Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
File:                     OM0kYRn4VtiXOodwvsOf_EejydY.mft (raw, json)
Hash identifier:          +c023CqjiQHE6b3ZQFaU8A/TFZ0gFzDVhVJCwbC/eu8=
Subject key identifier:   6F:00:38:6B:D0:A7:0E:94:55:6D:4C:C2:66:80:36:08:DC:C1:41:AD
Authority key identifier: 38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6
Certificate issuer:       /CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
Certificate serial:       019759EDDAA06C8CE10FD4BE80743927B6E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
Manifest number:          1582
Signing time:             Tue 10 Jun 2025 13:00:49 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:49 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:49 +0000
Files and hashes:         1: OM0kYRn4VtiXOodwvsOf_EejydY.crl (hash: 94nnmStprq+lmpNqzqlmJLGS9leWQPImH2zhv38JP84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:da:a0:6c:8c:e1:0f:d4:be:80:74:39:27:b6:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
        Validity
            Not Before: Jun 10 13:00:49 2025 GMT
            Not After : Jun 11 13:00:49 2025 GMT
        Subject: CN=6f00386bd0a70e94556d4cc266803608dcc141ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c6:cf:df:de:45:8b:95:f6:37:be:b0:75:12:
                    e7:1b:a0:f7:86:4a:5e:00:9f:85:b8:67:83:f8:a5:
                    73:10:31:f0:a5:e1:cc:b8:86:55:ad:94:fd:04:d1:
                    a7:dc:16:80:12:c7:1f:89:a6:fc:52:a4:ca:c7:71:
                    2f:5b:74:5a:f5:bb:8e:95:51:5f:d0:47:50:cf:37:
                    56:83:e9:b5:9c:12:19:1d:64:f5:9f:4b:eb:bd:16:
                    35:6d:70:96:92:c3:f5:4f:36:38:c2:b9:32:7b:d5:
                    08:53:61:1e:28:39:99:50:5c:35:f2:ef:13:80:a3:
                    26:70:1e:53:fc:e8:8a:c9:48:28:7e:0e:29:15:81:
                    65:76:2a:bb:54:11:63:80:89:1e:dc:59:c2:93:de:
                    7a:2e:03:d0:8f:69:fa:35:80:02:dc:4c:02:32:c4:
                    39:b4:17:cf:d0:3b:cb:56:6d:f1:17:9c:b4:72:9d:
                    15:06:a0:2f:e9:99:20:38:d5:2b:02:74:27:5d:a5:
                    d6:d5:ac:6b:b1:e5:86:22:04:f9:a5:1b:63:c0:6b:
                    bf:3b:dd:32:be:82:82:67:f0:76:ea:45:0d:37:f9:
                    4c:1c:9d:d8:b9:7d:89:70:94:55:3d:47:b0:e6:1b:
                    08:93:3e:58:e0:e9:4c:2a:13:da:c7:8b:23:2b:de:
                    09:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:00:38:6B:D0:A7:0E:94:55:6D:4C:C2:66:80:36:08:DC:C1:41:AD
            X509v3 Authority Key Identifier:
                keyid:38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:81:0e:81:75:2b:44:36:2d:40:ea:68:f4:dd:76:39:b8:5f:
         47:60:f5:b1:d7:e6:59:8b:13:fb:54:49:97:cd:06:38:59:42:
         23:26:9c:bb:26:00:1d:2d:b1:5a:05:80:1a:bd:ef:68:bb:c3:
         95:33:62:7e:97:e8:06:a3:64:e8:f0:91:ff:9f:14:be:5e:ac:
         7d:8f:2f:40:b2:e7:a7:62:24:6c:e2:a5:3b:d7:70:fe:f0:5c:
         f6:82:b5:df:b4:3c:f5:02:43:61:5b:9a:4a:a5:7f:0c:b0:c5:
         99:2c:ec:ad:90:81:c3:56:9e:51:ec:87:74:2e:c7:22:b1:86:
         b9:09:40:82:63:db:2b:99:e6:ed:e6:0b:62:89:b8:67:8d:52:
         be:fc:95:dc:9d:95:dc:9b:a8:9f:f0:4b:14:f2:60:2d:df:17:
         31:c8:2d:68:db:3c:7d:b3:21:00:9d:15:08:69:1b:be:2a:e0:
         7f:c6:04:02:79:01:97:5f:84:fc:2c:1a:6c:1d:58:72:9a:92:
         b0:26:83:c1:b4:1f:a3:92:9f:53:b3:c9:33:7e:97:15:d3:f2:
         86:ca:93:f7:21:65:36:c2:21:d4:53:e5:e1:7b:1d:b6:a7:ff:
         60:a6:c4:3e:fe:73:98:64:80:d6:2a:2d:d4:f5:88:b1:2f:9f:
         1b:32:d7:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7dqgbIzhD9S+gHQ5J7bgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2QyNDYxMTlmODU2ZDg5NzNhODc3MGJlYzM5ZmZjNDdh
M2M5ZDYwHhcNMjUwNjEwMTMwMDQ5WhcNMjUwNjExMTMwMDQ5WjAzMTEwLwYDVQQD
Eyg2ZjAwMzg2YmQwYTcwZTk0NTU2ZDRjYzI2NjgwMzYwOGRjYzE0MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMbP395Fi5X2N76wdRLnG6D3hkpe
AJ+FuGeD+KVzEDHwpeHMuIZVrZT9BNGn3BaAEscfiab8UqTKx3EvW3Ra9buOlVFf
0EdQzzdWg+m1nBIZHWT1n0vrvRY1bXCWksP1TzY4wrkye9UIU2EeKDmZUFw18u8T
gKMmcB5T/OiKyUgofg4pFYFldiq7VBFjgIke3FnCk956LgPQj2n6NYAC3EwCMsQ5
tBfP0DvLVm3xF5y0cp0VBqAv6ZkgONUrAnQnXaXW1axrseWGIgT5pRtjwGu/O90y
voKCZ/B26kUNN/lMHJ3YuX2JcJRVPUew5hsIkz5Y4OlMKhPax4sjK94JSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8AOGvQpw6UVW1MwmaANgjcwUGtMB8GA1UdIwQY
MBaAFDjNJGEZ+FbYlzqHcL7Dn/xHo8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMt
OGZjZDUzZDQzMWQ1LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMtOGZjZDUzZDQzMWQ1
LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYEOgXUr
RDYtQOpo9N12ObhfR2D1sdfmWYsT+1RJl80GOFlCIyacuyYAHS2xWgWAGr3vaLvD
lTNifpfoBqNk6PCR/58Uvl6sfY8vQLLnp2IkbOKlO9dw/vBc9oK137Q89QJDYVua
SqV/DLDFmSzsrZCBw1aeUeyHdC7HIrGGuQlAgmPbK5nm7eYLYom4Z41SvvyV3J2V
3Juon/BLFPJgLd8XMcgtaNs8fbMhAJ0VCGkbvirgf8YEAnkBl1+E/CwabB1YcpqS
sCaDwbQfo5KfU7PJM36XFdPyhsqT9yFlNsIh1FPl4Xsdtqf/YKbEPv5zmGSA1iot
1PWIsS+fGzLX2w==
-----END CERTIFICATE-----