Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          CIyAB19+Zh9fY+Luy4FHkF/wipN4vByTq6m4XrDqZHo=
Subject key identifier:   A4:15:C1:E0:B4:4C:CC:C8:4E:CC:69:30:F3:C2:E8:3D:9D:9C:DC:44
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       01974D4502CFE2E2653C3C8198A3B797F02E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 02:00:57 +0000
Manifest this update:     Sun 08 Jun 2025 02:00:57 +0000
Manifest next update:     Mon 09 Jun 2025 02:00:57 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: tC6W4GV9Wcv4dOCT6Bguy20qbLB+d4nVkFwJfuCvwPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 02:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:45:02:cf:e2:e2:65:3c:3c:81:98:a3:b7:97:f0:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Jun  8 02:00:57 2025 GMT
            Not After : Jun  9 02:00:57 2025 GMT
        Subject: CN=a415c1e0b44cccc84ecc6930f3c2e83d9d9cdc44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0b:84:79:0f:5a:98:f1:6a:ca:25:4a:22:6e:
                    d7:e0:58:31:fc:e5:9e:57:c9:8e:4f:cf:00:62:cb:
                    9c:3c:d8:ef:26:c0:21:47:c1:13:24:ed:58:19:32:
                    c7:f4:4a:d5:9a:96:0a:89:70:e1:e1:25:05:a0:9b:
                    0d:30:dd:00:19:e6:5e:a2:24:f9:53:4c:b5:97:89:
                    10:6c:be:4c:53:3e:3f:b8:f0:e0:aa:bc:08:a4:2d:
                    14:b5:c2:ec:4a:da:c4:42:5e:4a:bf:44:64:ac:c8:
                    6c:f5:18:8e:9f:74:d8:17:e5:b6:bf:ee:5b:f1:36:
                    f0:82:ce:2c:07:9e:d2:3c:04:cf:83:bc:b4:95:2f:
                    14:cd:af:8b:54:c8:74:8a:f9:6c:29:7b:43:02:ad:
                    8b:2b:99:cd:8e:e9:36:7e:58:40:82:f1:99:da:6f:
                    da:5e:14:4a:a7:35:21:6b:f4:4f:4f:26:b6:db:d8:
                    57:f7:50:8e:a8:a0:8d:25:70:47:b8:38:47:b0:18:
                    cc:3c:77:64:97:af:8f:eb:78:ac:78:6f:ca:c5:b1:
                    46:a1:8c:70:8c:47:b7:e6:4b:1d:cf:de:6c:55:9b:
                    df:45:bb:ec:5a:42:93:93:95:57:4b:cc:37:bb:b6:
                    7a:e0:6e:f5:f1:ae:f8:f6:c0:74:21:b6:54:cb:36:
                    24:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:15:C1:E0:B4:4C:CC:C8:4E:CC:69:30:F3:C2:E8:3D:9D:9C:DC:44
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:b4:39:a6:c8:1c:9b:a6:75:39:28:6b:2c:af:03:dc:06:4e:
         e4:b4:64:6e:96:b8:8e:de:18:dc:f5:9c:b8:dd:44:8c:17:e1:
         bf:01:36:3d:55:63:dc:db:d3:84:c1:54:5f:3b:a0:d7:17:60:
         b1:d3:ab:4f:6c:36:6e:e5:d9:c1:f1:03:bf:9b:ef:b6:a4:aa:
         99:22:1d:b6:e1:8b:a4:03:e6:6c:f2:a6:bf:15:e5:58:de:54:
         e3:e1:9d:33:fb:15:47:ea:8e:06:cf:31:b9:66:0f:f7:e9:e7:
         86:a8:10:54:b0:10:b4:37:46:75:ea:a9:5c:bf:8f:67:b8:63:
         b4:22:23:93:b0:3c:2e:38:a3:a5:c1:16:5a:f2:db:04:7b:1d:
         31:94:1b:7f:b9:be:dd:bf:27:b4:9f:3f:92:cb:22:05:a3:ff:
         ec:4d:6f:af:55:d4:3b:f0:0c:0a:32:d8:d1:22:6a:cb:83:b4:
         1d:34:91:f5:67:df:46:d0:ed:b0:22:fe:85:49:0d:1c:34:47:
         60:87:a7:c8:b9:c9:7c:82:45:85:9a:8a:ed:82:71:99:b5:26:
         38:e2:da:37:24:76:07:20:8d:d4:b5:93:da:cd:09:f5:4f:8e:
         7e:11:de:ff:a7:47:a5:ef:42:28:43:9d:3f:8b:04:86:98:47:
         23:86:e9:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRQLP4uJlPDyBmKO3l/AuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUwNjA4MDIwMDU3WhcNMjUwNjA5MDIwMDU3WjAzMTEwLwYDVQQD
EyhhNDE1YzFlMGI0NGNjY2M4NGVjYzY5MzBmM2MyZTgzZDlkOWNkYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAuEeQ9amPFqyiVKIm7X4Fgx/OWe
V8mOT88AYsucPNjvJsAhR8ETJO1YGTLH9ErVmpYKiXDh4SUFoJsNMN0AGeZeoiT5
U0y1l4kQbL5MUz4/uPDgqrwIpC0UtcLsStrEQl5Kv0RkrMhs9RiOn3TYF+W2v+5b
8Tbwgs4sB57SPATPg7y0lS8Uza+LVMh0ivlsKXtDAq2LK5nNjuk2flhAgvGZ2m/a
XhRKpzUha/RPTya229hX91COqKCNJXBHuDhHsBjMPHdkl6+P63iseG/KxbFGoYxw
jEe35ksdz95sVZvfRbvsWkKTk5VXS8w3u7Z64G718a749sB0IbZUyzYk1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQVweC0TMzITsxpMPPC6D2dnNxEMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYrQ5psgc
m6Z1OShrLK8D3AZO5LRkbpa4jt4Y3PWcuN1EjBfhvwE2PVVj3NvThMFUXzug1xdg
sdOrT2w2buXZwfEDv5vvtqSqmSIdtuGLpAPmbPKmvxXlWN5U4+GdM/sVR+qOBs8x
uWYP9+nnhqgQVLAQtDdGdeqpXL+PZ7hjtCIjk7A8LjijpcEWWvLbBHsdMZQbf7m+
3b8ntJ8/kssiBaP/7E1vr1XUO/AMCjLY0SJqy4O0HTSR9WffRtDtsCL+hUkNHDRH
YIenyLnJfIJFhZqK7YJxmbUmOOLaNyR2ByCN1LWT2s0J9U+OfhHe/6dHpe9CKEOd
P4sEhphHI4bpEQ==
-----END CERTIFICATE-----