Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          LXmcf2g0R5o7Uba668yVc8gTTo6uaAF/ve6ga2TQ3Gc=
Subject key identifier:   2A:29:BF:0C:6D:A3:CC:43:84:B4:37:C6:E6:F9:34:6B:73:46:23:DA
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       01974A7B47D9717DC8AF8C1E56491A35C647
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          04D0
Signing time:             Sat 07 Jun 2025 13:01:22 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:22 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:22 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: NXXhGbRJIL4cAw1EBi3iGLvzLDVVl6g7sXogVKyhJeo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:47:d9:71:7d:c8:af:8c:1e:56:49:1a:35:c6:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Jun  7 13:01:22 2025 GMT
            Not After : Jun  8 13:01:22 2025 GMT
        Subject: CN=2a29bf0c6da3cc4384b437c6e6f9346b734623da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ec:43:1c:f0:b1:4c:62:e1:5b:ee:9e:71:e4:
                    97:e0:40:ef:7c:25:5f:23:1e:31:3f:85:09:9e:e9:
                    d1:e6:f9:56:16:d3:56:13:92:dc:c6:2f:3d:2e:2c:
                    6e:b3:dc:f9:c1:73:68:ca:e5:6d:20:41:cc:18:23:
                    66:ed:f8:18:d1:53:57:80:2b:15:dc:12:f9:40:c9:
                    a5:f3:b3:f5:4d:61:bc:43:fe:21:5d:20:fc:ac:7b:
                    a4:10:77:d5:93:b7:35:8c:a2:0b:37:9e:82:17:8a:
                    65:7a:bd:74:96:a7:f2:ca:c1:ed:d1:f0:00:f6:7e:
                    3c:2b:d4:d6:c4:3a:ff:fa:23:43:10:5b:6b:e3:36:
                    2c:1b:f4:04:19:e8:44:a4:fb:21:b4:3d:e8:6d:07:
                    9c:26:de:bc:84:ec:b5:40:ec:10:3f:7d:a6:36:7c:
                    c2:b8:65:54:65:92:e9:0a:32:47:e6:16:ea:b4:ef:
                    8f:b1:db:2d:a5:99:44:a8:f3:08:0c:f6:60:9c:0f:
                    a8:ba:b0:41:2d:37:0d:1b:b8:a6:e4:22:b2:2a:c1:
                    a0:25:ea:9b:d6:38:e2:61:84:f2:4a:b3:28:23:2f:
                    a8:7f:ae:f9:9d:53:a1:c9:b1:44:45:c2:da:d0:17:
                    97:76:ad:4e:31:bb:a1:83:54:13:b0:85:b9:b5:01:
                    ba:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:29:BF:0C:6D:A3:CC:43:84:B4:37:C6:E6:F9:34:6B:73:46:23:DA
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:23:9a:02:78:76:1c:21:7c:d2:dc:4a:2d:d8:a7:72:d1:89:
         ca:f2:ad:7e:33:55:24:8e:60:1a:6c:8f:ad:90:6f:df:a8:ac:
         96:92:09:a9:7b:20:0b:52:40:fc:68:64:6d:56:c3:1f:dd:30:
         f7:56:25:2a:74:0b:e4:73:fe:48:7d:b3:b6:28:43:98:5a:9e:
         90:48:04:b6:f0:31:fa:73:7e:50:f3:17:9e:cf:e3:67:b7:a8:
         eb:a0:ee:b5:70:dd:a1:4d:29:31:da:3f:0e:c4:8c:7b:a5:25:
         a4:fc:ee:fa:65:42:87:61:6c:f7:5b:bf:dc:0b:1d:85:f3:b0:
         6a:aa:67:1b:03:f2:af:61:9b:53:56:60:b7:00:a1:b5:9e:84:
         97:ee:05:76:06:f7:2d:fa:ff:4c:8b:ad:0d:fb:cd:de:d1:fd:
         3b:6f:e7:07:d5:c5:14:c7:4b:39:75:5b:d2:91:67:a8:e2:3f:
         72:c4:1c:87:92:d4:f1:be:2f:88:11:4a:54:82:c7:3c:56:17:
         82:38:1c:2a:b6:57:c8:68:27:d3:d0:af:ea:e2:9d:8c:2a:0c:
         31:c8:24:31:bf:83:75:10:47:09:8d:d7:4c:5f:86:84:d4:06:
         9f:3a:6b:15:37:63:29:0d:77:63:2f:d3:2b:bd:cb:b6:21:53:
         9c:0a:b4:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe0fZcX3Ir4weVkkaNcZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwNjA3MTMwMTIyWhcNMjUwNjA4MTMwMTIyWjAzMTEwLwYDVQQD
EygyYTI5YmYwYzZkYTNjYzQzODRiNDM3YzZlNmY5MzQ2YjczNDYyM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjexDHPCxTGLhW+6eceSX4EDvfCVf
Ix4xP4UJnunR5vlWFtNWE5Lcxi89Lixus9z5wXNoyuVtIEHMGCNm7fgY0VNXgCsV
3BL5QMml87P1TWG8Q/4hXSD8rHukEHfVk7c1jKILN56CF4pler10lqfyysHt0fAA
9n48K9TWxDr/+iNDEFtr4zYsG/QEGehEpPshtD3obQecJt68hOy1QOwQP32mNnzC
uGVUZZLpCjJH5hbqtO+PsdstpZlEqPMIDPZgnA+ourBBLTcNG7im5CKyKsGgJeqb
1jjiYYTySrMoIy+of675nVOhybFERcLa0BeXdq1OMbuhg1QTsIW5tQG6oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCopvwxto8xDhLQ3xub5NGtzRiPaMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaCOaAnh2
HCF80txKLdinctGJyvKtfjNVJI5gGmyPrZBv36islpIJqXsgC1JA/GhkbVbDH90w
91YlKnQL5HP+SH2ztihDmFqekEgEtvAx+nN+UPMXns/jZ7eo66DutXDdoU0pMdo/
DsSMe6UlpPzu+mVCh2Fs91u/3AsdhfOwaqpnGwPyr2GbU1ZgtwChtZ6El+4Fdgb3
Lfr/TIutDfvN3tH9O2/nB9XFFMdLOXVb0pFnqOI/csQch5LU8b4viBFKVILHPFYX
gjgcKrZXyGgn09Cv6uKdjCoMMcgkMb+DdRBHCY3XTF+GhNQGnzprFTdjKQ13Yy/T
K73LtiFTnAq0sg==
-----END CERTIFICATE-----