Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          tVdzK4zLRNZ4tooAfWxTgff9onJF0eufmHC0MxnmMDk=
Subject key identifier:   8D:1E:FB:DB:E1:65:3A:61:A8:7B:C0:BF:7C:CE:C0:19:C8:B4:51:F5
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       01974B569B2504E04346BFB94C4092388743
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          1366
Signing time:             Sat 07 Jun 2025 17:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 17:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 17:00:56 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: 81Nw5CTIhTNTpGrJ5hHrihuC2z4PU+GPosxGhKn9LgQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:9b:25:04:e0:43:46:bf:b9:4c:40:92:38:87:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Jun  7 17:00:56 2025 GMT
            Not After : Jun  8 17:00:56 2025 GMT
        Subject: CN=8d1efbdbe1653a61a87bc0bf7ccec019c8b451f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:0d:c6:f4:83:be:ee:1e:02:01:e6:f9:2d:f5:
                    7d:3f:3a:e7:bf:a1:2d:13:44:ee:e3:60:10:7d:e4:
                    c3:d1:7a:05:17:4f:8c:cf:e1:d6:73:c0:ab:56:17:
                    3a:51:69:3d:aa:0e:44:04:7a:73:34:cc:af:a1:a8:
                    ec:a2:b4:9e:31:e3:b7:cc:9c:03:c1:59:fc:3c:ce:
                    31:64:3f:65:8a:8d:ec:69:3e:b5:af:a2:68:f0:94:
                    cc:9f:11:21:fb:de:c9:12:a0:65:f9:a9:4f:69:9e:
                    4a:54:fc:cc:2a:cd:48:77:ad:8c:a0:21:b3:8f:94:
                    cb:c1:ac:1a:0d:96:b2:48:7e:7e:3b:18:9f:f6:7a:
                    ec:24:06:ea:b2:e2:5f:c9:5c:cd:36:e6:96:5a:17:
                    b6:f6:13:04:be:38:90:e3:f2:3e:24:3f:aa:fb:18:
                    2c:76:ca:d4:0f:72:4a:a5:a7:3e:6f:8f:7a:9c:3b:
                    5f:48:49:6d:3f:66:fa:a9:31:0b:9b:42:b3:be:ca:
                    fa:58:4e:2c:ea:e2:39:df:01:5b:39:0c:60:b0:b2:
                    12:ab:09:22:67:0b:9a:c6:1f:7e:04:61:4b:63:07:
                    07:4a:6f:14:0c:f3:25:71:c9:11:e3:10:e2:9d:50:
                    a9:bf:de:54:9d:f5:f1:a0:85:1e:1e:07:e5:ae:e9:
                    8b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:1E:FB:DB:E1:65:3A:61:A8:7B:C0:BF:7C:CE:C0:19:C8:B4:51:F5
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:b8:3a:df:d7:8e:76:c6:0a:0e:a2:75:5d:22:5d:6e:66:5f:
         f8:95:05:ac:15:ae:a6:2a:97:54:ad:e4:55:69:69:2f:67:d1:
         89:33:df:07:e5:a1:98:ca:72:84:4c:70:7d:99:7f:94:ce:06:
         53:7a:76:c5:39:79:ce:98:c1:7c:de:f6:3d:8d:c8:a4:d0:33:
         f3:69:75:19:89:88:4f:45:98:d5:6d:44:97:58:e3:eb:51:6f:
         72:70:a9:6c:b1:8d:ce:07:c7:bd:80:da:7d:6b:e4:97:24:b8:
         5a:98:53:b8:a4:d6:28:a3:b1:76:f9:6a:80:46:f4:6f:18:2a:
         f0:6a:01:85:e4:b3:c5:36:aa:5d:25:58:c8:fe:3d:2d:a1:88:
         d8:ce:9a:76:3c:6e:1d:fe:c4:37:a9:da:01:9d:a9:bc:26:a5:
         68:d3:01:48:80:34:80:4c:13:72:ec:a6:76:38:cd:eb:7c:68:
         12:e7:21:a1:66:9a:9e:cd:60:55:7c:da:f4:f8:21:f8:87:b9:
         73:e8:d9:6b:54:ec:95:a2:ba:86:29:58:1d:7b:b0:58:35:85:
         c0:98:be:2f:c5:da:a3:fa:04:b4:d3:e0:66:aa:9b:81:52:80:
         e0:17:0d:04:31:fc:cd:80:81:0e:28:c9:f0:b9:63:69:7f:49:
         59:f6:d4:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVpslBOBDRr+5TECSOIdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUwNjA3MTcwMDU2WhcNMjUwNjA4MTcwMDU2WjAzMTEwLwYDVQQD
Eyg4ZDFlZmJkYmUxNjUzYTYxYTg3YmMwYmY3Y2NlYzAxOWM4YjQ1MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw3G9IO+7h4CAeb5LfV9Pzrnv6Et
E0Tu42AQfeTD0XoFF0+Mz+HWc8CrVhc6UWk9qg5EBHpzNMyvoajsorSeMeO3zJwD
wVn8PM4xZD9lio3saT61r6Jo8JTMnxEh+97JEqBl+alPaZ5KVPzMKs1Id62MoCGz
j5TLwawaDZaySH5+Oxif9nrsJAbqsuJfyVzNNuaWWhe29hMEvjiQ4/I+JD+q+xgs
dsrUD3JKpac+b496nDtfSEltP2b6qTELm0Kzvsr6WE4s6uI53wFbOQxgsLISqwki
Zwuaxh9+BGFLYwcHSm8UDPMlcckR4xDinVCpv95UnfXxoIUeHgflrumLEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0e+9vhZTphqHvAv3zOwBnItFH1MB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwrg639eO
dsYKDqJ1XSJdbmZf+JUFrBWupiqXVK3kVWlpL2fRiTPfB+WhmMpyhExwfZl/lM4G
U3p2xTl5zpjBfN72PY3IpNAz82l1GYmIT0WY1W1El1jj61FvcnCpbLGNzgfHvYDa
fWvklyS4WphTuKTWKKOxdvlqgEb0bxgq8GoBheSzxTaqXSVYyP49LaGI2M6adjxu
Hf7EN6naAZ2pvCalaNMBSIA0gEwTcuymdjjN63xoEuchoWaans1gVXza9Pgh+Ie5
c+jZa1TslaK6hilYHXuwWDWFwJi+L8Xao/oEtNPgZqqbgVKA4BcNBDH8zYCBDijJ
8LljaX9JWfbU/A==
-----END CERTIFICATE-----