Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          ocGZuiYKIjQD5CR+tnwBpxSId42UizvlUwiL8jFQOAg=
Subject key identifier:   E9:B5:B2:43:4D:12:27:1D:43:D4:96:9C:D6:CD:7E:B3:94:83:BC:4D
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       019769CF2C495E2FB9A57BD32BE24E3C5625
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 15:01:14 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:14 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:14 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: 2LEj3faitUjBJVtL0zNB9VXsuEbE+vJFUPSFMghnfB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:2c:49:5e:2f:b9:a5:7b:d3:2b:e2:4e:3c:56:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Jun 13 15:01:14 2025 GMT
            Not After : Jun 14 15:01:14 2025 GMT
        Subject: CN=e9b5b2434d12271d43d4969cd6cd7eb39483bc4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b9:3c:f4:de:65:0d:2e:8a:72:27:39:b9:fa:
                    65:61:dd:a3:20:32:8d:91:65:60:e0:82:d0:ab:c1:
                    25:07:80:68:c8:dd:66:3c:27:1c:76:ea:42:96:7a:
                    c4:16:43:57:a3:0c:01:80:eb:16:11:eb:66:7c:bc:
                    47:3a:2f:52:01:b7:7f:db:61:26:ec:bd:92:34:3d:
                    b0:06:5c:62:8b:d9:ed:58:d8:8d:a8:2e:9e:e5:ec:
                    04:d0:cc:da:16:a7:1a:9c:68:95:da:5a:a1:c3:93:
                    b1:f8:31:c3:b7:5f:44:9a:c0:38:a1:92:4a:f2:cb:
                    f1:c3:6f:4a:16:8e:43:4b:b1:c1:94:8d:06:2f:89:
                    09:b2:c4:e5:8d:5e:8e:4f:b3:98:bb:6b:36:60:c3:
                    a9:e3:8c:7d:d7:c3:1e:2a:f8:c1:a6:74:46:8b:06:
                    03:90:de:55:f3:54:62:9d:1d:08:ed:d4:f7:be:8c:
                    78:9c:54:c3:c5:db:cd:15:5a:e7:17:d0:a9:73:c6:
                    48:dd:48:bc:45:a8:d2:a3:22:9a:75:26:7d:13:aa:
                    c7:0c:98:3e:28:de:4b:40:27:29:f0:a7:ec:8e:cb:
                    ca:17:91:89:c8:ed:4c:15:b5:7b:e4:c9:c3:44:65:
                    94:34:6d:1f:df:b5:7c:84:65:70:43:d1:34:71:e1:
                    5f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:B5:B2:43:4D:12:27:1D:43:D4:96:9C:D6:CD:7E:B3:94:83:BC:4D
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:f8:36:de:0b:b0:31:db:52:b6:72:57:67:5f:93:5c:e3:85:
         dd:8b:9f:ab:61:42:c2:b2:d6:8a:8b:91:ed:d4:c2:9e:9e:79:
         38:7e:63:c9:9e:d1:1a:fd:cb:17:a5:60:dc:d3:d6:1b:0a:3d:
         6f:99:be:d2:1e:84:a6:6b:91:d8:50:33:23:df:86:c0:88:7a:
         9f:b9:a2:d9:e7:61:62:76:1d:7b:40:37:5b:6e:30:71:23:47:
         40:ba:fe:85:79:69:b1:ed:8b:64:2c:ef:a4:f0:23:cb:f0:9e:
         df:47:0c:15:55:02:08:08:af:d7:70:b1:f9:c0:f5:35:45:8c:
         bc:26:10:8d:f1:96:ee:20:e7:e5:12:07:8d:db:27:56:87:7f:
         57:eb:87:5d:f5:5a:ec:7e:a2:a6:43:9c:13:da:a9:f7:d6:81:
         78:9d:b0:ff:05:c1:c0:4a:80:42:ae:52:62:55:b3:e1:36:88:
         68:4f:f3:b2:35:93:77:46:cc:ff:6f:9e:5b:13:a0:b9:50:18:
         4a:74:45:73:8b:11:7e:a3:72:5c:61:6d:98:65:24:a4:57:d8:
         69:6b:26:a7:e1:1c:e7:7b:b0:da:de:88:98:87:13:aa:6c:1a:
         30:d8:12:fa:83:f9:ba:f3:3d:e9:51:90:fc:82:ba:c5:ec:84:
         25:16:3d:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzyxJXi+5pXvTK+JOPFYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwNjEzMTUwMTE0WhcNMjUwNjE0MTUwMTE0WjAzMTEwLwYDVQQD
EyhlOWI1YjI0MzRkMTIyNzFkNDNkNDk2OWNkNmNkN2ViMzk0ODNiYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbk89N5lDS6Kcic5ufplYd2jIDKN
kWVg4ILQq8ElB4BoyN1mPCccdupClnrEFkNXowwBgOsWEetmfLxHOi9SAbd/22Em
7L2SND2wBlxii9ntWNiNqC6e5ewE0MzaFqcanGiV2lqhw5Ox+DHDt19EmsA4oZJK
8svxw29KFo5DS7HBlI0GL4kJssTljV6OT7OYu2s2YMOp44x918MeKvjBpnRGiwYD
kN5V81RinR0I7dT3vox4nFTDxdvNFVrnF9Cpc8ZI3Ui8RajSoyKadSZ9E6rHDJg+
KN5LQCcp8KfsjsvKF5GJyO1MFbV75MnDRGWUNG0f37V8hGVwQ9E0ceFfWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOm1skNNEicdQ9SWnNbNfrOUg7xNMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB/g23guw
MdtStnJXZ1+TXOOF3Yufq2FCwrLWiouR7dTCnp55OH5jyZ7RGv3LF6Vg3NPWGwo9
b5m+0h6EpmuR2FAzI9+GwIh6n7mi2edhYnYde0A3W24wcSNHQLr+hXlpse2LZCzv
pPAjy/Ce30cMFVUCCAiv13Cx+cD1NUWMvCYQjfGW7iDn5RIHjdsnVod/V+uHXfVa
7H6ipkOcE9qp99aBeJ2w/wXBwEqAQq5SYlWz4TaIaE/zsjWTd0bM/2+eWxOguVAY
SnRFc4sRfqNyXGFtmGUkpFfYaWsmp+Ec53uw2t6ImIcTqmwaMNgS+oP5uvM96VGQ
/IK6xeyEJRY9pg==
-----END CERTIFICATE-----