Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          pKgbojuMdDUabznK6E4Hn+h1X7AyXiPTpnxf5LTKG/M=
Subject key identifier:   36:4A:FB:59:F5:A6:AF:AB:01:42:AA:50:43:CC:68:5B:89:78:0B:65
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       019765F1AB698637FC85C2DF972678D7A7DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A91
Signing time:             Thu 12 Jun 2025 21:00:25 +0000
Manifest this update:     Thu 12 Jun 2025 21:00:25 +0000
Manifest next update:     Fri 13 Jun 2025 21:00:25 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: 3pOX8oTIr8fLst+qwFluw5lQluhOSieZzqptCWONfjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:f1:ab:69:86:37:fc:85:c2:df:97:26:78:d7:a7:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 12 21:00:25 2025 GMT
            Not After : Jun 13 21:00:25 2025 GMT
        Subject: CN=364afb59f5a6afab0142aa5043cc685b89780b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7d:6c:d3:40:34:37:df:80:5d:d7:d5:6b:65:
                    9e:d6:13:6b:98:0d:c9:8f:a2:db:2a:64:6d:e1:f3:
                    a0:2a:46:c6:ab:b7:e1:e4:f0:95:8f:40:f8:0c:5f:
                    e6:6b:f0:7c:0e:3a:2c:ec:3a:db:f1:1e:e8:2d:3e:
                    57:89:99:c7:c9:89:40:d2:e1:97:9a:df:86:45:a2:
                    5c:d2:b1:b4:75:c3:51:78:96:e0:62:84:51:61:4c:
                    49:95:9d:0d:ae:87:73:a4:ab:8f:e9:1e:85:d8:7a:
                    17:f3:8d:bf:dc:a9:c6:d1:c6:3d:69:c1:d3:c8:37:
                    b4:78:0b:fb:dc:0d:f3:9e:84:b6:63:9f:3f:02:34:
                    b3:5b:8d:d6:15:ee:be:77:fa:3f:36:13:d8:2b:4a:
                    69:10:b5:45:62:18:6f:25:8d:d3:28:1a:1c:6b:c5:
                    45:d4:eb:32:3b:be:cb:c8:93:6a:30:34:87:c2:7c:
                    02:6e:7f:65:31:b9:d1:5c:52:a7:a2:af:43:64:94:
                    2c:c0:bc:d7:b7:a8:b5:20:11:00:6b:7f:cc:58:34:
                    79:28:66:99:9d:cf:cb:54:f3:12:21:6e:ce:63:02:
                    97:5d:a9:1e:e1:00:55:f5:75:cb:79:bb:55:db:b1:
                    20:2f:6d:fc:9f:71:4f:3e:ea:2c:3c:7c:cc:ef:a9:
                    90:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:4A:FB:59:F5:A6:AF:AB:01:42:AA:50:43:CC:68:5B:89:78:0B:65
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:2d:bf:b8:f3:03:e0:c3:ae:2f:d7:c0:ad:23:7f:c8:ca:17:
         a5:d5:2f:b9:ae:4f:b6:9a:62:3c:15:d2:97:ce:08:da:9b:75:
         82:f9:a7:13:78:40:6f:fb:ec:29:fe:4a:98:30:6e:b1:07:c5:
         4e:7c:35:d4:b4:e8:3a:e6:f3:9d:48:30:a6:1e:57:54:8e:c5:
         7e:6b:e7:a4:f8:f3:3a:4b:9e:4d:52:2e:3e:d9:e5:64:7e:54:
         f0:20:75:06:86:98:ea:7c:43:9b:ad:ec:5d:c3:47:95:7c:23:
         60:a2:f3:cb:07:d4:38:54:da:6c:b7:33:9a:6b:69:54:3a:9f:
         95:4f:25:2e:60:6e:d6:b7:e3:1c:34:3b:0e:a2:f1:68:3c:e7:
         bb:9a:23:ae:d4:18:16:03:16:a7:27:dc:d5:33:08:1b:c5:fe:
         c5:14:d6:c0:cc:6f:05:c4:db:80:1b:08:7e:39:08:74:5b:70:
         2c:8b:a6:4d:a3:3b:ea:c9:79:b5:79:7b:e4:78:d4:ef:64:ac:
         5d:00:ba:0c:0c:89:78:14:da:19:1a:88:73:74:ac:ad:f1:5f:
         7e:4d:0b:78:de:8e:ca:0e:29:1d:c5:1a:f3:31:88:2d:77:7f:
         d1:fb:0c:28:eb:01:9f:3e:8f:25:96:49:88:b0:34:73:22:c9:
         82:a8:66:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdl8atphjf8hcLflyZ416ffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjEyMjEwMDI1WhcNMjUwNjEzMjEwMDI1WjAzMTEwLwYDVQQD
EygzNjRhZmI1OWY1YTZhZmFiMDE0MmFhNTA0M2NjNjg1Yjg5NzgwYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn1s00A0N9+AXdfVa2We1hNrmA3J
j6LbKmRt4fOgKkbGq7fh5PCVj0D4DF/ma/B8Djos7Drb8R7oLT5XiZnHyYlA0uGX
mt+GRaJc0rG0dcNReJbgYoRRYUxJlZ0NrodzpKuP6R6F2HoX842/3KnG0cY9acHT
yDe0eAv73A3znoS2Y58/AjSzW43WFe6+d/o/NhPYK0ppELVFYhhvJY3TKBoca8VF
1OsyO77LyJNqMDSHwnwCbn9lMbnRXFKnoq9DZJQswLzXt6i1IBEAa3/MWDR5KGaZ
nc/LVPMSIW7OYwKXXake4QBV9XXLebtV27EgL238n3FPPuosPHzM76mQdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZK+1n1pq+rAUKqUEPMaFuJeAtlMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABC2/uPMD
4MOuL9fArSN/yMoXpdUvua5PtppiPBXSl84I2pt1gvmnE3hAb/vsKf5KmDBusQfF
Tnw11LToOubznUgwph5XVI7FfmvnpPjzOkueTVIuPtnlZH5U8CB1BoaY6nxDm63s
XcNHlXwjYKLzywfUOFTabLczmmtpVDqflU8lLmBu1rfjHDQ7DqLxaDznu5ojrtQY
FgMWpyfc1TMIG8X+xRTWwMxvBcTbgBsIfjkIdFtwLIumTaM76sl5tXl75HjU72Ss
XQC6DAyJeBTaGRqIc3SsrfFffk0LeN6Oyg4pHcUa8zGILXd/0fsMKOsBnz6PJZZJ
iLA0cyLJgqhmAw==
-----END CERTIFICATE-----