Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File:                     OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier:          iaeT6cr/3IF4lUALfXmS3vmeAhCLNPxD9jfhlnTs0bE=
Subject key identifier:   62:4B:F1:08:9F:15:7B:E3:86:80:16:86:1F:B1:9E:47:3D:EA:20:05
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer:       /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial:       01974DB26B63459D407746DF32B01294B2AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number:          015F
Signing time:             Sun 08 Jun 2025 04:00:27 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:27 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:27 +0000
Files and hashes:         1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: mEMTDaqru+xZChaIh5Vm+KBzJ20AESwuGn5gpmvjG4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:6b:63:45:9d:40:77:46:df:32:b0:12:94:b2:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
        Validity
            Not Before: Jun  8 04:00:27 2025 GMT
            Not After : Jun  9 04:00:27 2025 GMT
        Subject: CN=624bf1089f157be3868016861fb19e473dea2005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:99:fd:a6:e7:d7:af:0d:ce:c8:34:c2:2e:39:
                    cd:d7:66:a7:ff:e6:c1:a4:82:6c:cc:df:24:3a:69:
                    ab:24:98:17:9b:aa:bd:2f:a6:89:a9:ea:51:19:ea:
                    ef:78:25:0f:d2:3e:97:47:04:c7:aa:b2:ab:ce:69:
                    4a:f9:ab:7c:37:74:04:77:dc:05:03:13:a8:60:31:
                    ce:0f:a3:7f:a2:1a:4a:42:74:0b:2a:92:97:dd:68:
                    44:3b:2a:01:b8:01:74:4f:e0:45:e4:3e:d7:ee:77:
                    5b:16:f6:d8:fb:1b:8e:4c:bb:81:74:7b:e0:96:2b:
                    f2:c6:ec:04:4d:61:c8:9c:78:54:76:33:01:24:9b:
                    aa:23:11:ed:66:f8:28:7a:6b:08:75:b2:b8:ce:7f:
                    4e:45:55:13:f1:0d:0a:1f:b2:26:4f:05:29:68:2b:
                    22:cc:d9:a5:cf:04:30:22:19:74:b2:17:e3:db:ae:
                    7d:0b:b5:aa:54:c4:aa:27:bf:89:81:07:4d:8c:e1:
                    80:30:9d:f0:62:38:9f:1b:50:5b:38:01:dd:9f:4f:
                    f8:4e:c5:a5:7c:47:88:44:50:cd:ca:41:7e:36:a1:
                    44:55:62:07:30:6b:bb:7c:f1:4f:ac:c2:33:e0:8f:
                    5f:32:e5:69:a1:5f:e0:9c:62:dc:1e:72:ea:d4:a6:
                    98:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:4B:F1:08:9F:15:7B:E3:86:80:16:86:1F:B1:9E:47:3D:EA:20:05
            X509v3 Authority Key Identifier:
                keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:d5:de:2b:cc:2a:d0:a0:6f:12:18:a0:c0:5e:a9:49:37:f8:
         53:0a:bb:42:2b:c2:5c:64:db:df:40:21:f8:04:55:d0:3f:dc:
         45:d3:56:07:10:cb:f1:27:80:39:62:34:4e:0f:ec:8e:fa:02:
         bc:85:67:23:ef:a9:43:e2:6e:f4:fa:cb:b7:af:03:2d:ff:4a:
         f9:b2:ce:45:29:32:b4:91:b1:60:0d:13:40:08:34:75:80:02:
         93:e9:67:a1:1b:a5:b5:40:82:1a:be:cc:fa:f6:e8:7c:ba:27:
         b4:b7:75:f0:72:aa:9e:e5:ad:da:99:42:42:54:9e:90:8f:b3:
         7b:86:02:6b:c4:f3:59:46:c5:dc:e0:bb:e6:84:1c:ac:af:0f:
         3a:2b:13:98:a4:ec:f8:c0:96:14:06:83:cd:10:49:7a:f7:89:
         cf:96:4c:be:1e:3c:c4:23:22:cd:50:c7:56:dd:f4:ef:32:16:
         e9:fc:32:b5:c7:d5:c5:08:ae:03:2d:80:59:78:89:2b:ba:70:
         bb:6a:69:7c:2d:8d:a3:f5:67:ba:43:2b:fa:09:2d:5b:4e:60:
         d2:41:be:e0:9a:d2:ec:e8:d2:10:fe:12:12:47:6e:2d:5a:56:
         23:fa:f6:f9:ec:14:20:63:dd:36:82:29:d7:80:39:33:65:f0:
         11:22:ed:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNsmtjRZ1Ad0bfMrASlLKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjUwNjA4MDQwMDI3WhcNMjUwNjA5MDQwMDI3WjAzMTEwLwYDVQQD
Eyg2MjRiZjEwODlmMTU3YmUzODY4MDE2ODYxZmIxOWU0NzNkZWEyMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5n9pufXrw3OyDTCLjnN12an/+bB
pIJszN8kOmmrJJgXm6q9L6aJqepRGerveCUP0j6XRwTHqrKrzmlK+at8N3QEd9wF
AxOoYDHOD6N/ohpKQnQLKpKX3WhEOyoBuAF0T+BF5D7X7ndbFvbY+xuOTLuBdHvg
livyxuwETWHInHhUdjMBJJuqIxHtZvgoemsIdbK4zn9ORVUT8Q0KH7ImTwUpaCsi
zNmlzwQwIhl0shfj2659C7WqVMSqJ7+JgQdNjOGAMJ3wYjifG1BbOAHdn0/4TsWl
fEeIRFDNykF+NqFEVWIHMGu7fPFPrMIz4I9fMuVpoV/gnGLcHnLq1KaYKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJL8QifFXvjhoAWhh+xnkc96iAFMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNXeK8wq
0KBvEhigwF6pSTf4Uwq7QivCXGTb30Ah+ARV0D/cRdNWBxDL8SeAOWI0Tg/sjvoC
vIVnI++pQ+Ju9PrLt68DLf9K+bLORSkytJGxYA0TQAg0dYACk+lnoRultUCCGr7M
+vbofLontLd18HKqnuWt2plCQlSekI+ze4YCa8TzWUbF3OC75oQcrK8POisTmKTs
+MCWFAaDzRBJeveJz5ZMvh48xCMizVDHVt307zIW6fwytcfVxQiuAy2AWXiJK7pw
u2ppfC2No/VnukMr+gktW05g0kG+4JrS7OjSEP4SEkduLVpWI/r2+ewUIGPdNoIp
14A5M2XwESLtqQ==
-----END CERTIFICATE-----