Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          Jv/aibnh/R+6mFXG0gif7yeRgTfpskZ8HXjFkkObOrM=
Subject key identifier:   36:D9:9A:D9:33:FB:8E:7B:03:E2:3C:0E:E0:62:BB:49:64:6F:3C:AE
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       01974A7A7595700E663158280DDD85321EFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1276
Signing time:             Sat 07 Jun 2025 13:00:28 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:28 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:28 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: 8yZz6vNjsZCKCErLeYkHDKJlmyOyh9YuR05NNtnwd40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:75:95:70:0e:66:31:58:28:0d:dd:85:32:1e:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Jun  7 13:00:28 2025 GMT
            Not After : Jun  8 13:00:28 2025 GMT
        Subject: CN=36d99ad933fb8e7b03e23c0ee062bb49646f3cae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a2:1e:b6:1e:1e:4a:c3:7b:33:95:a1:db:ec:
                    d1:a6:aa:c0:d2:4b:27:01:63:e2:3d:93:d3:d4:3a:
                    9f:fd:87:5c:f6:01:5f:58:77:14:1c:37:2e:0f:6a:
                    0c:7e:01:39:f5:ef:26:d8:7b:c2:fa:32:28:43:b7:
                    b6:eb:c6:51:68:7a:03:ba:fc:7a:6f:76:91:ef:36:
                    04:82:ff:cc:7c:da:f4:4d:c5:55:d9:af:a2:87:2b:
                    89:ff:65:d1:f0:2c:7f:70:c4:af:d5:82:79:48:a5:
                    b2:a7:db:3c:e2:97:37:dc:3e:53:83:02:60:6c:5c:
                    6c:2d:43:fb:9f:a5:da:fb:64:36:02:9a:5c:dd:cd:
                    d6:5d:9f:76:7b:72:de:e9:52:ff:58:e4:c7:07:92:
                    82:bd:35:d2:4b:aa:66:97:37:09:67:7c:27:26:c9:
                    5d:b0:01:70:85:75:76:d5:8e:62:a7:79:3f:f4:88:
                    13:52:8d:1e:0c:a5:c5:4e:2b:6c:a7:4c:eb:47:c7:
                    23:76:6c:b3:03:a5:36:6c:50:e7:30:57:b9:fb:d7:
                    88:15:ad:6b:06:f3:7a:57:9c:e6:b2:88:d6:7f:04:
                    e0:6b:c5:9b:61:b9:c3:b3:31:1b:b8:84:8e:4a:06:
                    61:3f:a9:77:9a:6e:cf:89:be:5a:48:26:1f:70:b7:
                    60:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D9:9A:D9:33:FB:8E:7B:03:E2:3C:0E:E0:62:BB:49:64:6F:3C:AE
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:da:ed:c9:0e:ee:d9:91:7e:96:97:f1:0f:5f:d1:09:9c:f4:
         3a:75:0a:ec:64:3e:59:12:07:68:40:a2:8e:31:32:25:bd:17:
         bf:9b:61:6a:a1:79:c6:0c:53:77:47:fa:3d:13:06:27:7f:3c:
         7a:75:02:bd:1c:7b:c0:9c:73:12:3a:c6:42:1a:d6:55:bd:50:
         96:70:9b:f0:b0:5a:a5:74:19:b2:c4:ce:a2:c6:8e:2f:58:6b:
         5e:fb:8c:66:76:7d:36:db:4f:02:d8:50:55:a7:f2:56:10:bf:
         f5:8e:70:19:5c:17:ac:c1:a0:e0:2f:4d:1f:7e:3c:35:56:7c:
         ed:9c:54:ae:2d:68:5b:a5:f4:15:b6:4f:17:d6:fb:66:a0:e6:
         a9:c2:12:11:6c:aa:a9:b0:ad:9b:43:75:8d:97:ac:22:8e:32:
         7b:b7:1a:ee:f9:99:3e:2d:4d:a1:95:fb:b9:54:ef:fc:c9:80:
         88:9a:a9:ec:a8:06:0b:78:f1:b7:35:da:76:1d:07:5e:80:df:
         77:3a:d1:de:cb:e1:36:a5:15:13:ef:1d:7e:dc:af:b8:19:fe:
         c0:a7:d6:2a:61:e8:07:16:00:91:da:4d:c2:5c:4c:d2:4e:1c:
         84:bc:eb:cf:91:dd:e9:c5:72:89:e0:33:7e:32:28:9b:29:3d:
         9c:42:69:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKenWVcA5mMVgoDd2FMh7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwNjA3MTMwMDI4WhcNMjUwNjA4MTMwMDI4WjAzMTEwLwYDVQQD
EygzNmQ5OWFkOTMzZmI4ZTdiMDNlMjNjMGVlMDYyYmI0OTY0NmYzY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqIeth4eSsN7M5Wh2+zRpqrA0ksn
AWPiPZPT1Dqf/Ydc9gFfWHcUHDcuD2oMfgE59e8m2HvC+jIoQ7e268ZRaHoDuvx6
b3aR7zYEgv/MfNr0TcVV2a+ihyuJ/2XR8Cx/cMSv1YJ5SKWyp9s84pc33D5TgwJg
bFxsLUP7n6Xa+2Q2Appc3c3WXZ92e3Le6VL/WOTHB5KCvTXSS6pmlzcJZ3wnJsld
sAFwhXV21Y5ip3k/9IgTUo0eDKXFTitsp0zrR8cjdmyzA6U2bFDnMFe5+9eIFa1r
BvN6V5zmsojWfwTga8WbYbnDszEbuISOSgZhP6l3mm7Pib5aSCYfcLdgjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbZmtkz+457A+I8DuBiu0lkbzyuMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtrtyQ7u
2ZF+lpfxD1/RCZz0OnUK7GQ+WRIHaECijjEyJb0Xv5thaqF5xgxTd0f6PRMGJ388
enUCvRx7wJxzEjrGQhrWVb1QlnCb8LBapXQZssTOosaOL1hrXvuMZnZ9NttPAthQ
VafyVhC/9Y5wGVwXrMGg4C9NH348NVZ87ZxUri1oW6X0FbZPF9b7ZqDmqcISEWyq
qbCtm0N1jZesIo4ye7ca7vmZPi1NoZX7uVTv/MmAiJqp7KgGC3jxtzXadh0HXoDf
dzrR3svhNqUVE+8dftyvuBn+wKfWKmHoBxYAkdpNwlxM0k4chLzrz5Hd6cVyieAz
fjIomyk9nEJpTA==
-----END CERTIFICATE-----