Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          6aATq+dM+ZK6RKtvKV/5t7a2WIFsNeNGGLze/1CIR/g=
Subject key identifier:   0D:CF:B9:A8:43:EF:DE:A4:F8:7D:75:93:F5:AE:27:DF:2A:72:12:30
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       0196586FC7B748AAFA33F91A1A77965444AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          1146
Signing time:             Mon 21 Apr 2025 13:00:42 +0000
Manifest this update:     Mon 21 Apr 2025 13:00:42 +0000
Manifest next update:     Tue 22 Apr 2025 13:00:42 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: oqD9xnt7P5gs2hN9CXgBv4LOCJJwAfWGKb++zDC3lrY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:6f:c7:b7:48:aa:fa:33:f9:1a:1a:77:96:54:44:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: Apr 21 13:00:42 2025 GMT
            Not After : Apr 22 13:00:42 2025 GMT
        Subject: CN=0dcfb9a843efdea4f87d7593f5ae27df2a721230
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fd:5a:49:73:a7:49:4e:29:6c:99:d6:f0:05:
                    61:69:0d:18:26:75:fc:28:30:fb:26:50:80:df:89:
                    73:11:7c:42:e2:4c:73:e3:b4:f4:a3:2d:d2:3d:47:
                    68:93:ea:de:92:45:96:04:5a:40:d2:10:4f:e9:04:
                    ed:5a:62:d5:12:55:51:db:3f:30:fc:00:a5:28:bb:
                    e9:ce:33:a6:6f:25:95:89:ab:6c:bc:0b:27:7d:55:
                    aa:cf:f4:f1:2a:cf:f6:66:05:61:21:d9:fd:dd:f4:
                    17:9d:6b:c1:84:5b:61:3a:92:1e:e9:34:dc:4e:a9:
                    1b:54:31:56:93:2e:cb:09:a8:cd:e8:bc:e3:bb:eb:
                    91:b8:46:64:9f:e3:53:fd:62:7e:5a:fe:8f:5f:66:
                    c7:cf:e0:6a:24:cf:ee:9d:c9:69:55:05:c5:43:8e:
                    44:6e:bb:98:f3:a3:83:75:cc:bd:1f:84:81:99:fa:
                    f2:82:06:11:f0:2a:2c:97:bd:87:99:0e:8b:5a:e8:
                    ba:40:19:0f:e7:f9:12:ef:26:44:d5:dc:00:3d:46:
                    c8:50:44:ce:6d:cc:14:02:a0:2d:ca:b7:d9:5b:ab:
                    e0:49:db:7b:00:75:af:c9:e1:ac:d3:5b:88:9d:c9:
                    0d:46:65:9d:3d:76:e2:2f:56:64:d1:ca:0a:36:e9:
                    67:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:CF:B9:A8:43:EF:DE:A4:F8:7D:75:93:F5:AE:27:DF:2A:72:12:30
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:8d:35:31:d2:7c:d3:36:32:8b:d3:1e:15:72:ee:17:af:04:
         32:a0:38:6d:55:ba:5f:13:51:d0:63:80:05:ef:4d:ec:f4:9b:
         19:6e:32:92:8b:85:d7:82:16:9e:9b:5f:30:f9:c9:48:e1:be:
         4f:a6:23:55:b3:84:98:8c:f8:48:dc:e8:96:78:e9:d0:03:05:
         cd:05:99:aa:ab:ed:3b:f6:7d:33:c3:89:d2:89:d8:2e:f7:d8:
         5d:f8:ad:1e:d0:6b:67:be:84:81:c6:21:91:ce:35:1e:c9:bb:
         18:3b:eb:60:a0:f4:71:db:12:e2:df:5a:36:d4:b4:36:d6:40:
         f4:a8:03:be:e3:55:f1:52:37:bc:6b:ff:ab:36:d1:eb:d9:df:
         73:d6:77:7d:72:80:98:3e:8a:af:15:4c:ed:b6:14:86:45:34:
         68:32:d3:05:d4:14:05:88:f7:d8:7f:56:d5:c7:b5:70:bb:85:
         6a:32:c7:54:df:d0:16:8e:c7:50:87:3b:ae:b1:97:75:4a:bd:
         bc:da:39:e1:f0:dd:66:b6:13:7a:9e:fe:40:ec:09:23:19:c5:
         78:1c:c5:c4:f5:16:f3:2a:7d:da:b0:f3:b5:ef:7c:5b:05:88:
         ba:f2:60:c7:67:a4:e5:ba:e5:1d:b3:22:fc:f5:14:a0:05:18:
         22:3a:2e:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYb8e3SKr6M/kaGneWVESvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjUwNDIxMTMwMDQyWhcNMjUwNDIyMTMwMDQyWjAzMTEwLwYDVQQD
EygwZGNmYjlhODQzZWZkZWE0Zjg3ZDc1OTNmNWFlMjdkZjJhNzIxMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/1aSXOnSU4pbJnW8AVhaQ0YJnX8
KDD7JlCA34lzEXxC4kxz47T0oy3SPUdok+rekkWWBFpA0hBP6QTtWmLVElVR2z8w
/AClKLvpzjOmbyWViatsvAsnfVWqz/TxKs/2ZgVhIdn93fQXnWvBhFthOpIe6TTc
TqkbVDFWky7LCajN6Lzju+uRuEZkn+NT/WJ+Wv6PX2bHz+BqJM/unclpVQXFQ45E
bruY86ODdcy9H4SBmfryggYR8Cosl72HmQ6LWui6QBkP5/kS7yZE1dwAPUbIUETO
bcwUAqAtyrfZW6vgSdt7AHWvyeGs01uInckNRmWdPXbiL1Zk0coKNuln3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3PuahD796k+H11k/WuJ98qchIwMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoI01MdJ8
0zYyi9MeFXLuF68EMqA4bVW6XxNR0GOABe9N7PSbGW4ykouF14IWnptfMPnJSOG+
T6YjVbOEmIz4SNzolnjp0AMFzQWZqqvtO/Z9M8OJ0onYLvfYXfitHtBrZ76EgcYh
kc41Hsm7GDvrYKD0cdsS4t9aNtS0NtZA9KgDvuNV8VI3vGv/qzbR69nfc9Z3fXKA
mD6KrxVM7bYUhkU0aDLTBdQUBYj32H9W1ce1cLuFajLHVN/QFo7HUIc7rrGXdUq9
vNo54fDdZrYTep7+QOwJIxnFeBzFxPUW8yp92rDzte98WwWIuvJgx2ek5brlHbMi
/PUUoAUYIjou8w==
-----END CERTIFICATE-----