Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          pVXdAP5XXrodjHSW7d9Hby3J145JU8TpcEo+0Agt+pI=
Subject key identifier:   97:25:D7:DF:7A:EF:B0:6C:64:0E:69:07:09:B8:DA:7E:D4:F0:84:F7
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0195903DAE29C9BFA4F40FF72228646A3B0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          1495
Signing time:             Thu 13 Mar 2025 16:01:56 +0000
Manifest this update:     Thu 13 Mar 2025 16:01:56 +0000
Manifest next update:     Fri 14 Mar 2025 16:01:56 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: iuHdeYK83JeQDXyENmO0wgFipKaZCHXp3ZgB32a8a8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3d:ae:29:c9:bf:a4:f4:0f:f7:22:28:64:6a:3b:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Mar 13 16:01:56 2025 GMT
            Not After : Mar 14 16:01:56 2025 GMT
        Subject: CN=9725d7df7aefb06c640e690709b8da7ed4f084f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:70:da:3b:ee:a0:3b:bb:51:c2:94:96:24:63:
                    00:90:27:27:5f:3e:2d:cc:d4:ae:64:d7:4c:13:e0:
                    be:c9:a5:ad:85:02:cf:96:e1:79:6d:35:6c:48:be:
                    fb:9e:6b:60:90:a5:73:e6:78:8e:d1:ff:bb:8e:7b:
                    65:28:87:18:e6:68:28:87:78:1c:51:a7:a4:66:35:
                    df:61:c0:20:d8:6c:47:5f:61:fc:c9:47:c6:0e:66:
                    54:a6:42:fc:6c:f2:5c:a4:17:64:4d:f9:fe:a9:57:
                    e3:1d:c9:65:76:cf:2c:cd:1c:db:2e:2c:9e:58:a2:
                    fd:d7:18:fe:c6:1d:bd:5f:74:51:81:69:58:19:5a:
                    2d:1e:d5:ed:92:47:ce:0b:a1:db:21:ad:72:a6:83:
                    95:f0:ab:88:e5:66:54:69:62:23:28:cb:57:9d:8b:
                    12:2f:10:62:6b:6b:ea:bd:48:f2:e7:11:c8:77:f0:
                    c8:e1:20:dc:85:fe:77:8d:cb:e2:23:eb:3a:d4:ea:
                    83:6d:23:99:a4:17:d7:fc:6a:c2:b4:4a:36:11:57:
                    33:ee:35:92:12:55:96:3c:d9:59:36:f3:61:9e:85:
                    1e:c3:3f:62:cb:24:80:ee:cb:e3:7f:98:c7:4c:b3:
                    5b:b4:07:8b:80:d7:f8:17:82:dc:0e:dc:e3:37:1e:
                    8d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:25:D7:DF:7A:EF:B0:6C:64:0E:69:07:09:B8:DA:7E:D4:F0:84:F7
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:b7:d7:11:94:52:75:3f:05:bc:de:8f:a5:4f:35:66:ac:65:
         35:ab:5e:ed:96:c5:cd:3a:1d:0d:e3:73:58:df:c5:09:39:9f:
         30:d4:df:e0:46:72:9f:23:31:44:a3:1b:f7:4f:32:7c:95:54:
         db:32:e5:73:7f:f8:97:75:66:33:35:a1:51:2b:64:46:f9:4d:
         cf:3a:7f:03:c6:f8:f0:e5:d4:58:31:65:33:8c:4c:a6:2e:1d:
         46:7f:13:db:7a:67:1a:ee:b0:9a:fd:9b:bb:6e:ff:9a:c1:5f:
         4e:f3:54:47:32:7d:19:55:7c:87:bd:68:1d:09:e2:7e:49:3c:
         1f:f0:92:fb:12:47:c5:cc:72:2c:92:05:8f:40:2e:aa:23:44:
         e7:fb:57:2d:a2:25:9a:e3:10:7c:70:82:18:95:5c:47:1f:f6:
         9d:3c:6b:b3:2a:62:07:67:ce:e2:d0:16:f8:0e:d6:5b:89:f5:
         fb:a7:3b:19:ae:85:bf:9a:fe:70:f9:5b:d2:c3:2d:5b:3f:5e:
         37:c7:e3:ce:47:c1:55:48:eb:dc:94:b5:b8:dc:e1:f5:94:5d:
         23:12:dc:9e:bf:5e:1b:7c:5b:56:8a:00:be:47:16:a3:8b:95:
         22:2e:ee:7b:a5:5d:bd:6e:05:31:5d:dd:fd:14:7a:20:e1:13:
         ff:cc:95:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPa4pyb+k9A/3IihkajsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwMzEzMTYwMTU2WhcNMjUwMzE0MTYwMTU2WjAzMTEwLwYDVQQD
Eyg5NzI1ZDdkZjdhZWZiMDZjNjQwZTY5MDcwOWI4ZGE3ZWQ0ZjA4NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnDaO+6gO7tRwpSWJGMAkCcnXz4t
zNSuZNdME+C+yaWthQLPluF5bTVsSL77nmtgkKVz5niO0f+7jntlKIcY5mgoh3gc
UaekZjXfYcAg2GxHX2H8yUfGDmZUpkL8bPJcpBdkTfn+qVfjHcllds8szRzbLiye
WKL91xj+xh29X3RRgWlYGVotHtXtkkfOC6HbIa1ypoOV8KuI5WZUaWIjKMtXnYsS
LxBia2vqvUjy5xHId/DI4SDchf53jcviI+s61OqDbSOZpBfX/GrCtEo2EVcz7jWS
ElWWPNlZNvNhnoUewz9iyySA7svjf5jHTLNbtAeLgNf4F4LcDtzjNx6NmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcl199677BsZA5pBwm42n7U8IT3MB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlbfXEZRS
dT8FvN6PpU81ZqxlNate7ZbFzTodDeNzWN/FCTmfMNTf4EZynyMxRKMb908yfJVU
2zLlc3/4l3VmMzWhUStkRvlNzzp/A8b48OXUWDFlM4xMpi4dRn8T23pnGu6wmv2b
u27/msFfTvNURzJ9GVV8h71oHQnifkk8H/CS+xJHxcxyLJIFj0AuqiNE5/tXLaIl
muMQfHCCGJVcRx/2nTxrsypiB2fO4tAW+A7WW4n1+6c7Ga6Fv5r+cPlb0sMtWz9e
N8fjzkfBVUjr3JS1uNzh9ZRdIxLcnr9eG3xbVooAvkcWo4uVIi7ue6VdvW4FMV3d
/RR6IOET/8yVAw==
-----END CERTIFICATE-----