Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          xgdJP6npEHwCv93KvgpAMb9wsAQZbEFEi5/VNRWsqes=
Subject key identifier:   F3:22:53:D9:92:10:E0:B2:E4:E9:74:48:45:FD:CA:DC:A4:20:98:D6
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       0195903DB9739064DAB742E00CEAF7CC820E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          08A4
Signing time:             Thu 13 Mar 2025 16:01:58 +0000
Manifest this update:     Thu 13 Mar 2025 16:01:58 +0000
Manifest next update:     Fri 14 Mar 2025 16:01:58 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: NpmAbgRjGP+IaVZYF3JOeMDdUvHsipt1/82DMuqYT30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3d:b9:73:90:64:da:b7:42:e0:0c:ea:f7:cc:82:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: Mar 13 16:01:58 2025 GMT
            Not After : Mar 14 16:01:58 2025 GMT
        Subject: CN=f32253d99210e0b2e4e9744845fdcadca42098d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:6c:43:b7:05:62:a6:53:6d:ac:2a:e3:96:d4:
                    49:5d:03:6a:dc:44:ec:fe:00:ec:8a:48:96:f0:c9:
                    68:75:0b:4f:c8:a7:b9:55:22:a7:7b:14:5c:d4:3a:
                    c0:16:17:d9:98:f7:9b:8a:a7:21:dd:89:57:1f:ea:
                    4e:b7:bd:c3:a7:77:7d:95:f1:f8:0b:11:59:2d:7e:
                    11:23:6d:aa:92:b3:ac:cc:2b:77:b3:1d:11:dc:a5:
                    08:3d:25:f4:ef:3b:ab:eb:fd:26:c2:c2:75:88:6e:
                    e7:85:1f:34:bd:26:db:5a:d1:9c:18:de:8a:cd:9c:
                    f4:1f:46:89:59:42:b4:ef:fe:30:2e:b8:2d:89:cf:
                    e5:03:8d:c8:b7:32:c8:cc:6b:c4:d3:d1:6b:25:3f:
                    9f:12:90:47:18:7f:58:03:8d:c8:1f:d5:73:5c:e5:
                    d5:5f:dd:74:80:95:91:d5:05:35:95:c0:58:5b:c4:
                    87:98:ce:8a:46:5a:32:3e:f5:6c:9e:a7:d7:c0:c4:
                    4f:23:d8:5f:7e:1b:1c:51:a4:1b:87:9b:f8:44:65:
                    bf:6e:c5:d8:4a:c4:ad:ad:a4:f1:d8:bf:94:e4:35:
                    a4:95:ec:3a:a4:68:6a:fd:92:85:aa:1f:e9:51:77:
                    5a:3b:a7:89:ca:9f:ae:1c:ed:51:03:d6:0d:19:08:
                    6f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:22:53:D9:92:10:E0:B2:E4:E9:74:48:45:FD:CA:DC:A4:20:98:D6
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:35:60:1a:9b:5d:58:7f:b5:2b:52:c7:21:f1:44:be:33:ca:
         86:db:a5:ad:12:91:8a:29:b2:9b:27:e6:60:29:6f:67:9a:b8:
         38:1a:8b:68:61:2a:6b:20:c4:56:2f:00:e8:b9:cb:ef:6d:d5:
         d6:de:0d:0c:e9:66:78:e9:89:fd:96:bb:e9:08:4b:24:4e:6f:
         33:61:5e:b7:8f:b5:38:05:e5:d3:cb:c1:6e:32:7e:a1:b9:5d:
         cc:3d:02:a5:98:5e:b2:bc:6e:b4:51:b4:33:10:39:45:f2:04:
         e1:8f:65:1c:9c:a8:36:74:72:bf:98:52:ea:0c:e5:ea:e6:7c:
         35:b5:12:bd:7e:d3:4b:bf:45:0c:c5:85:f1:19:ca:5e:6b:d8:
         4e:9a:5f:7d:41:ff:1e:48:72:f9:9f:b2:68:5e:e3:a7:63:5d:
         32:c5:b1:23:7b:09:fc:35:fc:39:c4:2a:f8:78:52:8d:37:00:
         23:72:8f:ae:1b:d0:97:10:7e:cd:b8:af:bc:3e:0a:1d:21:aa:
         1f:59:9f:e0:f0:c9:13:1b:48:4b:d6:6a:88:1b:d1:82:5c:f4:
         0b:77:e1:ac:99:16:2e:d6:c9:ac:6c:68:69:da:50:9b:ed:ad:
         87:65:30:1a:09:cb:45:5b:71:c5:5f:a0:50:73:ed:b2:0b:aa:
         f9:6b:81:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPblzkGTat0LgDOr3zIIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjUwMzEzMTYwMTU4WhcNMjUwMzE0MTYwMTU4WjAzMTEwLwYDVQQD
EyhmMzIyNTNkOTkyMTBlMGIyZTRlOTc0NDg0NWZkY2FkY2E0MjA5OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52xDtwViplNtrCrjltRJXQNq3ETs
/gDsikiW8MlodQtPyKe5VSKnexRc1DrAFhfZmPebiqch3YlXH+pOt73Dp3d9lfH4
CxFZLX4RI22qkrOszCt3sx0R3KUIPSX07zur6/0mwsJ1iG7nhR80vSbbWtGcGN6K
zZz0H0aJWUK07/4wLrgtic/lA43ItzLIzGvE09FrJT+fEpBHGH9YA43IH9VzXOXV
X910gJWR1QU1lcBYW8SHmM6KRloyPvVsnqfXwMRPI9hffhscUaQbh5v4RGW/bsXY
SsStraTx2L+U5DWklew6pGhq/ZKFqh/pUXdaO6eJyp+uHO1RA9YNGQhvhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMiU9mSEOCy5Ol0SEX9ytykIJjWMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwDVgGptd
WH+1K1LHIfFEvjPKhtulrRKRiimymyfmYClvZ5q4OBqLaGEqayDEVi8A6LnL723V
1t4NDOlmeOmJ/Za76QhLJE5vM2Fet4+1OAXl08vBbjJ+obldzD0CpZhesrxutFG0
MxA5RfIE4Y9lHJyoNnRyv5hS6gzl6uZ8NbUSvX7TS79FDMWF8RnKXmvYTppffUH/
Hkhy+Z+yaF7jp2NdMsWxI3sJ/DX8OcQq+HhSjTcAI3KPrhvQlxB+zbivvD4KHSGq
H1mf4PDJExtIS9ZqiBvRglz0C3fhrJkWLtbJrGxoadpQm+2th2UwGgnLRVtxxV+g
UHPtsguq+WuBKw==
-----END CERTIFICATE-----