Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
File:                     O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft (raw, json)
Hash identifier:          ek/OJvAwJZlrvpUMo/mIJPFz8XT0Gz0nlLRPvjLkL1w=
Subject key identifier:   9A:41:FD:D4:88:D6:59:7B:78:97:3C:8D:25:30:64:6F:F2:69:72:E6
Authority key identifier: 3B:A2:E2:7F:E7:54:26:EF:C8:B5:2B:26:8E:82:93:A8:99:4E:68:FD
Certificate issuer:       /CN=3ba2e27fe75426efc8b52b268e8293a8994e68fd
Certificate serial:       0197488D7CE8009E85E2D2DE9CCE736FB84B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
Manifest number:          0DE4
Signing time:             Sat 07 Jun 2025 04:01:59 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:59 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:59 +0000
Files and hashes:         1: O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl (hash: 5qdQNz6peFSWNdaFH1aVmmNIjM9fbfdyHMBwMsmf++M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:7c:e8:00:9e:85:e2:d2:de:9c:ce:73:6f:b8:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ba2e27fe75426efc8b52b268e8293a8994e68fd
        Validity
            Not Before: Jun  7 04:01:59 2025 GMT
            Not After : Jun  8 04:01:59 2025 GMT
        Subject: CN=9a41fdd488d6597b78973c8d2530646ff26972e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ea:22:15:09:9a:94:62:5b:ab:72:3c:7e:c1:
                    d3:9e:a7:59:2b:6e:e7:38:eb:6b:aa:28:bf:ad:4e:
                    c9:a5:fb:67:b4:e7:56:67:03:49:a3:56:37:f6:90:
                    e6:57:d7:46:a3:00:a9:a3:2b:9c:c5:6a:06:9d:7e:
                    95:89:1a:8b:c1:64:97:1f:ea:45:33:bc:40:87:d7:
                    89:fa:d5:6c:1c:78:40:1c:60:26:58:91:0d:d3:3c:
                    d9:46:88:33:33:22:76:70:f7:4e:74:29:d2:17:90:
                    44:4d:b3:19:7d:07:bb:9b:62:15:8d:f0:de:ad:45:
                    ad:0c:77:4a:fb:6d:68:aa:c6:0a:fd:fb:f6:06:3f:
                    be:22:2f:83:c5:66:43:ad:57:ed:fb:7f:b3:ba:52:
                    01:79:19:59:b7:07:17:73:75:0d:aa:59:b8:53:42:
                    9e:97:13:0a:8c:e8:db:19:fb:06:18:be:f8:ef:b7:
                    ae:be:a3:04:fd:00:ab:e0:f8:d4:1f:08:2c:f7:ac:
                    cb:77:7d:48:13:48:79:e9:4c:f4:8d:3f:4e:06:24:
                    5c:a5:7c:52:13:30:94:78:f6:3b:99:94:fb:78:c6:
                    f9:f2:69:8d:33:c2:3d:0a:c6:38:8d:ec:33:ef:ed:
                    74:06:ff:f6:4d:9e:86:b9:9a:fe:5a:f1:71:ae:45:
                    e0:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:41:FD:D4:88:D6:59:7B:78:97:3C:8D:25:30:64:6F:F2:69:72:E6
