlryN0SeWc/P2vkn9Oxk3H81rbCsviBb
C5u1kLoXvOXHqPP3OGVqRpGgrnvjFzzA4ywkq3ba+ENuZxX0CIQnPGA2fLp+lMd7
R8ZYNBy8/zrJP9WZNwzaZFouyu1gSBK+c5hJn8olADgyL2vTnUo5HbFNedDmulzW
Ve/aRnWLyag4jQ==
-----END CERTIFICATE-----