Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File:                     OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier:          Ef+eo96EH+wmlbvhyOoXKCagNJpqP2bw6lHtTFfIs64=
Subject key identifier:   D6:F6:3C:35:BF:FF:00:64:19:0C:F9:F2:67:2D:D0:A0:7F:CE:53:9B
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer:       /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial:       019652A4F4AC8F65178912C4AC09621E6033
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number:          DD
Signing time:             Sun 20 Apr 2025 10:01:04 +0000
Manifest this update:     Sun 20 Apr 2025 10:01:04 +0000
Manifest next update:     Mon 21 Apr 2025 10:01:04 +0000
Files and hashes:         1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: ZbL0/K09/LRGHhOajlZU7wxyGgYKe5jHRjt0Z/4s8GA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:f4:ac:8f:65:17:89:12:c4:ac:09:62:1e:60:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
        Validity
            Not Before: Apr 20 10:01:04 2025 GMT
            Not After : Apr 21 10:01:04 2025 GMT
        Subject: CN=d6f63c35bfff0064190cf9f2672dd0a07fce539b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:42:77:20:94:26:69:c0:3b:b4:80:72:73:17:
                    e2:04:5b:f3:61:d3:e0:41:eb:68:71:54:ee:97:1f:
                    f3:9d:91:34:8d:17:b8:ba:88:e8:89:49:8a:ae:e2:
                    34:6a:24:df:2d:a0:20:04:a7:b9:f5:87:28:20:f2:
                    4f:60:69:0d:3a:31:c0:a4:dc:2b:56:7d:ff:9a:e7:
                    ed:d7:d2:93:a9:12:e2:d4:33:78:ce:ad:5a:6c:d0:
                    00:ca:d6:92:1f:bf:93:2b:ff:2d:d3:13:6c:78:11:
                    93:5f:59:a7:f0:ea:b2:fa:ae:01:51:3c:ea:6d:9f:
                    ae:ec:77:d3:4d:a8:02:43:89:6f:15:48:c5:5d:d1:
                    3b:5b:54:f4:d9:a0:49:7b:c9:75:77:fc:2f:4d:2c:
                    c5:08:07:ce:66:2b:c6:3b:c0:cd:c7:9d:bf:7b:f6:
                    1e:df:31:be:47:9d:04:db:17:64:9a:83:ee:62:ff:
                    6d:f9:65:e0:07:e6:12:e0:e9:ca:32:8d:99:3c:ad:
                    09:c3:7e:ee:60:e2:aa:2d:3c:ca:87:45:56:3d:6a:
                    65:dd:bc:f4:b2:b0:94:4b:85:db:25:13:ab:67:79:
                    93:c2:69:36:13:05:9f:65:62:f0:65:f9:a6:ec:60:
                    70:a3:94:4c:b0:fe:a7:84:d9:2a:a5:1b:50:a7:d2:
                    16:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F6:3C:35:BF:FF:00:64:19:0C:F9:F2:67:2D:D0:A0:7F:CE:53:9B
            X509v3 Authority Key Identifier:
                keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:01:1d:50:41:56:6e:c7:4b:23:2c:0b:2a:e8:b7:b7:96:0d:
         3b:12:09:68:0f:8b:d5:fb:99:91:64:ac:a3:26:39:31:9a:96:
         f4:3a:da:f9:66:b2:b8:32:c8:0a:56:6b:92:89:7a:5e:76:f0:
         53:20:26:2d:d7:d6:43:57:ce:de:5b:aa:96:35:0a:87:22:9e:
         f2:ad:c0:61:0f:e6:0e:5b:be:2e:ba:ec:7a:8a:11:47:38:ff:
         d4:c9:ad:84:35:f2:48:5d:1f:22:56:6a:7c:0a:85:62:80:d9:
         e6:1c:0c:0c:cc:83:2c:3d:da:3a:fa:f6:00:33:c3:d0:57:83:
         f0:21:cd:37:43:f4:7d:1c:5c:19:39:e1:23:4e:5c:9e:f1:16:
         07:79:e7:12:90:96:ca:fe:64:61:ad:d9:88:ce:e7:f6:f9:b9:
         f7:0b:d2:4b:33:6f:34:e8:f3:c3:8b:8a:97:85:04:e9:02:97:
         f2:4c:c3:bd:96:bb:2a:de:fa:e3:92:1a:93:ae:e4:8f:e0:83:
         8e:45:3b:6e:90:7d:9a:a9:28:88:da:1d:98:fa:76:9a:ee:e2:
         79:4e:80:1c:5c:c1:f5:7c:90:02:d3:aa:36:0c:16:f0:0b:ea:
         44:c6:10:d4:cc:92:9f:79:86:59:07:a4:d9:fa:0c:13:22:d9:
         2b:7e:8c:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpPSsj2UXiRLErAliHmAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjUwNDIwMTAwMTA0WhcNMjUwNDIxMTAwMTA0WjAzMTEwLwYDVQQD
EyhkNmY2M2MzNWJmZmYwMDY0MTkwY2Y5ZjI2NzJkZDBhMDdmY2U1MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEJ3IJQmacA7tIBycxfiBFvzYdPg
QetocVTulx/znZE0jRe4uojoiUmKruI0aiTfLaAgBKe59YcoIPJPYGkNOjHApNwr
Vn3/muft19KTqRLi1DN4zq1abNAAytaSH7+TK/8t0xNseBGTX1mn8Oqy+q4BUTzq
bZ+u7HfTTagCQ4lvFUjFXdE7W1T02aBJe8l1d/wvTSzFCAfOZivGO8DNx52/e/Ye
3zG+R50E2xdkmoPuYv9t+WXgB+YS4OnKMo2ZPK0Jw37uYOKqLTzKh0VWPWpl3bz0
srCUS4XbJROrZ3mTwmk2EwWfZWLwZfmm7GBwo5RMsP6nhNkqpRtQp9IWcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNb2PDW//wBkGQz58mct0KB/zlObMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFgEdUEFW
bsdLIywLKui3t5YNOxIJaA+L1fuZkWSsoyY5MZqW9Dra+WayuDLIClZrkol6Xnbw
UyAmLdfWQ1fO3luqljUKhyKe8q3AYQ/mDlu+LrrseooRRzj/1MmthDXySF0fIlZq
fAqFYoDZ5hwMDMyDLD3aOvr2ADPD0FeD8CHNN0P0fRxcGTnhI05cnvEWB3nnEpCW
yv5kYa3ZiM7n9vm59wvSSzNvNOjzw4uKl4UE6QKX8kzDvZa7Kt7645Iak67kj+CD
jkU7bpB9mqkoiNodmPp2mu7ieU6AHFzB9XyQAtOqNgwW8AvqRMYQ1MySn3mGWQek
2foMEyLZK36MzA==
-----END CERTIFICATE-----