Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          Vs3DoEyJfZyLp+esvabzRq04iQQcQ3UEjWTRI2GfNrA=
Subject key identifier:   3B:99:80:69:06:C4:91:A1:8D:D6:5F:9C:A3:36:01:49:27:4E:7A:5F
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       019752D8D916EFCC4D2E3886C3291CD00D3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          157F
Signing time:             Mon 09 Jun 2025 04:00:32 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:32 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:32 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: UXtwk32yelQNGqt8AknCOj/bhp3CHxlkR7Mn/ZBjfXc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d8:d9:16:ef:cc:4d:2e:38:86:c3:29:1c:d0:0d:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Jun  9 04:00:32 2025 GMT
            Not After : Jun 10 04:00:32 2025 GMT
        Subject: CN=3b99806906c491a18dd65f9ca3360149274e7a5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:57:79:ec:26:ab:f7:78:ff:da:15:8d:4d:63:
                    40:db:aa:73:16:3b:8d:83:11:27:3c:a8:59:1e:29:
                    77:d0:2d:50:f5:f7:61:d0:8c:43:72:34:86:dd:a9:
                    3f:bb:81:19:93:c6:16:d9:41:ee:b0:24:7a:7e:c0:
                    b0:94:ab:67:78:0d:b3:e2:8e:12:d8:59:2c:30:d2:
                    24:2f:d9:fc:62:62:fa:76:44:ca:88:9a:55:f6:e0:
                    a9:9b:a7:30:c5:5f:7f:be:6c:72:05:57:0c:25:eb:
                    f0:bc:57:20:ec:c5:6d:90:6b:92:16:71:33:44:58:
                    bc:ed:bc:f4:3a:77:42:9c:52:d3:34:e2:38:76:78:
                    91:71:ac:3f:c0:e1:18:1e:7a:f1:51:a4:ab:2e:72:
                    f2:09:99:3d:6f:b5:dd:a0:fc:76:b1:9c:78:9b:f4:
                    e3:d4:d3:0d:ad:b6:62:10:e3:1e:29:6a:66:e2:86:
                    90:90:4a:20:f4:92:5f:06:a5:20:d6:f1:fc:06:26:
                    f7:92:1f:94:a6:53:e1:67:de:55:68:e6:54:b8:89:
                    59:d0:af:a1:cb:41:bc:34:ac:fc:5a:e4:29:e1:09:
                    71:32:4d:b5:60:f2:7e:1a:1b:d6:a1:6a:44:41:7a:
                    89:bd:7a:7f:0f:5e:e4:8e:b9:f6:1e:ac:00:c2:46:
                    a8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:99:80:69:06:C4:91:A1:8D:D6:5F:9C:A3:36:01:49:27:4E:7A:5F
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:bc:9e:a3:7f:30:9d:9d:fe:f8:be:8b:59:77:cd:49:b3:b6:
         5a:36:e9:0a:92:42:1f:f9:4e:0c:5c:6a:44:af:61:8f:66:2d:
         b5:de:65:3a:1f:22:6c:0f:79:56:28:94:15:15:f6:81:26:05:
         8f:61:60:d4:b1:ac:c9:74:45:14:bb:5f:c4:c7:8a:1c:4a:24:
         d6:7c:74:2c:e5:0a:bf:b7:df:28:d1:43:84:37:97:7e:5f:65:
         9e:cc:98:45:8d:85:d9:14:de:93:1b:01:77:93:de:aa:f7:03:
         00:69:6c:b4:5b:de:88:c0:2e:41:be:3e:f7:28:1b:63:38:2d:
         b9:00:04:1e:80:c8:95:93:55:cb:34:f6:d3:51:66:f3:2a:77:
         13:a9:20:79:f5:11:d7:21:78:26:9a:33:ff:b8:92:89:ee:1a:
         80:3c:76:2f:5c:75:5d:7d:5b:66:f9:b4:21:d2:d2:61:4a:a5:
         46:82:b3:39:9f:68:03:ec:fb:e4:77:a7:2b:c8:52:e8:08:a0:
         57:fc:a5:72:b3:46:44:b2:55:d6:b2:2a:54:7d:8a:82:d5:5e:
         a3:98:7c:0d:ba:dd:a9:fb:55:39:6f:97:08:ac:82:e4:9d:d1:
         57:7d:76:92:f2:55:5c:bb:d3:16:13:1c:95:a3:bb:36:8a:56:
         ee:04:71:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2NkW78xNLjiGwykc0A0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjUwNjA5MDQwMDMyWhcNMjUwNjEwMDQwMDMyWjAzMTEwLwYDVQQD
EygzYjk5ODA2OTA2YzQ5MWExOGRkNjVmOWNhMzM2MDE0OTI3NGU3YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ld57Car93j/2hWNTWNA26pzFjuN
gxEnPKhZHil30C1Q9fdh0IxDcjSG3ak/u4EZk8YW2UHusCR6fsCwlKtneA2z4o4S
2FksMNIkL9n8YmL6dkTKiJpV9uCpm6cwxV9/vmxyBVcMJevwvFcg7MVtkGuSFnEz
RFi87bz0OndCnFLTNOI4dniRcaw/wOEYHnrxUaSrLnLyCZk9b7XdoPx2sZx4m/Tj
1NMNrbZiEOMeKWpm4oaQkEog9JJfBqUg1vH8Bib3kh+UplPhZ95VaOZUuIlZ0K+h
y0G8NKz8WuQp4QlxMk21YPJ+GhvWoWpEQXqJvXp/D17kjrn2HqwAwkaoPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuZgGkGxJGhjdZfnKM2AUknTnpfMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASbyeo38w
nZ3++L6LWXfNSbO2WjbpCpJCH/lODFxqRK9hj2Yttd5lOh8ibA95ViiUFRX2gSYF
j2Fg1LGsyXRFFLtfxMeKHEok1nx0LOUKv7ffKNFDhDeXfl9lnsyYRY2F2RTekxsB
d5PeqvcDAGlstFveiMAuQb4+9ygbYzgtuQAEHoDIlZNVyzT201Fm8yp3E6kgefUR
1yF4Jpoz/7iSie4agDx2L1x1XX1bZvm0IdLSYUqlRoKzOZ9oA+z75HenK8hS6Aig
V/ylcrNGRLJV1rIqVH2KgtVeo5h8DbrdqftVOW+XCKyC5J3RV312kvJVXLvTFhMc
laO7NopW7gRx7g==
-----END CERTIFICATE-----