Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          51aqxQkcvMtO/y4D91jf9XIENU5I02XwTNcDKNUpbb4=
Subject key identifier:   B7:7D:58:CB:91:96:34:AF:D5:05:91:1A:D6:DB:93:DE:7C:F7:1B:4B
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       0197549058B7847160724E76443D65F6485D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          157E
Signing time:             Mon 09 Jun 2025 12:00:35 +0000
Manifest this update:     Mon 09 Jun 2025 12:00:35 +0000
Manifest next update:     Tue 10 Jun 2025 12:00:35 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: SUwTTM8N3KMrFZQnPt7TH1HhUXHqvmZ9KBbAxEfZiHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:90:58:b7:84:71:60:72:4e:76:44:3d:65:f6:48:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Jun  9 12:00:35 2025 GMT
            Not After : Jun 10 12:00:35 2025 GMT
        Subject: CN=b77d58cb919634afd505911ad6db93de7cf71b4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ae:fd:44:09:7f:46:67:eb:ef:dc:d8:80:94:
                    01:a1:e1:78:45:f2:59:c0:45:e4:39:c7:51:f4:09:
                    98:cf:ba:a7:a9:f9:cf:b7:d6:dd:f9:44:69:d7:0e:
                    79:d5:76:51:25:0a:6b:f2:4a:0d:0d:4f:87:54:8b:
                    3e:cc:c2:fc:ff:3c:2b:d7:a6:8d:0e:27:83:1c:c1:
                    1b:24:21:4b:79:6b:31:3a:61:da:5b:ec:ae:5d:84:
                    3d:1c:c1:dd:84:43:e4:d1:8f:5a:7b:77:1a:e6:6a:
                    d5:67:b6:eb:d9:e4:51:81:d5:ef:b7:4b:c8:93:5c:
                    ed:30:c4:95:14:12:77:95:2a:08:f2:d7:ef:80:2e:
                    f5:0b:2c:49:3f:17:f5:db:a7:ec:80:a4:89:fb:99:
                    0e:8e:f9:77:2f:57:6b:7b:44:8b:64:65:0e:16:c5:
                    f7:6c:e3:12:96:d0:e0:25:96:10:2b:ee:8c:92:52:
                    cc:9a:2a:9d:f8:96:b4:40:2b:a9:c3:55:4f:24:d7:
                    f0:b3:28:73:fb:97:ec:f4:20:1a:0e:49:8a:4b:ca:
                    64:ca:32:77:c6:90:60:77:b5:2d:ed:96:88:e1:37:
                    b5:ce:a7:8a:3f:33:60:c6:c4:36:2f:61:4b:b3:87:
                    28:c7:7c:b7:b1:6e:eb:90:bc:21:b8:01:2c:e9:74:
                    da:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:7D:58:CB:91:96:34:AF:D5:05:91:1A:D6:DB:93:DE:7C:F7:1B:4B
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:cf:ff:77:e2:69:34:4e:55:f2:1e:2c:a7:64:bb:3f:09:20:
         63:0d:9e:dc:d7:92:3e:8a:13:b4:b4:ec:94:f8:28:89:e6:1e:
         d2:8a:9e:f3:1f:de:f4:d9:51:49:cf:21:16:7f:6d:8f:ad:b1:
         06:4c:fe:eb:b8:46:36:0f:af:64:7f:74:7d:0a:3a:e3:6f:9e:
         b4:e6:ea:da:fd:59:66:9f:72:42:f5:5f:7d:d9:14:f4:1d:36:
         a0:98:7c:15:29:84:5f:7c:d8:af:bf:95:99:c3:fa:13:3a:af:
         ef:77:13:99:db:b5:17:a4:49:22:61:96:0c:8c:be:05:ad:ac:
         d4:89:08:74:67:4d:50:fd:a6:c2:5f:5c:59:0e:70:27:a5:77:
         78:7e:7d:cb:aa:8e:6e:ba:7d:c2:39:d8:a1:1a:46:9e:9c:00:
         6b:fc:24:36:2b:33:c5:bc:f7:c0:20:7c:7c:f0:b3:80:d7:b6:
         13:f0:9e:d8:80:55:dd:f2:27:f8:90:42:bc:30:b3:cd:6a:ba:
         fe:b8:ed:52:3f:31:65:e3:37:2a:95:da:ef:9a:6b:d8:00:3f:
         fa:57:e8:98:a6:1c:07:55:7e:bc:6f:6e:18:1b:c6:79:b0:41:
         95:7f:2f:ff:bb:8f:3c:f7:fc:7c:b0:1c:90:89:6a:e9:bf:a7:
         9c:40:56:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUkFi3hHFgck52RD1l9khdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwNjA5MTIwMDM1WhcNMjUwNjEwMTIwMDM1WjAzMTEwLwYDVQQD
EyhiNzdkNThjYjkxOTYzNGFmZDUwNTkxMWFkNmRiOTNkZTdjZjcxYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs679RAl/Rmfr79zYgJQBoeF4RfJZ
wEXkOcdR9AmYz7qnqfnPt9bd+URp1w551XZRJQpr8koNDU+HVIs+zML8/zwr16aN
DieDHMEbJCFLeWsxOmHaW+yuXYQ9HMHdhEPk0Y9ae3ca5mrVZ7br2eRRgdXvt0vI
k1ztMMSVFBJ3lSoI8tfvgC71CyxJPxf126fsgKSJ+5kOjvl3L1dre0SLZGUOFsX3
bOMSltDgJZYQK+6MklLMmiqd+Ja0QCupw1VPJNfwsyhz+5fs9CAaDkmKS8pkyjJ3
xpBgd7Ut7ZaI4Te1zqeKPzNgxsQ2L2FLs4cox3y3sW7rkLwhuAEs6XTaxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLd9WMuRljSv1QWRGtbbk9589xtLMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANs//d+Jp
NE5V8h4sp2S7PwkgYw2e3NeSPooTtLTslPgoieYe0oqe8x/e9NlRSc8hFn9tj62x
Bkz+67hGNg+vZH90fQo642+etObq2v1ZZp9yQvVffdkU9B02oJh8FSmEX3zYr7+V
mcP6Ezqv73cTmdu1F6RJImGWDIy+Ba2s1IkIdGdNUP2mwl9cWQ5wJ6V3eH59y6qO
brp9wjnYoRpGnpwAa/wkNiszxbz3wCB8fPCzgNe2E/Ce2IBV3fIn+JBCvDCzzWq6
/rjtUj8xZeM3KpXa75pr2AA/+lfomKYcB1V+vG9uGBvGebBBlX8v/7uPPPf8fLAc
kIlq6b+nnEBWsg==
-----END CERTIFICATE-----