Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          S+05S2hQlkmxS2oqWbnlZG0FTqN93b8r6ocO0j2k3OI=
Subject key identifier:   79:B5:92:86:CF:D7:2B:F7:C9:CE:D7:41:A6:A4:6A:43:09:91:21:F0
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       0197481E369763DBD7DC8E32D81427D7AFB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          0155
Signing time:             Sat 07 Jun 2025 02:00:29 +0000
Manifest this update:     Sat 07 Jun 2025 02:00:29 +0000
Manifest next update:     Sun 08 Jun 2025 02:00:29 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: iToiXBfewSZu+SElo6b3pRUdck5j7XoU94hmg1mpbLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 02:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:1e:36:97:63:db:d7:dc:8e:32:d8:14:27:d7:af:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Jun  7 02:00:29 2025 GMT
            Not After : Jun  8 02:00:29 2025 GMT
        Subject: CN=79b59286cfd72bf7c9ced741a6a46a43099121f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e8:ed:7e:6e:86:7d:7f:bb:bc:f5:3f:c3:8c:
                    bf:c4:6a:cb:d9:a8:df:18:90:6b:b7:11:19:54:c8:
                    57:44:43:d5:29:79:bf:f2:c2:52:48:f1:b9:4b:65:
                    88:cc:bf:18:5c:f0:62:bc:65:f1:39:d6:db:a6:73:
                    35:58:10:89:05:ac:75:90:18:a1:49:76:f2:2d:91:
                    32:74:ba:ec:97:67:81:47:cd:99:49:d6:ed:b9:f2:
                    72:63:b2:44:4b:cc:7f:e0:14:23:8e:ef:a8:57:23:
                    7a:9a:a3:d5:e6:1f:80:c9:e4:2d:94:78:47:4a:85:
                    d6:43:50:5a:75:6b:f8:eb:ff:2a:e5:8a:6e:1d:76:
                    d6:68:9b:7d:b9:67:b8:7b:65:71:2c:7b:b6:a9:6e:
                    0a:fb:13:46:b9:d7:19:2e:d8:90:6c:67:60:5e:1c:
                    05:d4:bc:79:94:8b:e6:7e:f2:69:fc:68:12:94:f0:
                    54:59:90:ab:c3:6c:2e:a6:fe:d7:f1:c8:60:69:a1:
                    f6:ff:28:33:aa:e8:16:ac:30:64:8d:70:34:4c:6a:
                    57:da:c0:c8:0b:8e:3d:3b:76:06:cc:10:be:77:f0:
                    de:da:c3:f5:74:76:ee:e1:fe:69:12:f5:69:ea:6f:
                    12:2e:2e:47:52:1b:8f:21:c6:16:31:80:78:92:20:
                    ba:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:B5:92:86:CF:D7:2B:F7:C9:CE:D7:41:A6:A4:6A:43:09:91:21:F0
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:cf:8d:94:96:18:69:f7:00:ca:a9:0e:02:c4:78:20:a9:3b:
         65:db:8a:a7:5d:d7:9c:c9:c9:8c:8f:e4:de:e2:8a:3c:cc:5e:
         d8:e8:0f:38:30:cd:07:48:b8:24:d9:ac:53:16:46:bb:bb:0c:
         98:c6:8e:b3:26:53:aa:fd:3d:22:74:9c:12:84:49:03:8c:a8:
         04:ef:01:ed:ee:24:84:f8:4e:08:2f:b5:b3:09:34:25:5f:f7:
         55:39:86:70:bf:bc:ab:53:a4:1b:b6:dd:74:51:e3:23:95:23:
         2a:9d:7b:c4:ba:e3:f1:96:bc:dd:59:4e:44:33:b5:bc:f1:da:
         4b:37:81:ee:5e:c3:42:6c:f5:c9:1d:dd:23:ce:9b:3b:74:d6:
         1d:d1:23:47:af:55:63:76:71:1b:5e:2e:d4:27:f1:bb:ce:59:
         06:24:f8:e4:26:f0:8c:7d:4d:d1:f7:34:0d:23:b3:d6:22:92:
         c3:02:36:3a:52:40:92:aa:02:fe:6c:dc:11:f1:73:ac:85:48:
         1f:1d:aa:a7:ce:7b:68:ef:42:27:9f:ea:c6:83:33:f3:36:26:
         c5:83:0a:81:b9:03:a0:87:18:e5:cb:85:fd:83:37:e0:c3:b2:
         a1:a3:8c:78:71:b9:37:97:0b:15:32:37:ed:a6:5e:1b:9a:c5:
         8f:30:90:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIHjaXY9vX3I4y2BQn16+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwNjA3MDIwMDI5WhcNMjUwNjA4MDIwMDI5WjAzMTEwLwYDVQQD
Eyg3OWI1OTI4NmNmZDcyYmY3YzljZWQ3NDFhNmE0NmE0MzA5OTEyMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+jtfm6GfX+7vPU/w4y/xGrL2ajf
GJBrtxEZVMhXREPVKXm/8sJSSPG5S2WIzL8YXPBivGXxOdbbpnM1WBCJBax1kBih
SXbyLZEydLrsl2eBR82ZSdbtufJyY7JES8x/4BQjju+oVyN6mqPV5h+AyeQtlHhH
SoXWQ1BadWv46/8q5YpuHXbWaJt9uWe4e2VxLHu2qW4K+xNGudcZLtiQbGdgXhwF
1Lx5lIvmfvJp/GgSlPBUWZCrw2wupv7X8chgaaH2/ygzqugWrDBkjXA0TGpX2sDI
C449O3YGzBC+d/De2sP1dHbu4f5pEvVp6m8SLi5HUhuPIcYWMYB4kiC6gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHm1kobP1yv3yc7XQaakakMJkSHwMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqc+NlJYY
afcAyqkOAsR4IKk7ZduKp13XnMnJjI/k3uKKPMxe2OgPODDNB0i4JNmsUxZGu7sM
mMaOsyZTqv09InScEoRJA4yoBO8B7e4khPhOCC+1swk0JV/3VTmGcL+8q1OkG7bd
dFHjI5UjKp17xLrj8Za83VlORDO1vPHaSzeB7l7DQmz1yR3dI86bO3TWHdEjR69V
Y3ZxG14u1Cfxu85ZBiT45CbwjH1N0fc0DSOz1iKSwwI2OlJAkqoC/mzcEfFzrIVI
Hx2qp857aO9CJ5/qxoMz8zYmxYMKgbkDoIcY5cuF/YM34MOyoaOMeHG5N5cLFTI3
7aZeG5rFjzCQ+Q==
-----END CERTIFICATE-----