Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          uEtBzTwjRAzt3bIg8Rl+lZCs0t7zcvx5bFJ9E3K1R0E=
Subject key identifier:   02:3B:C4:F5:DF:74:B2:90:23:BB:FB:96:55:B8:C2:51:18:A9:9B:6A
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       01964B8FB61402ABFDB215EDC42150E73DC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          14F7
Signing time:             Sat 19 Apr 2025 01:00:31 +0000
Manifest this update:     Sat 19 Apr 2025 01:00:31 +0000
Manifest next update:     Sun 20 Apr 2025 01:00:31 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: S2XmbUmW8WwlsVJe1klYGa+Da1/J5kQFOzHx7Y2nr2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:8f:b6:14:02:ab:fd:b2:15:ed:c4:21:50:e7:3d:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Apr 19 01:00:31 2025 GMT
            Not After : Apr 20 01:00:31 2025 GMT
        Subject: CN=023bc4f5df74b29023bbfb9655b8c25118a99b6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:35:fa:03:3b:aa:91:22:c6:1c:ac:43:f3:f4:
                    92:5e:92:74:65:a9:79:24:c6:e4:e2:9e:ca:a5:93:
                    b3:4e:f3:14:58:25:a0:1e:c0:17:10:d1:2a:4a:d9:
                    fc:af:89:18:a7:f3:8f:f8:86:9e:7c:b4:fe:c6:de:
                    f6:33:21:ae:50:b4:ad:bf:bd:83:ca:a0:6a:be:df:
                    1c:4d:ab:0f:22:ba:7f:e0:d1:d1:c3:b0:82:e6:63:
                    a2:4a:2d:cb:42:02:f0:cc:eb:06:65:dc:86:a3:13:
                    98:9a:c6:d4:81:a6:b0:fb:46:a1:e4:80:8d:67:85:
                    06:26:7a:39:3d:2e:6a:7a:f4:84:a4:c5:98:d2:32:
                    54:80:fe:3a:5b:98:bb:4b:33:d6:59:93:94:98:d8:
                    b2:86:52:95:d0:7b:59:52:c2:7c:06:5a:7b:fe:a8:
                    d7:0c:5c:90:42:92:51:4c:03:b5:82:ee:6a:55:02:
                    43:45:8e:74:50:b3:6d:10:d9:ed:31:2e:6e:a4:5e:
                    bb:63:11:c3:e6:55:40:b7:7a:c4:21:05:03:d7:d4:
                    29:07:73:a4:5c:52:b3:78:98:2b:64:f0:cb:58:e6:
                    a5:4b:2a:26:24:c0:42:70:ab:56:8a:f9:b2:21:c5:
                    2d:be:e5:09:b3:e5:45:af:c4:b0:ca:2c:85:cb:1b:
                    93:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:3B:C4:F5:DF:74:B2:90:23:BB:FB:96:55:B8:C2:51:18:A9:9B:6A
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:1f:69:50:22:fc:50:53:f9:3f:fd:ec:77:41:80:be:c3:a7:
         10:c3:6e:30:dc:4c:11:68:e4:b2:7e:50:f3:68:75:f5:1a:c9:
         30:dd:9c:bd:66:0f:cb:4f:a2:8c:ce:a2:54:ba:1c:75:c4:a2:
         a5:b9:19:37:15:16:55:11:33:9c:0e:cc:f7:38:6d:b8:7e:bf:
         d6:4d:2e:58:3e:05:96:10:9f:23:b8:7d:b5:d8:ae:45:15:ee:
         60:28:8d:74:c9:dd:01:df:37:22:0f:02:64:51:06:86:c7:69:
         83:7d:b4:49:cf:be:e0:c7:af:05:6b:56:39:62:9d:43:c9:15:
         21:2b:85:e5:97:5c:2f:8d:35:c0:40:66:fe:c7:65:19:37:2b:
         8b:83:73:62:d5:57:93:bb:1a:4f:d6:e3:65:ee:f3:90:a6:2c:
         52:94:c0:74:8e:b9:01:af:85:a2:25:6c:90:ef:aa:8c:fe:fd:
         17:b9:7d:f1:95:d1:ae:a9:ee:5c:2b:48:36:60:a7:70:94:bb:
         54:10:1e:31:b9:39:d5:c4:02:55:57:db:e5:82:f1:03:b7:f2:
         d5:9a:1c:a5:85:2a:74:7c:41:25:f7:9b:c1:ad:78:ae:0b:55:
         57:54:1f:2f:9f:87:c4:5a:28:9a:83:fc:66:26:05:ac:f6:53:
         ef:8a:ca:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLj7YUAqv9shXtxCFQ5z3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUwNDE5MDEwMDMxWhcNMjUwNDIwMDEwMDMxWjAzMTEwLwYDVQQD
EygwMjNiYzRmNWRmNzRiMjkwMjNiYmZiOTY1NWI4YzI1MTE4YTk5YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjX6AzuqkSLGHKxD8/SSXpJ0Zal5
JMbk4p7KpZOzTvMUWCWgHsAXENEqStn8r4kYp/OP+IaefLT+xt72MyGuULStv72D
yqBqvt8cTasPIrp/4NHRw7CC5mOiSi3LQgLwzOsGZdyGoxOYmsbUgaaw+0ah5ICN
Z4UGJno5PS5qevSEpMWY0jJUgP46W5i7SzPWWZOUmNiyhlKV0HtZUsJ8Blp7/qjX
DFyQQpJRTAO1gu5qVQJDRY50ULNtENntMS5upF67YxHD5lVAt3rEIQUD19QpB3Ok
XFKzeJgrZPDLWOalSyomJMBCcKtWivmyIcUtvuUJs+VFr8SwyiyFyxuTIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAI7xPXfdLKQI7v7llW4wlEYqZtqMB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIB9pUCL8
UFP5P/3sd0GAvsOnEMNuMNxMEWjksn5Q82h19RrJMN2cvWYPy0+ijM6iVLocdcSi
pbkZNxUWVREznA7M9zhtuH6/1k0uWD4FlhCfI7h9tdiuRRXuYCiNdMndAd83Ig8C
ZFEGhsdpg320Sc++4MevBWtWOWKdQ8kVISuF5ZdcL401wEBm/sdlGTcri4NzYtVX
k7saT9bjZe7zkKYsUpTAdI65Aa+FoiVskO+qjP79F7l98ZXRrqnuXCtINmCncJS7
VBAeMbk51cQCVVfb5YLxA7fy1ZocpYUqdHxBJfebwa14rgtVV1QfL5+HxFoomoP8
ZiYFrPZT74rKcg==
-----END CERTIFICATE-----