Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          28b2NK9YyC2emWBVfgiX38435SUoJyR5a5zjvyb5/gM=
Subject key identifier:   B4:98:EB:AC:F1:DD:81:DA:FD:E9:AE:D9:4C:1B:51:5B:F7:3C:9E:46
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       01974DB265FB3892057B6E3110C3A25B5866
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          09D0
Signing time:             Sun 08 Jun 2025 04:00:26 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:26 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:26 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: HpzRq/s4IMAJD4L+09sRzx20buUxVv8VkQA6nB9clDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:65:fb:38:92:05:7b:6e:31:10:c3:a2:5b:58:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Jun  8 04:00:26 2025 GMT
            Not After : Jun  9 04:00:26 2025 GMT
        Subject: CN=b498ebacf1dd81dafde9aed94c1b515bf73c9e46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:21:e8:c3:2e:8c:81:ef:87:94:32:4c:7c:d3:
                    48:21:25:22:12:01:d3:e1:8f:16:66:b3:60:5f:67:
                    87:12:ce:6b:5b:ef:13:b9:35:35:83:08:fd:6c:83:
                    b3:c4:db:8a:64:b3:a0:99:08:70:ce:ca:cd:4c:0e:
                    26:fe:6c:a2:2a:aa:25:9b:dd:78:46:5f:19:9a:11:
                    40:45:4d:6b:15:1f:b8:ce:25:87:78:14:6e:73:92:
                    84:4a:da:2d:01:f2:56:48:68:11:0c:f5:5a:61:a0:
                    bf:31:bf:86:cb:6b:4e:36:f2:71:8e:f4:5f:25:37:
                    91:4b:0c:44:99:f8:72:b0:2a:ad:b4:89:1a:a1:5e:
                    4a:8a:1c:de:7e:99:45:a0:98:21:ff:82:c5:55:3d:
                    ca:6a:90:94:8a:8d:b0:e6:6c:35:72:44:27:3a:5f:
                    bb:8b:19:aa:d0:80:8e:a2:9f:34:ea:5a:2f:8d:b6:
                    e5:2e:2c:22:3d:ca:06:22:53:40:a4:f9:eb:00:54:
                    75:32:4e:2c:2a:a0:e7:5a:70:88:49:d8:0b:a0:6d:
                    35:60:98:02:ab:b0:48:9b:02:5f:ad:92:4e:a0:2b:
                    59:50:5b:d0:90:88:d5:8d:c1:1a:3c:10:85:19:1a:
                    3f:4a:9c:b1:8a:29:db:b2:0f:aa:79:b1:42:e1:b5:
                    ad:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:98:EB:AC:F1:DD:81:DA:FD:E9:AE:D9:4C:1B:51:5B:F7:3C:9E:46
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:e1:a5:75:24:b3:27:d8:0e:d1:8b:b0:8a:dd:09:65:73:7a:
         f7:ff:ed:34:a2:47:0d:0c:dd:70:82:15:0f:c2:40:ef:18:74:
         4e:59:30:47:db:bd:4f:f2:c1:cd:a2:a0:a3:16:8a:fd:1d:21:
         29:42:8f:d8:45:11:dc:90:c2:7e:b4:e5:ee:e8:15:34:ca:32:
         02:4c:8c:7b:e2:37:7c:97:e2:fd:80:9f:f3:d6:f2:fe:7f:6f:
         58:e0:aa:b0:0d:64:08:f5:c8:cb:1c:64:fe:a4:da:ed:79:2a:
         e5:4a:6b:54:b2:df:b9:19:61:4f:6f:84:72:ad:23:9c:f0:bf:
         bf:88:ab:53:ea:ef:7d:a7:f3:4f:dc:bd:59:67:55:98:3f:7e:
         09:b9:bc:e7:12:16:71:0b:f5:29:00:a9:70:cd:b5:bd:8e:07:
         5b:a6:fd:20:4a:04:e7:b0:d1:0c:3b:81:0e:c3:78:1c:14:ab:
         f8:eb:9c:5c:1f:e3:85:27:62:6b:69:69:b6:e7:c0:c6:c9:85:
         ed:13:13:06:64:1c:d2:a8:af:a1:17:c2:bd:80:32:a3:c0:f4:
         67:fe:9f:71:8c:42:5d:f5:dc:57:01:41:14:81:0a:57:b8:ee:
         74:b0:66:c4:8e:a9:06:8d:d6:43:a9:01:d3:58:4b:64:2d:6f:
         d9:ee:df:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNsmX7OJIFe24xEMOiW1hmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwNjA4MDQwMDI2WhcNMjUwNjA5MDQwMDI2WjAzMTEwLwYDVQQD
EyhiNDk4ZWJhY2YxZGQ4MWRhZmRlOWFlZDk0YzFiNTE1YmY3M2M5ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CHowy6Mge+HlDJMfNNIISUiEgHT
4Y8WZrNgX2eHEs5rW+8TuTU1gwj9bIOzxNuKZLOgmQhwzsrNTA4m/myiKqolm914
Rl8ZmhFARU1rFR+4ziWHeBRuc5KEStotAfJWSGgRDPVaYaC/Mb+Gy2tONvJxjvRf
JTeRSwxEmfhysCqttIkaoV5KihzefplFoJgh/4LFVT3KapCUio2w5mw1ckQnOl+7
ixmq0ICOop806lovjbblLiwiPcoGIlNApPnrAFR1Mk4sKqDnWnCISdgLoG01YJgC
q7BImwJfrZJOoCtZUFvQkIjVjcEaPBCFGRo/Spyxiinbsg+qebFC4bWtswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSY66zx3YHa/emu2UwbUVv3PJ5GMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGOGldSSz
J9gO0Yuwit0JZXN69//tNKJHDQzdcIIVD8JA7xh0TlkwR9u9T/LBzaKgoxaK/R0h
KUKP2EUR3JDCfrTl7ugVNMoyAkyMe+I3fJfi/YCf89by/n9vWOCqsA1kCPXIyxxk
/qTa7Xkq5UprVLLfuRlhT2+Ecq0jnPC/v4irU+rvfafzT9y9WWdVmD9+Cbm85xIW
cQv1KQCpcM21vY4HW6b9IEoE57DRDDuBDsN4HBSr+OucXB/jhSdia2lptufAxsmF
7RMTBmQc0qivoRfCvYAyo8D0Z/6fcYxCXfXcVwFBFIEKV7judLBmxI6pBo3WQ6kB
01hLZC1v2e7feA==
-----END CERTIFICATE-----