Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          vXYOHTA2n8u8PRNTuB2xB9lFsawddInRepOIJKI+EU4=
Subject key identifier:   8F:7E:74:31:47:F1:FD:88:92:1F:3B:DE:4B:7E:14:7A:7F:5D:94:6E
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       01964F6D528BF9BA9E1B287822F061978453
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          044E
Signing time:             Sat 19 Apr 2025 19:01:26 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:26 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:26 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: 88g5OoIIrshlJTiNf58eQNgE4UBnCQUybH72irnzK9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:52:8b:f9:ba:9e:1b:28:78:22:f0:61:97:84:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Apr 19 19:01:26 2025 GMT
            Not After : Apr 20 19:01:26 2025 GMT
        Subject: CN=8f7e743147f1fd88921f3bde4b7e147a7f5d946e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7f:c1:16:d0:0e:ae:1b:1c:f5:cb:5e:e7:39:
                    70:65:02:df:98:32:f1:13:ab:81:b8:03:80:35:33:
                    db:7d:2b:46:8d:f4:1d:fc:1e:f0:e7:0c:a5:3a:a6:
                    0b:83:dc:8f:ad:af:83:89:c9:98:0f:7e:3d:67:cf:
                    e8:1a:96:37:23:32:3e:56:55:08:90:7e:88:27:4c:
                    74:e2:7a:82:51:20:50:89:87:71:30:cf:00:c9:ab:
                    1e:68:1e:8b:00:60:0c:e2:53:2d:a7:fe:cf:99:3e:
                    4c:07:6c:f7:82:da:b5:cb:f8:60:0d:0f:20:0c:8e:
                    38:a3:57:46:72:a7:8b:10:61:ca:b9:d9:8b:b0:c0:
                    03:a1:4a:dc:b9:b6:0a:bc:a6:74:35:83:24:e0:9b:
                    8e:5f:87:51:8b:09:a1:52:3b:d7:56:2e:a0:32:59:
                    d4:b9:87:9a:60:3c:79:da:8f:4f:c0:83:54:f9:c7:
                    bd:c9:83:e0:05:52:c7:62:7e:33:b8:3e:19:33:71:
                    be:49:66:1e:1e:a6:47:bd:21:aa:5e:fc:bf:72:09:
                    58:9f:b3:39:9b:ba:9a:5e:15:f0:e7:4e:17:8c:62:
                    0b:cb:bd:4e:6d:d7:45:a1:e7:41:59:62:42:4b:5d:
                    73:ae:1a:87:ea:b0:c7:f1:b0:82:9d:bb:44:94:c7:
                    3f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:7E:74:31:47:F1:FD:88:92:1F:3B:DE:4B:7E:14:7A:7F:5D:94:6E
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:67:ab:28:f3:5a:51:c0:8a:29:91:a4:53:6b:0d:8e:3f:4f:
         d0:5e:64:86:36:42:69:19:b6:f8:dd:05:85:dc:20:f0:14:b2:
         39:c8:68:ab:63:93:3a:3a:82:66:80:62:66:a5:89:a9:4c:e0:
         1b:cf:d9:5a:cb:2e:bb:80:30:59:be:cc:74:a7:ab:74:e8:78:
         06:5c:f0:8b:9f:0f:69:40:37:bb:58:f8:10:da:10:b3:ef:a3:
         09:d4:82:45:8f:46:a4:74:7b:01:85:f7:83:53:29:b5:bd:32:
         af:de:34:d1:49:11:2b:14:54:9f:3b:2f:77:45:84:5d:eb:ec:
         87:4d:a5:87:3d:d2:70:e9:d6:f3:4a:cf:45:e2:dc:1a:3f:cf:
         a0:06:40:f2:8b:97:c0:3d:03:27:7b:ff:dc:c9:2a:cb:e1:4f:
         b7:af:10:19:cf:35:aa:5d:e4:13:69:fc:3a:e2:8c:e6:89:98:
         c7:f8:14:8e:1d:3c:66:35:c8:a7:cc:e9:89:a9:50:42:14:d6:
         ad:38:8c:b6:87:0c:15:d8:69:9f:6f:e0:88:f2:6c:2c:ef:d1:
         21:0b:0a:13:52:5f:b9:b2:a0:a0:2f:b6:ac:41:63:66:2b:38:
         34:b1:52:0b:3b:83:64:97:8d:de:8b:d0:92:ba:7b:ff:64:de:
         8b:8f:da:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbVKL+bqeGyh4IvBhl4RTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwNDE5MTkwMTI2WhcNMjUwNDIwMTkwMTI2WjAzMTEwLwYDVQQD
Eyg4ZjdlNzQzMTQ3ZjFmZDg4OTIxZjNiZGU0YjdlMTQ3YTdmNWQ5NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3/BFtAOrhsc9cte5zlwZQLfmDLx
E6uBuAOANTPbfStGjfQd/B7w5wylOqYLg9yPra+DicmYD349Z8/oGpY3IzI+VlUI
kH6IJ0x04nqCUSBQiYdxMM8AyaseaB6LAGAM4lMtp/7PmT5MB2z3gtq1y/hgDQ8g
DI44o1dGcqeLEGHKudmLsMADoUrcubYKvKZ0NYMk4JuOX4dRiwmhUjvXVi6gMlnU
uYeaYDx52o9PwINU+ce9yYPgBVLHYn4zuD4ZM3G+SWYeHqZHvSGqXvy/cglYn7M5
m7qaXhXw504XjGILy71ObddFoedBWWJCS11zrhqH6rDH8bCCnbtElMc/ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9+dDFH8f2Ikh873kt+FHp/XZRuMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWerKPNa
UcCKKZGkU2sNjj9P0F5khjZCaRm2+N0Fhdwg8BSyOchoq2OTOjqCZoBiZqWJqUzg
G8/ZWssuu4AwWb7MdKerdOh4Blzwi58PaUA3u1j4ENoQs++jCdSCRY9GpHR7AYX3
g1Mptb0yr9400UkRKxRUnzsvd0WEXevsh02lhz3ScOnW80rPReLcGj/PoAZA8ouX
wD0DJ3v/3Mkqy+FPt68QGc81ql3kE2n8OuKM5omYx/gUjh08ZjXIp8zpialQQhTW
rTiMtocMFdhpn2/giPJsLO/RIQsKE1JfubKgoC+2rEFjZis4NLFSCzuDZJeN3ovQ
krp7/2Tei4/adA==
-----END CERTIFICATE-----