Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          rH9I9UryjCAfKGQdY+fzjtYDxr3Hg87p77nx75gJe3w=
Subject key identifier:   CA:BC:8A:B7:B6:A4:6D:C7:2C:7F:1E:95:FC:E8:3D:8D:C6:44:85:36
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019747E7404AA3C2AC09F364CE53D29C6107
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          098B
Signing time:             Sat 07 Jun 2025 01:00:26 +0000
Manifest this update:     Sat 07 Jun 2025 01:00:26 +0000
Manifest next update:     Sun 08 Jun 2025 01:00:26 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: UCvS+h4LArJmBoKJcXGZkgFtpaAkSax7dWEaNNbFSI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:40:4a:a3:c2:ac:09:f3:64:ce:53:d2:9c:61:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Jun  7 01:00:26 2025 GMT
            Not After : Jun  8 01:00:26 2025 GMT
        Subject: CN=cabc8ab7b6a46dc72c7f1e95fce83d8dc6448536
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:45:6f:96:20:93:01:e3:52:f0:7f:d8:dc:fd:
                    f6:53:2b:40:49:3c:5c:80:c7:8e:c0:73:f7:8f:ea:
                    a0:ff:80:85:6a:10:bf:f5:42:d6:18:cb:6a:98:54:
                    44:ae:58:30:e9:6a:c3:06:1b:38:81:dd:a5:7e:6f:
                    5f:1e:32:9b:37:7f:af:06:e2:db:81:99:bf:ee:ba:
                    4d:12:3a:f5:f5:5a:77:5b:af:d9:2f:4e:1e:31:9a:
                    0d:ba:37:b2:6e:5a:d3:8a:f1:bd:44:70:40:71:09:
                    e9:ec:b1:5c:03:49:53:14:c8:99:37:60:d2:a8:dd:
                    31:c2:c1:c2:40:6c:bb:0a:c9:cd:22:dc:d4:ea:14:
                    c8:a7:b2:d1:f4:28:a6:3c:41:c3:ff:4c:6c:bb:f3:
                    0d:bf:b4:6b:ba:99:4f:7c:d4:7f:d5:73:c9:71:5d:
                    97:ff:06:10:1a:ba:f9:5d:de:21:4f:87:b5:46:a3:
                    9f:4b:1f:a9:ba:04:33:40:7c:77:f7:8c:af:a3:c7:
                    07:d4:94:d0:43:7f:b1:e3:60:b8:a4:44:cb:b1:c0:
                    ce:cc:d1:d9:68:0a:76:94:79:79:eb:0d:44:dd:8d:
                    71:6e:ed:53:2b:58:0f:e5:95:73:33:69:45:2e:c8:
                    ad:d7:50:43:cf:f0:73:ac:23:94:b5:3e:f9:d3:e5:
                    84:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:BC:8A:B7:B6:A4:6D:C7:2C:7F:1E:95:FC:E8:3D:8D:C6:44:85:36
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:be:a9:ff:9a:e6:70:39:7f:ea:60:a7:0a:81:80:8e:7d:50:
         85:0b:78:64:19:01:cd:bb:4a:15:e6:2e:fb:f3:93:9d:9c:b3:
         2f:25:9d:b3:6a:10:ba:2d:bc:e5:5b:19:99:f9:b6:0b:f4:49:
         43:62:16:8c:71:58:ca:d3:c1:42:4b:92:6b:2f:fc:ca:f8:68:
         12:9d:2b:c6:7e:d7:26:fd:59:4b:f5:c1:09:c4:6b:7d:b0:2d:
         36:de:83:64:cd:80:56:37:9d:5c:3e:05:32:d9:e3:09:15:f0:
         55:3c:cc:8c:68:a0:da:5c:60:57:a8:49:11:a1:27:62:df:75:
         91:fb:7e:7f:00:25:a1:d3:ab:3a:51:5b:8c:b8:7a:ee:08:58:
         4e:4a:b0:39:a8:16:42:39:ac:49:69:63:d2:9c:89:01:a3:45:
         ab:b6:a3:cd:ff:9a:e6:08:38:5f:cc:c0:41:13:65:93:89:1d:
         6f:b2:99:61:a8:f5:aa:27:c4:e5:5f:c8:c8:dc:dd:0b:a2:3a:
         3a:28:4d:b9:38:d8:27:12:f3:81:2e:21:fc:da:96:d7:1a:23:
         13:96:11:3e:3d:0d:9a:d1:cf:24:04:f7:f1:bc:c1:80:f7:67:
         39:52:0f:e4:e5:8c:17:24:59:88:6e:34:c1:66:a9:e3:43:d2:
         07:cf:47:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH50BKo8KsCfNkzlPSnGEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwNjA3MDEwMDI2WhcNMjUwNjA4MDEwMDI2WjAzMTEwLwYDVQQD
EyhjYWJjOGFiN2I2YTQ2ZGM3MmM3ZjFlOTVmY2U4M2Q4ZGM2NDQ4NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UVvliCTAeNS8H/Y3P32UytASTxc
gMeOwHP3j+qg/4CFahC/9ULWGMtqmFRErlgw6WrDBhs4gd2lfm9fHjKbN3+vBuLb
gZm/7rpNEjr19Vp3W6/ZL04eMZoNujeyblrTivG9RHBAcQnp7LFcA0lTFMiZN2DS
qN0xwsHCQGy7CsnNItzU6hTIp7LR9CimPEHD/0xsu/MNv7RruplPfNR/1XPJcV2X
/wYQGrr5Xd4hT4e1RqOfSx+pugQzQHx394yvo8cH1JTQQ3+x42C4pETLscDOzNHZ
aAp2lHl56w1E3Y1xbu1TK1gP5ZVzM2lFLsit11BDz/BzrCOUtT750+WE7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMq8ire2pG3HLH8elfzoPY3GRIU2MB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC76p/5rm
cDl/6mCnCoGAjn1QhQt4ZBkBzbtKFeYu+/OTnZyzLyWds2oQui285VsZmfm2C/RJ
Q2IWjHFYytPBQkuSay/8yvhoEp0rxn7XJv1ZS/XBCcRrfbAtNt6DZM2AVjedXD4F
MtnjCRXwVTzMjGig2lxgV6hJEaEnYt91kft+fwAlodOrOlFbjLh67ghYTkqwOagW
QjmsSWlj0pyJAaNFq7ajzf+a5gg4X8zAQRNlk4kdb7KZYaj1qifE5V/IyNzdC6I6
OihNuTjYJxLzgS4h/NqW1xojE5YRPj0NmtHPJAT38bzBgPdnOVIP5OWMFyRZiG40
wWap40PSB89HtA==
-----END CERTIFICATE-----