Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          gfKstuuR/0xZfh2gpaZLaHKSdw+fXvbve+n2IrW2fk0=
Subject key identifier:   B3:1F:25:67:1D:EE:C4:DF:0F:55:D0:2D:6B:27:76:9D:F1:55:30:A7
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       0197643A33832A0ED48B8FC8D631EF1BCB2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C1A
Signing time:             Thu 12 Jun 2025 13:00:25 +0000
Manifest this update:     Thu 12 Jun 2025 13:00:25 +0000
Manifest next update:     Fri 13 Jun 2025 13:00:25 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: oTqUWSY4h8H7Ott627RvNRXb1jDImk+YpRF6Qzxlh7g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:3a:33:83:2a:0e:d4:8b:8f:c8:d6:31:ef:1b:cb:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun 12 13:00:25 2025 GMT
            Not After : Jun 13 13:00:25 2025 GMT
        Subject: CN=b31f25671deec4df0f55d02d6b27769df15530a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d7:6f:84:2b:f5:79:a5:87:c4:11:14:7e:1d:
                    fc:5b:fe:06:87:dc:2f:df:12:08:70:6b:e6:f5:62:
                    cb:f2:fe:04:36:bc:09:fc:e6:37:fc:e8:e6:9d:23:
                    80:3b:7c:46:79:dd:e6:59:4d:5e:37:02:27:db:0d:
                    a8:d3:d8:aa:00:f6:e2:69:b4:bb:7a:55:71:eb:82:
                    dd:2c:c4:cd:c4:5b:a1:08:15:ff:c5:00:77:20:a5:
                    c2:e8:33:1d:67:62:2d:9a:e5:d9:29:da:eb:d3:06:
                    38:8f:b6:3b:bd:b2:af:b5:5d:75:20:41:a8:89:31:
                    67:fb:04:a4:7b:1e:ee:38:bf:84:5a:dd:0a:3f:76:
                    7a:08:50:8d:0b:7f:ca:37:c6:0a:99:87:e2:ee:24:
                    c6:1d:d9:ae:e4:d1:91:17:e8:7d:9f:50:b8:07:9b:
                    c3:c8:b5:63:29:06:52:44:c4:89:4b:23:6d:dd:38:
                    41:03:0f:df:a6:1f:a5:c8:c3:20:29:9e:7d:1b:32:
                    13:49:10:3b:de:90:8a:2c:49:c9:ba:4b:b3:77:b6:
                    63:99:4c:a9:4c:83:26:39:ef:15:e8:ae:63:79:79:
                    b8:e9:d8:58:f7:85:ab:ff:32:ff:b9:08:24:65:7f:
                    b3:c2:17:52:fc:e5:e0:83:6e:cf:99:b0:9c:bd:53:
                    d8:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:1F:25:67:1D:EE:C4:DF:0F:55:D0:2D:6B:27:76:9D:F1:55:30:A7
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:0d:2b:9d:7b:44:6e:89:b5:61:a5:06:59:58:4d:dd:ca:e1:
         d5:1a:92:ee:04:bc:ee:0e:53:4f:05:51:03:18:95:72:c3:46:
         c9:40:4c:91:9e:91:4b:48:20:ca:e3:3e:36:a1:ef:a7:24:8b:
         2c:0b:94:f9:bf:d7:10:fe:b4:82:24:eb:48:07:24:4f:c0:dd:
         17:ff:d7:1a:f7:6d:ad:0c:d9:06:a0:e8:a1:f5:86:82:a2:f5:
         c3:70:2f:c0:1a:dd:b4:c3:05:06:29:c6:e6:ec:17:1c:78:cd:
         9a:eb:22:e1:11:38:99:3f:e1:14:17:57:14:5c:e7:70:cb:8b:
         83:0b:4b:2d:ad:19:55:32:d0:26:1e:77:4e:4d:40:96:63:dd:
         10:13:03:61:b2:2f:c2:69:e0:ce:3c:4f:70:2b:4f:91:cf:aa:
         dc:90:5f:5f:2f:0f:fe:18:b2:42:78:5b:20:bb:13:5d:40:18:
         3c:f5:79:c0:43:0b:f6:ed:35:cb:26:ff:70:16:04:19:c9:2f:
         38:67:c1:1d:e7:06:bd:22:65:e8:26:47:ca:9e:8f:4a:ed:60:
         3f:45:be:46:77:be:4d:fb:43:0d:a5:68:63:43:58:82:aa:de:
         33:6e:f0:59:88:0a:ca:7a:69:c9:60:30:51:18:af:e2:71:5f:
         c6:2e:3d:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOjODKg7Ui4/I1jHvG8stMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjEyMTMwMDI1WhcNMjUwNjEzMTMwMDI1WjAzMTEwLwYDVQQD
EyhiMzFmMjU2NzFkZWVjNGRmMGY1NWQwMmQ2YjI3NzY5ZGYxNTUzMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9dvhCv1eaWHxBEUfh38W/4Gh9wv
3xIIcGvm9WLL8v4ENrwJ/OY3/OjmnSOAO3xGed3mWU1eNwIn2w2o09iqAPbiabS7
elVx64LdLMTNxFuhCBX/xQB3IKXC6DMdZ2ItmuXZKdrr0wY4j7Y7vbKvtV11IEGo
iTFn+wSkex7uOL+EWt0KP3Z6CFCNC3/KN8YKmYfi7iTGHdmu5NGRF+h9n1C4B5vD
yLVjKQZSRMSJSyNt3ThBAw/fph+lyMMgKZ59GzITSRA73pCKLEnJukuzd7ZjmUyp
TIMmOe8V6K5jeXm46dhY94Wr/zL/uQgkZX+zwhdS/OXgg27PmbCcvVPYaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMfJWcd7sTfD1XQLWsndp3xVTCnMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJA0rnXtE
bom1YaUGWVhN3crh1RqS7gS87g5TTwVRAxiVcsNGyUBMkZ6RS0ggyuM+NqHvpySL
LAuU+b/XEP60giTrSAckT8DdF//XGvdtrQzZBqDoofWGgqL1w3AvwBrdtMMFBinG
5uwXHHjNmusi4RE4mT/hFBdXFFzncMuLgwtLLa0ZVTLQJh53Tk1AlmPdEBMDYbIv
wmngzjxPcCtPkc+q3JBfXy8P/hiyQnhbILsTXUAYPPV5wEML9u01yyb/cBYEGckv
OGfBHecGvSJl6CZHyp6PSu1gP0W+Rne+TftDDaVoY0NYgqreM27wWYgKynppyWAw
URiv4nFfxi49cg==
-----END CERTIFICATE-----