            X509v3 Authority Key Identifier:
                keyid:3B:A2:E2:7F:E7:54:26:EF:C8:B5:2B:26:8E:82:93:A8:99:4E:68:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:34:04:6a:34:5a:ce:8d:8e:e3:79:c0:1d:8e:69:93:c5:1e:
         24:91:b1:ae:6b:97:db:8d:92:8f:58:62:c8:90:e2:90:19:97:
         04:c4:76:b8:f6:d4:dc:16:6d:3b:be:06:a5:b1:37:fe:19:9d:
         e1:9f:1e:fa:5d:6c:6c:95:9d:ec:c9:e1:01:92:52:60:6e:16:
         94:d8:16:eb:06:b6:11:f8:9f:a5:78:df:0f:d9:97:4a:21:41:
         fb:c3:47:06:63:6e:06:a3:ab:08:34:10:dd:28:b9:d9:33:4e:
         03:44:5b:52:c0:1a:f2:10:f7:35:4c:1d:cc:84:bb:f7:9a:ea:
         7e:4b:89:89:ca:66:2d:a6:87:65:b0:c4:5f:73:2a:2a:0a:59:
         a1:45:05:2b:df:38:b3:d7:7a:0a:16:40:ec:8c:a6:70:a5:05:
         e6:24:83:a0:f3:9e:7f:ea:dc:59:a5:42:c8:a4:a4:91:c7:bc:
         49:65:a1:c6:86:a2:5b:5f:f2:bc:2d:c6:61:85:21:9e:82:f2:
         f3:c0:7e:85:bd:b8:af:64:ee:bf:9d:19:a2:78:17:cf:f5:24:
         b9:50:33:6d:5f:24:e1:75:74:a2:28:52:aa:9c:39:f2:09:a7:
         46:9c:29:bc:69:94:2e:ef:b5:81:ff:20:a8:bb:26:33:d3:a6:
         79:66:c2:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjXzoAJ6F4tLenM5zb7hLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTJlMjdmZTc1NDI2ZWZjOGI1MmIyNjhlODI5M2E4OTk0
ZTY4ZmQwHhcNMjUwNjA3MDQwMTU5WhcNMjUwNjA4MDQwMTU5WjAzMTEwLwYDVQQD
Eyg5YTQxZmRkNDg4ZDY1OTdiNzg5NzNjOGQyNTMwNjQ2ZmYyNjk3MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteoiFQmalGJbq3I8fsHTnqdZK27n
OOtrqii/rU7JpftntOdWZwNJo1Y39pDmV9dGowCpoyucxWoGnX6ViRqLwWSXH+pF
M7xAh9eJ+tVsHHhAHGAmWJEN0zzZRogzMyJ2cPdOdCnSF5BETbMZfQe7m2IVjfDe
rUWtDHdK+21oqsYK/fv2Bj++Ii+DxWZDrVft+3+zulIBeRlZtwcXc3UNqlm4U0Ke
lxMKjOjbGfsGGL7477euvqME/QCr4PjUHwgs96zLd31IE0h56Uz0jT9OBiRcpXxS
EzCUePY7mZT7eMb58mmNM8I9CsY4jewz7+10Bv/2TZ6GuZr+WvFxrkXgowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpB/dSI1ll7eJc8jSUwZG/yaXLmMB8GA1UdIwQY
MBaAFDui4n/nVCbvyLUrJo6Ck6iZTmj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lYzZiODgtNWU2Yi00Y2ZlLWJjOTUt
MzNhYzZkYmNmYjk3LzEvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lYzZiODgtNWU2Yi00Y2ZlLWJjOTUtMzNhYzZkYmNmYjk3
LzEvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhzQEajRa
zo2O43nAHY5pk8UeJJGxrmuX242Sj1hiyJDikBmXBMR2uPbU3BZtO74GpbE3/hmd
4Z8e+l1sbJWd7MnhAZJSYG4WlNgW6wa2EfifpXjfD9mXSiFB+8NHBmNuBqOrCDQQ
3Si52TNOA0RbUsAa8hD3NUwdzIS795rqfkuJicpmLaaHZbDEX3MqKgpZoUUFK984
s9d6ChZA7IymcKUF5iSDoPOef+rcWaVCyKSkkce8SWWhxoaiW1/yvC3GYYUhnoLy
88B+hb24r2Tuv50ZongXz/UkuVAzbV8k4XV0oihSqpw58gmnRpwpvGmULu+1gf8g
qLsmM9OmeWbCFA==
-----END CERTIFICATE-----