Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
File:                     O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft (raw, json)
Hash identifier:          swgx6wBu5zTtjQM8KLU3AoCYOdwQ7mtbz7Lg+PZaHzQ=
Subject key identifier:   91:D5:F5:D9:19:96:25:8C:93:76:90:3D:D4:58:16:F5:86:7D:5B:D9
Authority key identifier: 3B:A2:E2:7F:E7:54:26:EF:C8:B5:2B:26:8E:82:93:A8:99:4E:68:FD
Certificate issuer:       /CN=3ba2e27fe75426efc8b52b268e8293a8994e68fd
Certificate serial:       019510C7C00329DDFAFDF6C6A829417FE875
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
Manifest number:          0CBE
Signing time:             Sun 16 Feb 2025 22:01:20 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:20 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:20 +0000
Files and hashes:         1: O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl (hash: rPg2Xv/3WX0drjGS5oWzUkY4509SuVBzWE42SFyYpbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:c0:03:29:dd:fa:fd:f6:c6:a8:29:41:7f:e8:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ba2e27fe75426efc8b52b268e8293a8994e68fd
        Validity
            Not Before: Feb 16 22:01:20 2025 GMT
            Not After : Feb 17 22:01:20 2025 GMT
        Subject: CN=91d5f5d91996258c9376903dd45816f5867d5bd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:05:d6:1d:4a:bd:7e:ae:09:d5:d1:99:d6:07:
                    1e:2c:43:a3:59:72:d1:65:9c:3d:f2:f7:81:43:d6:
                    34:40:44:f3:c2:19:1a:08:46:5c:85:2d:12:8c:44:
                    d2:34:d3:c7:06:27:cd:d0:9a:db:68:98:61:6b:3c:
                    40:bc:e4:07:ec:64:10:37:73:1d:37:71:1f:2a:ba:
                    2c:9b:9a:dd:0a:74:a6:cf:36:22:07:0e:26:93:a6:
                    3c:50:60:c5:68:11:81:56:c4:b1:c8:55:7f:73:61:
                    29:de:bd:70:a2:c9:36:bd:8c:ce:15:0d:e0:1e:c8:
                    1a:bf:20:ac:0c:2a:0f:e8:21:0c:79:2b:cf:85:bc:
                    e6:2b:e5:1f:c2:34:46:58:41:7a:74:fc:72:08:4a:
                    11:71:51:92:d9:0b:6a:6c:85:2e:a4:1c:2e:95:d2:
                    37:89:e5:5d:fc:5c:77:42:b9:37:00:e4:0e:fc:42:
                    4b:b9:3e:4b:d3:f3:07:ee:28:21:1c:ff:74:35:a0:
                    65:3f:38:be:1c:82:ac:74:39:5f:09:c1:60:98:85:
                    2f:77:95:41:d6:a5:fc:cd:56:6a:88:81:c7:5f:27:
                    2f:46:da:ef:ef:aa:29:9f:45:8b:89:8d:e8:23:c2:
                    62:e8:d6:00:67:88:0a:50:c3:31:b3:0f:8d:a7:b0:
                    29:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D5:F5:D9:19:96:25:8C:93:76:90:3D:D4:58:16:F5:86:7D:5B:D9
