Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          Gaey/7YPnXIK3JuzKNzsToieMQHaHhO13+cEGurakdo=
Subject key identifier:   EA:14:33:F2:EB:E3:D2:DE:55:B9:E2:C6:34:E9:DE:AE:48:72:18:37
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       0197624BD437D44B52182CF7FBC9AA0AEE20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C19
Signing time:             Thu 12 Jun 2025 04:00:26 +0000
Manifest this update:     Thu 12 Jun 2025 04:00:26 +0000
Manifest next update:     Fri 13 Jun 2025 04:00:26 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: kZH1iGkNASfWQ0G80KHBvLr1yp33FYPj4cPZ8UaO9f8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:4b:d4:37:d4:4b:52:18:2c:f7:fb:c9:aa:0a:ee:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun 12 04:00:26 2025 GMT
            Not After : Jun 13 04:00:26 2025 GMT
        Subject: CN=ea1433f2ebe3d2de55b9e2c634e9deae48721837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3f:58:af:e5:ec:bb:db:b0:95:b9:d0:58:e0:
                    54:a3:e5:c9:c9:88:d9:c2:68:b4:da:2e:e8:6c:6e:
                    60:94:55:c8:10:f0:f0:a7:80:26:8b:af:bf:65:31:
                    8c:25:bb:6b:e3:9d:30:a5:12:f2:ad:30:1e:d7:a6:
                    e0:56:6d:0c:5e:e9:ae:16:b0:22:cf:ae:c5:e1:80:
                    9e:75:43:55:a0:4f:a4:9b:96:94:70:1f:9b:d0:23:
                    2c:2d:92:ef:e6:04:f0:8e:13:8c:33:29:81:11:40:
                    54:ed:07:41:55:f6:88:e7:57:98:de:2c:9b:d2:8b:
                    2d:6a:d4:22:38:72:8e:8a:e2:db:57:a9:c8:fd:43:
                    c9:ab:8e:2d:ea:85:ce:a0:bd:47:6c:90:5d:69:c1:
                    1d:d0:f7:d2:a7:bc:1c:86:fb:bc:78:8f:5e:24:96:
                    54:b1:76:19:c9:6a:f3:fd:e8:bc:73:3d:19:be:3d:
                    b1:f6:14:e5:3c:0b:84:b8:87:11:7d:66:c2:8e:ea:
                    0d:62:c0:db:13:11:a6:fc:e1:78:d5:84:55:ef:b3:
                    5f:7f:14:eb:c3:e3:8a:94:77:47:6a:48:5d:d3:b5:
                    bf:b2:8f:73:36:c4:e1:32:13:16:63:3c:2c:e9:0f:
                    9e:f5:dc:14:f0:4b:0e:19:07:78:b0:ef:e9:1d:fc:
                    f9:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:14:33:F2:EB:E3:D2:DE:55:B9:E2:C6:34:E9:DE:AE:48:72:18:37
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:0c:ad:81:e5:4c:d8:37:bd:74:19:25:06:94:f2:f4:60:0d:
         4b:9e:83:01:69:76:22:ce:e0:ab:c6:3b:a4:71:d8:42:d1:09:
         eb:be:bb:66:2d:c7:ad:f1:67:65:be:21:4f:f6:46:f2:c3:61:
         f2:8c:08:e1:b2:cc:13:77:9b:3c:80:26:1a:3b:c7:3d:c6:b6:
         75:20:aa:69:5d:52:e4:ff:10:ce:8b:92:dc:74:e7:8a:7a:59:
         14:f5:1b:05:78:22:bd:77:73:b1:92:08:2b:59:13:4e:29:7c:
         02:2c:ab:44:74:b2:d5:d3:19:cd:8b:4e:b4:a2:57:f4:44:4b:
         ad:42:ee:4e:0b:8b:d7:67:71:61:c3:67:f3:42:d8:ef:3d:f6:
         8f:b3:c9:df:c6:d5:3c:bb:6a:62:90:c0:f9:62:41:a9:f3:75:
         81:e8:29:b0:fa:16:e2:00:94:1d:3b:40:b7:be:b5:3d:c2:56:
         36:a4:a4:63:4f:7f:b9:d3:a7:b5:8d:82:52:d1:27:a9:16:a9:
         c6:0a:39:c3:03:5e:aa:ab:91:32:67:1d:2f:af:a7:43:50:dd:
         f0:4e:d6:29:b6:0a:05:fb:1f:e2:f3:d8:f3:4e:1d:3e:f8:58:
         fa:eb:2b:9b:c4:05:ed:2e:ad:f0:b5:9c:ed:b5:08:f6:fc:4d:
         31:e4:e5:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiS9Q31EtSGCz3+8mqCu4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjEyMDQwMDI2WhcNMjUwNjEzMDQwMDI2WjAzMTEwLwYDVQQD
EyhlYTE0MzNmMmViZTNkMmRlNTViOWUyYzYzNGU5ZGVhZTQ4NzIxODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD9Yr+Xsu9uwlbnQWOBUo+XJyYjZ
wmi02i7obG5glFXIEPDwp4Ami6+/ZTGMJbtr450wpRLyrTAe16bgVm0MXumuFrAi
z67F4YCedUNVoE+km5aUcB+b0CMsLZLv5gTwjhOMMymBEUBU7QdBVfaI51eY3iyb
0ostatQiOHKOiuLbV6nI/UPJq44t6oXOoL1HbJBdacEd0PfSp7wchvu8eI9eJJZU
sXYZyWrz/ei8cz0Zvj2x9hTlPAuEuIcRfWbCjuoNYsDbExGm/OF41YRV77NffxTr
w+OKlHdHakhd07W/so9zNsThMhMWYzws6Q+e9dwU8EsOGQd4sO/pHfz5sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoUM/Lr49LeVbnixjTp3q5Ichg3MB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApgytgeVM
2De9dBklBpTy9GANS56DAWl2Is7gq8Y7pHHYQtEJ6767Zi3HrfFnZb4hT/ZG8sNh
8owI4bLME3ebPIAmGjvHPca2dSCqaV1S5P8QzouS3HTninpZFPUbBXgivXdzsZII
K1kTTil8AiyrRHSy1dMZzYtOtKJX9ERLrULuTguL12dxYcNn80LY7z32j7PJ38bV
PLtqYpDA+WJBqfN1gegpsPoW4gCUHTtAt761PcJWNqSkY09/udOntY2CUtEnqRap
xgo5wwNeqquRMmcdL6+nQ1Dd8E7WKbYKBfsf4vPY804dPvhY+usrm8QF7S6t8LWc
7bUI9vxNMeTlyg==
-----END CERTIFICATE-----