Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
File:                     oUYsqczoyP_R-dfefH6QXG6JPPw.mft (raw, json)
Hash identifier:          x0Afi+hA4vF8y1xkYogzclscVLq+sNdwQwRX/xk4yjo=
Subject key identifier:   4C:9C:45:3B:05:CC:F2:DC:1A:18:ED:FC:A7:D3:3C:F1:7D:8E:04:94
Authority key identifier: A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC
Certificate issuer:       /CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
Certificate serial:       019655375FB38EFB0E0F522B54CA0CF4A1F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 22:00:14 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:14 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:14 +0000
Files and hashes:         1: oUYsqczoyP_R-dfefH6QXG6JPPw.crl (hash: mzh31LonmVaylFpiiRjFTdOwKdoa7FbE7r0DUEfuN0c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:5f:b3:8e:fb:0e:0f:52:2b:54:ca:0c:f4:a1:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
        Validity
            Not Before: Apr 20 22:00:14 2025 GMT
            Not After : Apr 21 22:00:14 2025 GMT
        Subject: CN=4c9c453b05ccf2dc1a18edfca7d33cf17d8e0494
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f1:9e:21:fe:29:c3:53:29:f1:58:c4:9a:9f:
                    64:82:65:91:55:85:a7:b4:a2:9b:ff:7a:3c:71:32:
                    18:21:5c:e4:17:e7:69:e7:d5:11:e3:25:27:1e:97:
                    34:ef:77:dd:d5:b6:81:df:ca:d5:20:b1:a1:62:f8:
                    b5:4d:51:12:c7:ec:eb:c2:ca:05:d2:28:a0:fa:a0:
                    a8:77:04:c2:23:6f:5b:e2:b6:91:47:d8:c2:9b:a5:
                    3f:4e:12:e9:8b:b9:5f:d2:e1:de:c1:a1:5a:9e:24:
                    da:f5:ac:2b:b9:46:5e:45:a6:cd:a3:13:ed:5c:e8:
                    c9:49:f8:11:c2:eb:f7:da:9f:1d:7a:41:6d:b7:b7:
                    c6:e5:6a:09:9f:fa:e4:f2:a6:d0:0e:71:f1:31:ab:
                    25:af:9e:95:01:c4:dd:74:76:11:e0:ac:87:fd:48:
                    8b:c7:36:00:74:5b:99:91:a6:f7:ca:f5:0b:c2:05:
                    a4:be:82:d7:6d:1b:29:8d:60:ff:74:63:e2:ea:8d:
                    8c:d5:c3:4d:ed:ca:f2:05:9d:f1:3b:f5:f5:03:04:
                    e4:05:df:79:98:49:10:29:49:2c:27:bf:ef:03:1f:
                    a6:40:3f:e8:07:3f:5c:ca:80:55:be:78:b0:b3:44:
                    cc:94:c9:0a:53:73:78:5f:3b:88:2b:ab:95:29:e3:
                    ac:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:9C:45:3B:05:CC:F2:DC:1A:18:ED:FC:A7:D3:3C:F1:7D:8E:04:94
            X509v3 Authority Key Identifier:
                keyid:A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:64:d3:18:5a:94:6c:cf:1c:13:62:93:3f:d9:3f:4d:5b:df:
         8e:45:1c:f4:45:3a:65:b7:5c:c2:08:0f:39:ff:23:cd:6e:2f:
         eb:97:70:80:83:6f:20:49:1e:2c:5c:55:65:de:5f:6c:50:0b:
         d9:49:0b:b9:31:da:36:da:8b:59:ea:16:a3:53:d6:75:93:17:
         0a:1c:e7:91:43:d9:14:4d:d4:d6:b6:a8:f6:23:4b:f2:f6:ef:
         40:f8:9f:e9:c4:d3:78:02:f6:4d:36:5b:e8:09:e4:3c:b0:9a:
         f9:b0:eb:91:5e:0a:8d:3e:bf:cc:79:19:87:80:fb:7b:a0:0f:
         77:a6:91:2e:40:53:ea:dd:3c:42:68:fd:29:d1:33:73:d6:6e:
         33:58:01:64:2a:69:cb:08:e1:9e:f0:d7:f9:d2:4f:49:3d:9d:
         8e:c9:bb:2f:b2:90:3a:4c:26:36:71:b2:c7:38:93:41:79:88:
         59:09:31:e3:35:f1:35:8d:af:bd:60:9b:b1:88:0c:d5:ba:c4:
         7e:26:e3:9c:1a:d1:01:89:2c:5d:54:70:f8:c4:42:0f:a7:38:
         0a:4c:32:c9:8d:e0:09:12:22:21:0f:95:68:09:3b:d9:3f:c7:
         cd:96:c4:df:72:f6:11:3c:e8:84:ea:41:d9:28:7d:40:2c:2f:
         fd:17:d9:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN1+zjvsOD1IrVMoM9KH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDYyY2E5Y2NlOGM4ZmZkMWY5ZDdkZTdjN2U5MDVjNmU4
OTNjZmMwHhcNMjUwNDIwMjIwMDE0WhcNMjUwNDIxMjIwMDE0WjAzMTEwLwYDVQQD
Eyg0YzljNDUzYjA1Y2NmMmRjMWExOGVkZmNhN2QzM2NmMTdkOGUwNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufGeIf4pw1Mp8VjEmp9kgmWRVYWn
tKKb/3o8cTIYIVzkF+dp59UR4yUnHpc073fd1baB38rVILGhYvi1TVESx+zrwsoF
0iig+qCodwTCI29b4raRR9jCm6U/ThLpi7lf0uHewaFaniTa9awruUZeRabNoxPt
XOjJSfgRwuv32p8dekFtt7fG5WoJn/rk8qbQDnHxMaslr56VAcTddHYR4KyH/UiL
xzYAdFuZkab3yvULwgWkvoLXbRspjWD/dGPi6o2M1cNN7cryBZ3xO/X1AwTkBd95
mEkQKUksJ7/vAx+mQD/oBz9cyoBVvniws0TMlMkKU3N4XzuIK6uVKeOsNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEycRTsFzPLcGhjt/KfTPPF9jgSUMB8GA1UdIwQY
MBaAFKFGLKnM6Mj/0fnX3nx+kFxuiTz8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4Mjgt
MjcyY2M5MmNjNjBiLzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4MjgtMjcyY2M5MmNjNjBi
LzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGTTGFqU
bM8cE2KTP9k/TVvfjkUc9EU6ZbdcwggPOf8jzW4v65dwgINvIEkeLFxVZd5fbFAL
2UkLuTHaNtqLWeoWo1PWdZMXChznkUPZFE3U1rao9iNL8vbvQPif6cTTeAL2TTZb
6AnkPLCa+bDrkV4KjT6/zHkZh4D7e6APd6aRLkBT6t08Qmj9KdEzc9ZuM1gBZCpp
ywjhnvDX+dJPST2djsm7L7KQOkwmNnGyxziTQXmIWQkx4zXxNY2vvWCbsYgM1brE
fibjnBrRAYksXVRw+MRCD6c4CkwyyY3gCRIiIQ+VaAk72T/HzZbE33L2ETzohOpB
2Sh9QCwv/RfZAg==
-----END CERTIFICATE-----