            X509v3 Authority Key Identifier:
                keyid:3B:A2:E2:7F:E7:54:26:EF:C8:B5:2B:26:8E:82:93:A8:99:4E:68:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:b2:af:fb:84:e5:4b:d7:22:63:a4:07:0e:87:43:be:9a:37:
         29:8e:1b:e5:9f:17:f0:64:98:f7:2f:4f:f7:68:03:02:4c:94:
         e1:43:71:ad:17:39:40:2f:9e:3c:79:db:f0:f6:03:c0:1e:c2:
         c8:eb:97:1c:bc:5a:47:9d:54:58:20:c4:e2:f2:2b:1c:a9:bd:
         d3:75:f7:aa:d5:a0:d5:76:48:78:b5:7f:d5:ae:4e:ce:4b:2e:
         5d:ad:66:51:10:43:69:8e:47:a1:d0:6a:f1:f8:06:e4:3d:ae:
         4a:ee:5d:60:4d:fd:8e:75:dc:bc:a7:2a:e4:db:5a:64:b9:09:
         76:2f:50:ce:85:47:32:ca:00:ba:5c:4c:bc:3e:4b:70:8f:50:
         69:41:03:0e:f9:1c:9c:63:24:50:86:9e:d5:99:0d:7c:00:20:
         e4:35:3a:95:19:70:da:dc:62:f8:2e:06:4c:41:86:70:7b:51:
         d5:79:75:0f:a3:b2:30:df:28:1d:c1:9d:38:22:5a:9d:80:8d:
         f4:3b:13:22:e6:4f:bf:b7:3d:e6:ba:c4:fd:83:96:1e:63:05:
         13:d0:18:9e:13:0d:51:ed:7f:72:f2:91:cd:0f:6f:66:ad:34:
         d5:48:61:29:f5:c0:bc:26:c3:07:0b:a2:1f:a4:f6:73:86:3a:
         27:a9:83:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx8ADKd36/fbGqClBf+h1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTJlMjdmZTc1NDI2ZWZjOGI1MmIyNjhlODI5M2E4OTk0
ZTY4ZmQwHhcNMjUwMjE2MjIwMTIwWhcNMjUwMjE3MjIwMTIwWjAzMTEwLwYDVQQD
Eyg5MWQ1ZjVkOTE5OTYyNThjOTM3NjkwM2RkNDU4MTZmNTg2N2Q1YmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gXWHUq9fq4J1dGZ1gceLEOjWXLR
ZZw98veBQ9Y0QETzwhkaCEZchS0SjETSNNPHBifN0JrbaJhhazxAvOQH7GQQN3Md
N3EfKrosm5rdCnSmzzYiBw4mk6Y8UGDFaBGBVsSxyFV/c2Ep3r1wosk2vYzOFQ3g
HsgavyCsDCoP6CEMeSvPhbzmK+UfwjRGWEF6dPxyCEoRcVGS2QtqbIUupBwuldI3
ieVd/Fx3Qrk3AOQO/EJLuT5L0/MH7ighHP90NaBlPzi+HIKsdDlfCcFgmIUvd5VB
1qX8zVZqiIHHXycvRtrv76opn0WLiY3oI8Ji6NYAZ4gKUMMxsw+Np7ApHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHV9dkZliWMk3aQPdRYFvWGfVvZMB8GA1UdIwQY
MBaAFDui4n/nVCbvyLUrJo6Ck6iZTmj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lYzZiODgtNWU2Yi00Y2ZlLWJjOTUt
MzNhYzZkYmNmYjk3LzEvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lYzZiODgtNWU2Yi00Y2ZlLWJjOTUtMzNhYzZkYmNmYjk3
LzEvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABrKv+4Tl
S9ciY6QHDodDvpo3KY4b5Z8X8GSY9y9P92gDAkyU4UNxrRc5QC+ePHnb8PYDwB7C
yOuXHLxaR51UWCDE4vIrHKm903X3qtWg1XZIeLV/1a5OzksuXa1mURBDaY5HodBq
8fgG5D2uSu5dYE39jnXcvKcq5NtaZLkJdi9QzoVHMsoAulxMvD5LcI9QaUEDDvkc
nGMkUIae1ZkNfAAg5DU6lRlw2txi+C4GTEGGcHtR1Xl1D6OyMN8oHcGdOCJanYCN
9DsTIuZPv7c95rrE/YOWHmMFE9AYnhMNUe1/cvKRzQ9vZq001UhhKfXAvCbDBwui
H6T2c4Y6J6mDkQ==
-----END CERTIFICATE-----