Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          2ioRndIw4nNeQQXuaLYtYA1AWBtIyu6RB9uKlGJdLR0=
Subject key identifier:   A3:C3:1B:80:C5:80:CE:FF:97:7E:02:B5:CD:F7:17:14:68:DB:C2:93
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       01958BBB66B18AD31317FD8532E0CAB24E9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          10DC
Signing time:             Wed 12 Mar 2025 19:01:09 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:09 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:09 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: kzBUjI+0/S6jxVU1GuvSD9Zimwo846QI3igD3/vz2Dc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:66:b1:8a:d3:13:17:fd:85:32:e0:ca:b2:4e:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: Mar 12 19:01:09 2025 GMT
            Not After : Mar 13 19:01:09 2025 GMT
        Subject: CN=a3c31b80c580ceff977e02b5cdf7171468dbc293
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:5b:95:83:a2:b6:b6:4c:aa:43:b7:2d:98:dc:
                    4c:51:32:ba:80:5c:8a:30:a6:b8:cc:85:3d:34:b0:
                    b3:a9:91:9a:bd:5f:ff:61:04:3f:1c:78:08:ab:97:
                    ac:fd:8c:ac:ee:90:1d:e3:ce:52:47:6b:9c:c9:55:
                    49:58:33:51:d4:62:5f:31:1a:3d:e0:20:02:5e:6c:
                    3b:59:c8:ed:53:f7:b5:4b:69:15:2d:20:7d:1c:75:
                    f4:e6:4e:85:8c:c9:1c:44:3f:91:6a:81:84:b9:10:
                    90:61:06:85:61:c4:d4:6f:17:e5:d0:22:08:94:83:
                    42:0a:46:81:50:00:ba:40:5e:c3:45:d1:9a:66:ca:
                    d9:93:eb:38:ba:8f:31:7c:96:69:8a:83:55:22:02:
                    9c:c9:30:82:9e:a9:75:c1:7e:53:b7:6f:56:dd:0d:
                    22:02:a1:92:4a:39:0e:54:09:61:53:c9:0f:8f:41:
                    ac:7e:4c:27:bd:fe:c5:a9:59:78:84:0b:04:8c:0a:
                    d6:12:45:0c:68:64:13:da:96:5c:21:c2:9a:c4:f6:
                    74:6f:9e:6d:dc:bf:98:4b:7a:34:83:96:7d:51:27:
                    5f:ab:c6:14:4e:18:04:7e:40:b2:a4:af:b2:7d:87:
                    27:57:a4:00:41:3b:83:fa:35:93:c0:d5:5a:07:2f:
                    14:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:C3:1B:80:C5:80:CE:FF:97:7E:02:B5:CD:F7:17:14:68:DB:C2:93
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:50:cd:5b:2a:de:52:fd:3a:bb:d7:a0:dc:9e:fd:d1:46:66:
         ce:f2:94:37:c3:4b:96:c5:db:de:a9:6f:0d:71:4e:dc:11:e0:
         35:07:da:7a:67:d6:d4:45:87:55:fd:85:02:d3:d8:ca:8f:13:
         0a:c3:32:a4:a2:81:58:d8:ee:ac:9c:9c:a0:e8:c0:97:69:5b:
         09:6d:c9:bc:1e:c8:36:ac:5a:a2:a5:f9:7f:07:86:2c:90:dc:
         97:05:d7:25:61:86:02:44:1b:80:a9:0f:ef:9b:d5:eb:33:3b:
         a0:34:f1:81:65:8b:b4:5e:1e:eb:ea:7a:9c:a1:46:8f:7b:45:
         8a:cc:26:99:18:12:59:50:89:23:30:20:f2:8b:7b:27:40:d3:
         6d:8a:6e:d4:eb:01:be:1e:43:67:34:ba:de:87:3b:1c:8f:02:
         40:4e:7d:f8:ab:0e:2d:ee:4c:ca:ce:c8:52:8d:0f:4f:a2:78:
         01:d4:88:d2:ae:7e:f7:57:be:92:f6:98:b8:ab:ca:43:19:8c:
         e9:65:32:ed:ec:13:1e:88:b1:2d:e7:70:5c:d7:9f:a4:05:32:
         cc:f3:3b:4b:71:db:4b:b9:ae:bb:db:0d:01:32:4c:80:74:d7:
         d3:9e:10:5e:1e:14:a1:7f:15:bc:3e:b4:7c:dc:0b:4f:96:6c:
         75:4b:37:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu2axitMTF/2FMuDKsk6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjUwMzEyMTkwMTA5WhcNMjUwMzEzMTkwMTA5WjAzMTEwLwYDVQQD
EyhhM2MzMWI4MGM1ODBjZWZmOTc3ZTAyYjVjZGY3MTcxNDY4ZGJjMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FuVg6K2tkyqQ7ctmNxMUTK6gFyK
MKa4zIU9NLCzqZGavV//YQQ/HHgIq5es/Yys7pAd485SR2ucyVVJWDNR1GJfMRo9
4CACXmw7WcjtU/e1S2kVLSB9HHX05k6FjMkcRD+RaoGEuRCQYQaFYcTUbxfl0CII
lINCCkaBUAC6QF7DRdGaZsrZk+s4uo8xfJZpioNVIgKcyTCCnql1wX5Tt29W3Q0i
AqGSSjkOVAlhU8kPj0Gsfkwnvf7FqVl4hAsEjArWEkUMaGQT2pZcIcKaxPZ0b55t
3L+YS3o0g5Z9USdfq8YUThgEfkCypK+yfYcnV6QAQTuD+jWTwNVaBy8UowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPDG4DFgM7/l34Ctc33FxRo28KTMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAslDNWyre
Uv06u9eg3J790UZmzvKUN8NLlsXb3qlvDXFO3BHgNQfaemfW1EWHVf2FAtPYyo8T
CsMypKKBWNjurJycoOjAl2lbCW3JvB7INqxaoqX5fweGLJDclwXXJWGGAkQbgKkP
75vV6zM7oDTxgWWLtF4e6+p6nKFGj3tFiswmmRgSWVCJIzAg8ot7J0DTbYpu1OsB
vh5DZzS63oc7HI8CQE59+KsOLe5Mys7IUo0PT6J4AdSI0q5+91e+kvaYuKvKQxmM
6WUy7ewTHoixLedwXNefpAUyzPM7S3HbS7muu9sNATJMgHTX054QXh4UoX8VvD60
fNwLT5ZsdUs34A==
-----END CERTIFICATE-----