Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          khymleAiSNzPXV5fi6UBW/753hzuwXk00/1axlciDwY=
Subject key identifier:   DE:91:AE:C8:72:44:86:42:94:FA:AF:58:17:58:07:C8:63:51:7F:22
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       01974A7AE04068281274B5A516DD57306ED2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 13:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:56 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: JTMrOeoxbGl1uY43tbQpHsoLNr1nsM22iRbT5u80F0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:e0:40:68:28:12:74:b5:a5:16:dd:57:30:6e:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Jun  7 13:00:56 2025 GMT
            Not After : Jun  8 13:00:56 2025 GMT
        Subject: CN=de91aec87244864294faaf58175807c863517f22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:05:84:6a:45:77:cf:02:40:39:b7:a7:00:03:
                    32:d0:41:67:f5:d8:83:4b:70:83:5d:f7:a7:b3:02:
                    29:84:f6:99:2a:29:12:a2:88:a6:e0:57:a2:a4:d0:
                    bd:9f:79:89:db:b5:b9:b1:05:d8:40:4b:5e:2f:7f:
                    46:4a:af:b0:ac:f8:4a:50:35:b8:ed:5b:20:9d:9f:
                    a0:4c:b7:48:7d:dc:63:0b:c6:1a:11:9b:48:8f:0e:
                    20:e8:dc:ba:b0:90:13:c3:42:96:fe:66:81:0b:67:
                    e8:dd:0c:1c:0d:80:47:14:1a:87:43:f9:9f:22:fd:
                    71:0f:56:04:9c:41:6d:91:a8:08:7d:58:39:91:4d:
                    76:88:c9:ab:ca:15:a6:a4:09:4c:fc:21:c9:eb:ac:
                    0e:cb:5f:b6:31:d7:19:90:27:d6:f3:f4:22:a1:85:
                    47:ae:4e:9d:a1:62:b5:43:a5:43:52:b2:4e:78:e1:
                    ea:a6:a3:f7:d2:88:43:b4:c3:86:51:2c:d6:57:c9:
                    9e:dd:fc:89:95:90:d7:08:03:ec:31:10:b1:28:fd:
                    0a:20:b7:41:13:dc:06:06:08:31:37:45:54:d1:87:
                    2e:f3:e8:6e:bc:d9:c4:71:9f:74:d5:7f:90:1d:88:
                    43:42:4c:a7:34:52:34:1a:44:f5:5c:af:1e:61:39:
                    de:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:91:AE:C8:72:44:86:42:94:FA:AF:58:17:58:07:C8:63:51:7F:22
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:a4:6b:16:f6:08:68:7d:22:8e:48:77:70:39:05:50:91:93:
         52:33:28:84:89:ef:fe:e1:ae:54:c0:a1:32:9d:19:f6:7b:f1:
         69:80:a8:06:fe:3f:00:7a:a3:f1:06:f6:b7:09:7c:05:7a:6e:
         42:29:03:0b:9f:24:fb:3c:83:46:3b:0c:ac:55:65:08:a6:99:
         56:ea:51:3b:a4:19:21:45:42:2c:71:00:14:35:a6:17:75:19:
         25:82:1f:74:74:1f:cd:1d:68:08:7f:04:d5:db:d7:90:98:c6:
         fd:50:55:d6:41:d8:f6:8f:24:ba:39:be:db:4c:f0:c4:e1:2a:
         79:34:a2:c0:3c:4f:1b:cd:8f:e5:53:b6:4c:d1:53:2b:a2:07:
         ce:55:1a:2b:f4:ae:a4:8c:07:9b:95:67:cd:0e:aa:9a:bf:95:
         bb:84:11:4f:5e:bc:b3:d2:ce:ef:3e:15:2f:50:9f:7b:9b:ef:
         0d:7e:7f:52:a7:af:0f:dc:24:4c:11:ab:46:0d:ef:96:2f:7a:
         c0:11:79:8e:35:b2:df:0f:fe:e6:c8:04:1a:44:38:2d:99:73:
         87:9d:dd:24:c8:a3:92:a2:82:39:a0:80:01:a1:9b:26:14:6f:
         a0:e7:66:9a:47:a3:1a:f5:68:89:6a:df:a4:f2:c2:08:75:c9:
         fd:3d:ae:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeuBAaCgSdLWlFt1XMG7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUwNjA3MTMwMDU2WhcNMjUwNjA4MTMwMDU2WjAzMTEwLwYDVQQD
EyhkZTkxYWVjODcyNDQ4NjQyOTRmYWFmNTgxNzU4MDdjODYzNTE3ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwWEakV3zwJAObenAAMy0EFn9diD
S3CDXfenswIphPaZKikSooim4FeipNC9n3mJ27W5sQXYQEteL39GSq+wrPhKUDW4
7VsgnZ+gTLdIfdxjC8YaEZtIjw4g6Ny6sJATw0KW/maBC2fo3QwcDYBHFBqHQ/mf
Iv1xD1YEnEFtkagIfVg5kU12iMmryhWmpAlM/CHJ66wOy1+2MdcZkCfW8/QioYVH
rk6doWK1Q6VDUrJOeOHqpqP30ohDtMOGUSzWV8me3fyJlZDXCAPsMRCxKP0KILdB
E9wGBggxN0VU0Ycu8+huvNnEcZ901X+QHYhDQkynNFI0GkT1XK8eYTnePQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6RrshyRIZClPqvWBdYB8hjUX8iMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6RrFvYI
aH0ijkh3cDkFUJGTUjMohInv/uGuVMChMp0Z9nvxaYCoBv4/AHqj8Qb2twl8BXpu
QikDC58k+zyDRjsMrFVlCKaZVupRO6QZIUVCLHEAFDWmF3UZJYIfdHQfzR1oCH8E
1dvXkJjG/VBV1kHY9o8kujm+20zwxOEqeTSiwDxPG82P5VO2TNFTK6IHzlUaK/Su
pIwHm5VnzQ6qmr+Vu4QRT168s9LO7z4VL1Cfe5vvDX5/UqevD9wkTBGrRg3vli96
wBF5jjWy3w/+5sgEGkQ4LZlzh53dJMijkqKCOaCAAaGbJhRvoOdmmkejGvVoiWrf
pPLCCHXJ/T2uWQ==
-----END CERTIFICATE-----