Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          BLyg3Bm0VO+cNwBf9059CtwNXOG1JKzNrwZsVTEnCRI=
Subject key identifier:   31:26:A0:F9:23:50:97:EE:B3:C9:8F:B9:F5:C4:6B:02:AC:0D:AD:D1
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       01976629213C31B455E64F6C7FC65EBA0467
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C1B
Signing time:             Thu 12 Jun 2025 22:01:00 +0000
Manifest this update:     Thu 12 Jun 2025 22:01:00 +0000
Manifest next update:     Fri 13 Jun 2025 22:01:00 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: vdqXA441yTaJ318AZ0l9G9x3Qo4k27lJl1/dYkBcI5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:29:21:3c:31:b4:55:e6:4f:6c:7f:c6:5e:ba:04:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun 12 22:01:00 2025 GMT
            Not After : Jun 13 22:01:00 2025 GMT
        Subject: CN=3126a0f9235097eeb3c98fb9f5c46b02ac0dadd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:c9:75:67:aa:96:77:4a:de:15:ea:29:41:ff:
                    fb:96:9e:2e:6a:54:de:22:3f:6b:53:17:a1:dd:77:
                    7d:76:74:ed:cd:98:f5:00:1a:02:48:40:53:90:5e:
                    db:e5:95:b3:34:9f:ea:9f:c5:12:8e:80:42:25:62:
                    d6:e4:44:cb:07:bc:5f:10:38:ae:74:88:d1:8c:c5:
                    ae:3e:b0:61:75:78:a2:a6:cb:3f:b7:01:38:98:f0:
                    d4:dc:88:b3:51:df:c1:22:7d:f0:26:5a:16:12:e7:
                    8d:7b:5f:2b:f3:e3:d2:ee:69:4b:f2:05:af:a8:9d:
                    3a:03:9f:15:64:1a:19:84:9e:8d:91:c8:37:0a:2c:
                    4c:35:08:55:5c:f4:fe:03:6c:5f:d8:21:1c:5b:49:
                    44:f8:81:6e:a6:6c:9c:57:de:8c:1c:69:1b:0f:db:
                    6e:ab:05:a2:2d:65:42:b3:ed:87:1a:43:ef:24:29:
                    e5:a9:12:ef:89:92:95:47:a0:6a:6d:12:17:ba:f6:
                    04:11:9b:a8:65:e4:19:14:7d:49:37:20:54:44:ec:
                    3d:9f:bf:0c:45:cc:e4:25:eb:bc:ed:63:94:5e:1d:
                    50:74:8e:5f:b6:73:a7:a4:8d:4d:ce:34:8e:93:71:
                    37:7a:38:ea:07:2d:4b:3a:a8:07:cb:00:9a:78:d3:
                    8a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:26:A0:F9:23:50:97:EE:B3:C9:8F:B9:F5:C4:6B:02:AC:0D:AD:D1
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:62:ef:18:71:46:74:ee:b5:a6:e4:d8:9b:6d:a9:15:19:31:
         a8:45:8c:09:9f:95:01:8f:c5:60:a1:5d:db:b7:6a:ab:92:5b:
         f0:b7:a5:3b:54:46:da:a2:c4:f0:45:c2:ca:e4:a7:79:60:66:
         ff:c8:37:c9:77:99:2d:41:89:06:3e:98:91:d0:86:09:67:3b:
         16:66:1f:86:eb:cf:8e:bb:c8:82:27:88:15:33:27:dc:75:a3:
         9a:9b:30:be:24:11:d2:22:b6:33:72:51:46:7b:6c:89:c9:22:
         8b:a5:7c:d1:97:ff:e3:8d:a0:62:db:56:c2:6c:98:b5:43:49:
         45:5e:49:a1:69:f2:41:7e:a9:8e:30:e3:95:b8:bd:39:55:8a:
         cc:1b:7a:ee:0d:84:69:ab:e5:b3:91:d3:4f:7a:dd:bc:3d:cf:
         d7:0c:0a:b2:1f:7c:3a:df:42:45:a1:ff:21:f7:87:79:7e:cc:
         0d:37:98:36:f9:6c:2c:ad:ff:78:1f:22:7c:cf:eb:f8:0c:3d:
         57:79:eb:b4:49:42:1b:9c:88:da:57:02:96:28:c7:4e:ee:33:
         5c:40:79:88:c8:fa:fa:1c:d5:3f:4a:d7:8d:99:55:44:5d:5a:
         4c:27:bf:60:f3:3d:30:80:e7:f7:13:79:3b:89:38:c8:04:a6:
         4b:68:b2:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmKSE8MbRV5k9sf8ZeugRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjEyMjIwMTAwWhcNMjUwNjEzMjIwMTAwWjAzMTEwLwYDVQQD
EygzMTI2YTBmOTIzNTA5N2VlYjNjOThmYjlmNWM0NmIwMmFjMGRhZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ml1Z6qWd0reFeopQf/7lp4ualTe
Ij9rUxeh3Xd9dnTtzZj1ABoCSEBTkF7b5ZWzNJ/qn8USjoBCJWLW5ETLB7xfEDiu
dIjRjMWuPrBhdXiipss/twE4mPDU3IizUd/BIn3wJloWEueNe18r8+PS7mlL8gWv
qJ06A58VZBoZhJ6Nkcg3CixMNQhVXPT+A2xf2CEcW0lE+IFupmycV96MHGkbD9tu
qwWiLWVCs+2HGkPvJCnlqRLviZKVR6BqbRIXuvYEEZuoZeQZFH1JNyBUROw9n78M
RczkJeu87WOUXh1QdI5ftnOnpI1NzjSOk3E3ejjqBy1LOqgHywCaeNOK5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDEmoPkjUJfus8mPufXEawKsDa3RMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACmLvGHFG
dO61puTYm22pFRkxqEWMCZ+VAY/FYKFd27dqq5Jb8LelO1RG2qLE8EXCyuSneWBm
/8g3yXeZLUGJBj6YkdCGCWc7FmYfhuvPjrvIgieIFTMn3HWjmpswviQR0iK2M3JR
Rntsickii6V80Zf/442gYttWwmyYtUNJRV5JoWnyQX6pjjDjlbi9OVWKzBt67g2E
aavls5HTT3rdvD3P1wwKsh98Ot9CRaH/IfeHeX7MDTeYNvlsLK3/eB8ifM/r+Aw9
V3nrtElCG5yI2lcClijHTu4zXEB5iMj6+hzVP0rXjZlVRF1aTCe/YPM9MIDn9xN5
O4k4yASmS2iyHw==
-----END CERTIFICATE-----