Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
File:                     OM0kYRn4VtiXOodwvsOf_EejydY.mft (raw, json)
Hash identifier:          n163L12wuW20X3Ks0ESLgoOKgVrTB1nhEw+WTjhIUTY=
Subject key identifier:   03:84:C4:58:1E:25:CF:97:72:85:5D:CD:96:DE:77:C2:EC:1C:B2:38
Authority key identifier: 38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6
Certificate issuer:       /CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
Certificate serial:       01965CF22E339DA2BD89706A130720F231D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
Manifest number:          14FF
Signing time:             Tue 22 Apr 2025 10:01:37 +0000
Manifest this update:     Tue 22 Apr 2025 10:01:37 +0000
Manifest next update:     Wed 23 Apr 2025 10:01:37 +0000
Files and hashes:         1: OM0kYRn4VtiXOodwvsOf_EejydY.crl (hash: BgIxCRJJTXI/oxu/8WCcVTtG2mh2vwDQpMIDBCOnM4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 10:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f2:2e:33:9d:a2:bd:89:70:6a:13:07:20:f2:31:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
        Validity
            Not Before: Apr 22 10:01:37 2025 GMT
            Not After : Apr 23 10:01:37 2025 GMT
        Subject: CN=0384c4581e25cf9772855dcd96de77c2ec1cb238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:07:c9:88:f6:24:2d:c3:6f:d2:b0:1c:e7:c3:
                    6e:8e:bd:8e:00:bf:98:4c:af:ff:57:23:ed:97:fc:
                    f0:22:d7:6a:3a:5e:db:bc:d7:18:85:ae:32:b3:43:
                    64:4b:34:b1:4b:82:52:2d:f0:d8:3f:4f:f5:2f:31:
                    c0:c1:5f:87:33:7d:77:06:36:08:34:0c:63:55:92:
                    e0:81:6e:c2:38:8b:c3:3c:6e:86:09:f6:cf:3a:ca:
                    c8:46:99:cc:62:8e:1c:71:5e:1a:dc:d2:49:5d:7f:
                    70:eb:ac:9a:7e:82:6f:0d:3b:f0:a1:1d:c9:0b:ca:
                    75:a2:e9:43:fe:4b:87:c4:03:00:22:8a:72:2d:a2:
                    f3:91:41:bc:24:e8:12:f7:ce:48:c8:2b:ac:b7:7e:
                    aa:be:39:0c:aa:be:dd:02:2f:4c:13:84:b2:63:fb:
                    42:e6:08:dd:96:1a:d6:68:88:0e:ac:c4:86:7b:53:
                    27:0f:f7:cc:e4:32:81:26:ea:f3:8a:dd:f2:d5:bc:
                    bb:ce:61:f4:05:4a:c6:fc:9b:16:32:54:1d:11:1e:
                    01:96:dd:c9:6a:f3:07:ac:ef:80:9a:12:e3:33:e4:
                    98:74:f7:ea:1a:ab:05:8c:d6:79:29:a7:3d:e6:97:
                    25:a6:a8:be:d7:d7:d5:0a:9b:56:d7:7c:97:a2:18:
                    86:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:84:C4:58:1E:25:CF:97:72:85:5D:CD:96:DE:77:C2:EC:1C:B2:38
            X509v3 Authority Key Identifier:
                keyid:38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:f5:a7:00:ff:67:3b:4e:de:92:f0:dd:59:96:31:df:74:df:
         e6:71:e1:94:3f:d1:90:06:3b:9b:2e:22:f5:0b:c7:49:39:a9:
         ee:96:f5:af:2f:84:38:3d:fb:49:8d:39:ce:11:e8:e3:96:71:
         e6:01:40:6f:6e:6f:07:99:af:26:8c:91:b6:5e:f9:e2:5b:5f:
         af:12:60:45:9c:15:34:f0:a8:24:f7:57:40:59:e6:bb:cc:89:
         95:df:56:c3:e1:7a:d0:41:e3:75:dd:7b:79:2b:fe:25:48:71:
         a6:f5:4d:f5:50:bb:85:b6:2a:10:64:12:c0:de:20:60:fe:78:
         62:04:84:9b:cc:d9:11:01:be:3f:b2:49:f4:7a:97:fb:dd:b1:
         1f:bd:61:d3:f0:1b:2d:ee:f7:e5:a4:92:f4:c9:84:87:c2:53:
         a0:73:3d:1d:33:0f:44:97:23:aa:de:03:b6:5d:0b:db:47:1c:
         36:27:6e:ff:bf:18:63:59:a7:af:16:9e:84:fe:70:4e:42:8a:
         aa:d4:e0:a4:97:b3:7b:ac:fc:2c:99:ff:53:ab:c1:b4:74:f9:
         7a:25:f8:1f:3d:81:38:d0:24:81:55:37:3d:5c:14:8d:32:f4:
         ca:85:e1:bf:d5:2d:c4:5d:78:6f:d4:9a:88:55:c1:17:a5:02:
         bd:4f:dc:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8i4znaK9iXBqEwcg8jHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2QyNDYxMTlmODU2ZDg5NzNhODc3MGJlYzM5ZmZjNDdh
M2M5ZDYwHhcNMjUwNDIyMTAwMTM3WhcNMjUwNDIzMTAwMTM3WjAzMTEwLwYDVQQD
EygwMzg0YzQ1ODFlMjVjZjk3NzI4NTVkY2Q5NmRlNzdjMmVjMWNiMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQfJiPYkLcNv0rAc58Nujr2OAL+Y
TK//VyPtl/zwItdqOl7bvNcYha4ys0NkSzSxS4JSLfDYP0/1LzHAwV+HM313BjYI
NAxjVZLggW7COIvDPG6GCfbPOsrIRpnMYo4ccV4a3NJJXX9w66yafoJvDTvwoR3J
C8p1oulD/kuHxAMAIopyLaLzkUG8JOgS985IyCust36qvjkMqr7dAi9ME4SyY/tC
5gjdlhrWaIgOrMSGe1MnD/fM5DKBJurzit3y1by7zmH0BUrG/JsWMlQdER4Blt3J
avMHrO+AmhLjM+SYdPfqGqsFjNZ5Kac95pclpqi+19fVCptW13yXohiGTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOExFgeJc+XcoVdzZbed8LsHLI4MB8GA1UdIwQY
MBaAFDjNJGEZ+FbYlzqHcL7Dn/xHo8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMt
OGZjZDUzZDQzMWQ1LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMtOGZjZDUzZDQzMWQ1
LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/WnAP9n
O07ekvDdWZYx33Tf5nHhlD/RkAY7my4i9QvHSTmp7pb1ry+EOD37SY05zhHo45Zx
5gFAb25vB5mvJoyRtl754ltfrxJgRZwVNPCoJPdXQFnmu8yJld9Ww+F60EHjdd17
eSv+JUhxpvVN9VC7hbYqEGQSwN4gYP54YgSEm8zZEQG+P7JJ9HqX+92xH71h0/Ab
Le735aSS9MmEh8JToHM9HTMPRJcjqt4Dtl0L20ccNidu/78YY1mnrxaehP5wTkKK
qtTgpJeze6z8LJn/U6vBtHT5eiX4Hz2BONAkgVU3PVwUjTL0yoXhv9UtxF14b9Sa
iFXBF6UCvU/c5w==
-----END CERTIFICATE-----