Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          nc8+kllKOt7B3EvtqQxOI9jvqkcnENlTL6wC8eQ7CQY=
Subject key identifier:   93:CE:B6:81:ED:53:8B:87:BA:57:45:96:78:19:A2:9F:C3:B3:17:B7
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       01964FDAAB2BD485DDBB47A927C954178DB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          1246
Signing time:             Sat 19 Apr 2025 21:00:52 +0000
Manifest this update:     Sat 19 Apr 2025 21:00:52 +0000
Manifest next update:     Sun 20 Apr 2025 21:00:52 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: mbqo2KVasKpqLY8U3Hy8iMc+p8WWloMdGT6vLxwuAy8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 21:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:da:ab:2b:d4:85:dd:bb:47:a9:27:c9:54:17:8d:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Apr 19 21:00:52 2025 GMT
            Not After : Apr 20 21:00:52 2025 GMT
        Subject: CN=93ceb681ed538b87ba5745967819a29fc3b317b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:37:bb:37:a5:e6:44:27:6d:d0:c2:be:e0:88:
                    71:63:b4:fa:f0:69:20:4a:a5:fe:cf:9c:f9:81:54:
                    29:e9:51:9c:4c:af:06:be:75:ab:55:40:37:66:2b:
                    3d:20:00:60:39:88:2b:ec:55:e5:50:8a:5f:8f:db:
                    b7:7b:0b:0e:9c:63:e3:1e:73:c7:bd:d8:d5:3e:87:
                    fc:48:b6:18:2b:ee:87:fb:ae:1e:2c:29:e4:d9:cc:
                    fd:63:7f:9e:7c:8b:e1:2f:ce:59:98:df:1a:9a:9d:
                    5b:8e:55:d7:a1:c8:9a:a3:e8:a7:55:fe:4b:60:a9:
                    64:9d:fa:14:0f:e6:bf:d8:aa:0b:71:a9:2e:9c:e1:
                    63:cf:c6:9f:9c:47:b5:4a:5a:5e:b5:82:1b:9c:6d:
                    f8:67:5e:d3:c7:68:46:51:98:08:5f:2f:88:ff:9a:
                    c3:2b:f2:8b:ae:05:1d:b4:f8:5a:b7:9c:18:d5:62:
                    c2:b0:06:52:d3:a3:a4:37:68:0b:94:7d:eb:3d:11:
                    c5:d1:d8:8b:05:b6:9c:fa:9d:29:c8:81:c9:84:66:
                    9f:cc:ab:ab:85:f3:88:4c:7a:6b:97:d0:5b:81:b2:
                    9f:12:7a:2c:e5:5c:80:82:f5:9c:e0:90:98:04:e8:
                    35:37:1e:30:eb:f8:24:61:f3:15:a0:69:ac:61:fe:
                    06:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:CE:B6:81:ED:53:8B:87:BA:57:45:96:78:19:A2:9F:C3:B3:17:B7
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:f2:0e:86:d3:d6:39:b2:72:c1:09:7a:19:00:a8:c2:a1:9f:
         73:01:55:29:42:ea:e3:b6:9e:5a:0a:4a:53:5a:18:20:17:e6:
         a5:71:f5:8e:0b:14:79:a9:ef:a9:d5:24:6e:4b:f8:51:7c:28:
         10:ce:0c:28:b9:17:8a:da:47:a5:6d:dd:05:f3:3c:51:dd:c6:
         3f:fa:b3:1c:8e:c0:5d:29:e3:00:19:76:39:49:56:3b:53:74:
         2b:45:e2:3d:d9:12:e7:15:09:ed:e1:45:b5:bd:01:9a:ed:ff:
         f8:e5:74:aa:50:e9:ed:55:08:65:09:7a:4f:9f:7b:35:1b:3e:
         f3:0d:78:3d:7c:bd:1d:49:ce:bb:cc:44:8f:34:b6:0a:0f:cf:
         11:d5:4d:19:9f:69:5f:e8:13:ab:9a:83:95:1d:b7:16:58:0c:
         4c:e1:a1:1c:2a:8d:c4:ac:7d:bf:88:56:75:59:ab:71:08:4f:
         34:54:b8:ef:13:af:fd:11:f7:d2:db:b1:76:fe:08:ac:03:83:
         6a:46:be:b9:41:93:23:f6:c4:9a:9d:80:32:c9:bb:b7:f1:1b:
         11:8c:a0:0c:79:b8:0f:88:82:33:af:87:88:c4:cc:d5:a5:0e:
         65:f2:ae:7e:b2:72:ef:4a:2d:ca:9e:a4:ad:2b:11:55:01:e8:
         5a:d5:53:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2qsr1IXdu0epJ8lUF422MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwNDE5MjEwMDUyWhcNMjUwNDIwMjEwMDUyWjAzMTEwLwYDVQQD
Eyg5M2NlYjY4MWVkNTM4Yjg3YmE1NzQ1OTY3ODE5YTI5ZmMzYjMxN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkze7N6XmRCdt0MK+4IhxY7T68Gkg
SqX+z5z5gVQp6VGcTK8GvnWrVUA3Zis9IABgOYgr7FXlUIpfj9u3ewsOnGPjHnPH
vdjVPof8SLYYK+6H+64eLCnk2cz9Y3+efIvhL85ZmN8amp1bjlXXociao+inVf5L
YKlknfoUD+a/2KoLcakunOFjz8afnEe1SlpetYIbnG34Z17Tx2hGUZgIXy+I/5rD
K/KLrgUdtPhat5wY1WLCsAZS06OkN2gLlH3rPRHF0diLBbac+p0pyIHJhGafzKur
hfOITHprl9BbgbKfEnos5VyAgvWc4JCYBOg1Nx4w6/gkYfMVoGmsYf4GaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPOtoHtU4uHuldFlngZop/Dsxe3MB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfIOhtPW
ObJywQl6GQCowqGfcwFVKULq47aeWgpKU1oYIBfmpXH1jgsUeanvqdUkbkv4UXwo
EM4MKLkXitpHpW3dBfM8Ud3GP/qzHI7AXSnjABl2OUlWO1N0K0XiPdkS5xUJ7eFF
tb0Bmu3/+OV0qlDp7VUIZQl6T597NRs+8w14PXy9HUnOu8xEjzS2Cg/PEdVNGZ9p
X+gTq5qDlR23FlgMTOGhHCqNxKx9v4hWdVmrcQhPNFS47xOv/RH30tuxdv4IrAOD
aka+uUGTI/bEmp2AMsm7t/EbEYygDHm4D4iCM6+HiMTM1aUOZfKufrJy70otyp6k
rSsRVQHoWtVTiw==
-----END CERTIFICATE-----