Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
File:                     OstMHbOigqLFrhaULo1gYb50UWs.mft (raw, json)
Hash identifier:          aCGB68nwVcAwBq1GRXgPMTu57mGDknHKqO7KuhSjxe8=
Subject key identifier:   42:82:34:DB:CA:FA:94:98:5F:33:54:2F:A8:71:A4:8F:62:4B:57:8B
Authority key identifier: 3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B
Certificate issuer:       /CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
Certificate serial:       01964F6CA2C1DA8FD356D771B7B6E78BDFBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
Manifest number:          0D69
Signing time:             Sat 19 Apr 2025 19:00:41 +0000
Manifest this update:     Sat 19 Apr 2025 19:00:41 +0000
Manifest next update:     Sun 20 Apr 2025 19:00:41 +0000
Files and hashes:         1: OstMHbOigqLFrhaULo1gYb50UWs.crl (hash: ens54mBrkV2UlIQXmu7qISpVGe0DQRoLRYcZkTpeNAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6c:a2:c1:da:8f:d3:56:d7:71:b7:b6:e7:8b:df:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
        Validity
            Not Before: Apr 19 19:00:41 2025 GMT
            Not After : Apr 20 19:00:41 2025 GMT
        Subject: CN=428234dbcafa94985f33542fa871a48f624b578b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:40:73:4a:ef:ec:d1:1c:35:76:c5:48:79:aa:
                    07:50:70:7e:c9:fc:47:5f:d7:32:1f:3a:cc:a8:75:
                    b7:00:92:b8:28:7b:0d:63:fc:a8:6b:e7:b7:52:fb:
                    ae:51:27:dd:64:f5:ea:d3:69:2f:8f:3f:15:5e:de:
                    1a:ba:a4:50:f2:dd:38:79:f0:4f:1a:93:09:0f:66:
                    e9:d5:37:ac:a0:03:62:ce:bd:61:45:e5:a3:6e:4a:
                    6b:2b:85:33:2f:44:26:f3:1c:da:33:df:f7:e7:bb:
                    2b:8a:e2:c0:c4:bd:b6:94:42:a7:fa:8d:44:77:3d:
                    14:9e:3e:2e:ed:bf:4a:b6:a6:29:0c:c2:22:d8:92:
                    6a:43:1e:ca:be:2a:9f:d1:f5:c3:7b:25:ad:9d:e1:
                    cc:25:a5:0c:f1:72:b5:2c:e5:98:9f:7e:ad:bb:bb:
                    b1:e9:30:20:d3:a9:1a:d0:2d:66:13:6a:f4:f9:0b:
                    56:1f:22:49:da:f5:a7:72:8d:c0:8d:e5:1a:e1:3b:
                    e4:4b:ef:75:38:3d:f6:e7:f6:7c:77:3a:37:f7:a8:
                    2c:dd:ba:40:f5:0a:ca:49:4a:86:5b:bf:5b:02:6a:
                    59:80:86:73:98:e9:b9:8e:8f:a5:5e:05:8f:6c:db:
                    cf:94:d6:e4:c2:5b:a0:06:a0:8c:2d:3a:4e:61:f8:
                    f4:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:82:34:DB:CA:FA:94:98:5F:33:54:2F:A8:71:A4:8F:62:4B:57:8B
            X509v3 Authority Key Identifier:
                keyid:3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:65:63:6c:7b:04:b3:19:e1:d2:24:dc:3e:96:f2:ec:8a:1a:
         07:5a:98:aa:a9:f4:93:48:91:37:ae:16:9e:c6:14:77:74:dd:
         cd:c5:75:5f:6b:c8:b0:0e:e3:af:a9:30:e5:e0:93:2e:48:d9:
         b3:3d:6f:20:c2:db:41:c2:a2:67:55:01:c2:cb:33:c4:f6:d1:
         10:50:91:9d:a0:c9:c2:ad:72:28:bf:1f:b2:0a:2b:4b:1f:9a:
         0f:fe:da:3a:7b:f1:31:81:17:6b:bb:4c:ac:40:9f:f0:99:cf:
         7a:c5:b8:b3:bf:93:04:59:f8:5b:a7:21:52:f9:a4:2a:91:f0:
         20:01:df:e8:cd:83:9b:72:bc:5e:c0:18:5c:04:4b:65:b5:eb:
         70:59:71:88:2e:49:a5:4e:bc:b9:9c:ad:39:06:4a:40:dd:8e:
         f3:e2:09:7d:e2:84:89:68:c0:7a:1a:ea:f2:bd:57:8e:d9:e4:
         2f:52:a9:50:84:15:06:05:52:45:bd:3d:e0:f5:f4:2a:e9:60:
         f9:66:a7:48:c9:f6:ba:02:20:4a:7d:14:6a:3d:2a:d7:d8:f9:
         4e:34:b4:b0:78:f9:fd:1a:89:2f:61:84:88:49:fe:26:2f:1b:
         8b:14:53:93:e9:fa:b2:d6:fa:8c:9d:8a:03:d8:cc:e6:2f:4d:
         e2:69:fb:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbKLB2o/TVtdxt7bni9+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2I0YzFkYjNhMjgyYTJjNWFlMTY5NDJlOGQ2MDYxYmU3
NDUxNmIwHhcNMjUwNDE5MTkwMDQxWhcNMjUwNDIwMTkwMDQxWjAzMTEwLwYDVQQD
Eyg0MjgyMzRkYmNhZmE5NDk4NWYzMzU0MmZhODcxYTQ4ZjYyNGI1NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUBzSu/s0Rw1dsVIeaoHUHB+yfxH
X9cyHzrMqHW3AJK4KHsNY/yoa+e3UvuuUSfdZPXq02kvjz8VXt4auqRQ8t04efBP
GpMJD2bp1TesoANizr1hReWjbkprK4UzL0Qm8xzaM9/357sriuLAxL22lEKn+o1E
dz0Unj4u7b9KtqYpDMIi2JJqQx7Kviqf0fXDeyWtneHMJaUM8XK1LOWYn36tu7ux
6TAg06ka0C1mE2r0+QtWHyJJ2vWnco3AjeUa4TvkS+91OD325/Z8dzo396gs3bpA
9QrKSUqGW79bAmpZgIZzmOm5jo+lXgWPbNvPlNbkwlugBqCMLTpOYfj0bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKCNNvK+pSYXzNUL6hxpI9iS1eLMB8GA1UdIwQY
MBaAFDrLTB2zooKixa4WlC6NYGG+dFFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgt
Y2JmMzRlYmNhNGI5LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgtY2JmMzRlYmNhNGI5
LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFmVjbHsE
sxnh0iTcPpby7IoaB1qYqqn0k0iRN64WnsYUd3TdzcV1X2vIsA7jr6kw5eCTLkjZ
sz1vIMLbQcKiZ1UBwsszxPbREFCRnaDJwq1yKL8fsgorSx+aD/7aOnvxMYEXa7tM
rECf8JnPesW4s7+TBFn4W6chUvmkKpHwIAHf6M2Dm3K8XsAYXARLZbXrcFlxiC5J
pU68uZytOQZKQN2O8+IJfeKEiWjAehrq8r1XjtnkL1KpUIQVBgVSRb094PX0Kulg
+WanSMn2ugIgSn0Uaj0q19j5TjS0sHj5/RqJL2GEiEn+Ji8bixRTk+n6stb6jJ2K
A9jM5i9N4mn7eQ==
-----END CERTIFICATE-----