Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          9QHTylT/lGDs5jdnETCMawpEbW44qy4OPqAaHu/epdI=
Subject key identifier:   6C:E8:06:B2:8A:A3:45:39:9E:32:8A:FF:28:57:7C:D6:89:CD:3E:96
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       01974BC4A600D98B181A2F07D82334FADE88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 19:01:07 +0000
Manifest this update:     Sat 07 Jun 2025 19:01:07 +0000
Manifest next update:     Sun 08 Jun 2025 19:01:07 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: gorPKlQqcE5cHaLMr8/WBk6Gf3A238EBuRxQNr11PQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:a6:00:d9:8b:18:1a:2f:07:d8:23:34:fa:de:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Jun  7 19:01:07 2025 GMT
            Not After : Jun  8 19:01:07 2025 GMT
        Subject: CN=6ce806b28aa345399e328aff28577cd689cd3e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:49:c4:93:d1:88:db:07:02:11:19:51:3f:99:
                    54:6c:eb:5a:c4:2d:c1:cd:6f:d0:52:64:68:d1:f3:
                    07:bb:34:87:4f:a8:a0:4a:86:11:c6:e5:06:a4:68:
                    09:e9:b8:64:a3:9b:d0:7b:1e:ca:41:29:4b:c2:8e:
                    03:02:ed:09:b0:2c:03:d9:55:47:67:ee:07:ae:c6:
                    90:0d:91:7e:99:54:c2:ef:a0:10:01:e3:ac:b2:09:
                    cd:4f:fe:a2:93:e5:1e:be:1b:cc:96:bd:19:42:8b:
                    c4:dc:68:3f:0f:c7:76:eb:ab:7b:9e:bd:b5:fc:88:
                    73:cc:1d:32:52:06:33:94:cb:c2:b7:f7:77:ee:76:
                    67:89:b0:cd:e4:a1:8c:e2:3a:45:93:0e:bc:88:be:
                    cc:d8:91:a3:b0:69:01:d7:c1:61:97:52:31:25:57:
                    b2:48:08:d2:42:2d:df:ff:f5:a5:58:34:59:6f:8f:
                    06:87:f6:96:3f:a0:93:58:56:20:b3:22:18:95:23:
                    05:f3:ca:03:0f:5d:9f:51:bd:84:91:ff:e7:33:10:
                    c8:8d:62:f9:a1:e1:72:99:fd:c3:1b:2e:80:68:07:
                    b7:f4:1c:4f:dc:34:2c:d1:ff:db:0b:f2:f5:73:96:
                    21:27:e0:43:9b:8a:d5:89:74:c8:de:85:b5:de:c4:
                    ff:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:E8:06:B2:8A:A3:45:39:9E:32:8A:FF:28:57:7C:D6:89:CD:3E:96
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ac:47:cd:bf:5c:f1:16:ff:b2:e2:c4:11:53:de:9f:4e:98:
         09:c5:11:04:b0:11:68:50:1a:f3:96:c9:d4:93:83:73:9d:c3:
         90:f1:b2:04:f3:63:f1:16:2c:0e:4b:12:94:a8:92:f7:bb:29:
         d4:b1:19:5a:ec:6c:cd:e8:bd:34:54:d8:db:45:2c:28:a4:57:
         cd:97:ef:02:bf:e5:a5:7a:c1:38:bd:cd:2a:3a:aa:ca:c5:05:
         6a:85:53:bc:11:3a:82:c2:6e:05:62:71:23:53:72:bb:34:a0:
         d2:c1:ee:65:c1:49:2a:99:7e:5b:f8:b8:43:2d:eb:38:c9:e3:
         f1:35:0a:e0:b0:75:37:79:96:7f:ac:95:58:5e:a8:a6:9a:c9:
         3f:11:f4:f9:6a:02:29:12:b7:6b:92:d9:77:a2:41:75:8f:62:
         79:42:fc:de:3d:75:10:bb:ac:64:74:0c:32:86:67:ae:7d:ea:
         cf:05:ca:7c:36:25:3c:10:01:c9:90:58:d4:f5:91:05:e5:3c:
         8f:72:d8:cb:ea:42:42:3a:1d:e1:19:67:dc:da:e4:d5:b3:0b:
         53:ef:63:81:90:87:db:34:a3:00:8a:db:0b:7c:a3:4b:5b:c7:
         e5:6c:c3:a2:03:24:c1:d4:9d:d0:03:15:93:a6:a1:90:26:3c:
         5b:f3:3d:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxKYA2YsYGi8H2CM0+t6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjUwNjA3MTkwMTA3WhcNMjUwNjA4MTkwMTA3WjAzMTEwLwYDVQQD
Eyg2Y2U4MDZiMjhhYTM0NTM5OWUzMjhhZmYyODU3N2NkNjg5Y2QzZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsknEk9GI2wcCERlRP5lUbOtaxC3B
zW/QUmRo0fMHuzSHT6igSoYRxuUGpGgJ6bhko5vQex7KQSlLwo4DAu0JsCwD2VVH
Z+4HrsaQDZF+mVTC76AQAeOssgnNT/6ik+UevhvMlr0ZQovE3Gg/D8d266t7nr21
/IhzzB0yUgYzlMvCt/d37nZnibDN5KGM4jpFkw68iL7M2JGjsGkB18Fhl1IxJVey
SAjSQi3f//WlWDRZb48Gh/aWP6CTWFYgsyIYlSMF88oDD12fUb2Ekf/nMxDIjWL5
oeFymf3DGy6AaAe39BxP3DQs0f/bC/L1c5YhJ+BDm4rViXTI3oW13sT/owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzoBrKKo0U5njKK/yhXfNaJzT6WMB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6xHzb9c
8Rb/suLEEVPen06YCcURBLARaFAa85bJ1JODc53DkPGyBPNj8RYsDksSlKiS97sp
1LEZWuxszei9NFTY20UsKKRXzZfvAr/lpXrBOL3NKjqqysUFaoVTvBE6gsJuBWJx
I1NyuzSg0sHuZcFJKpl+W/i4Qy3rOMnj8TUK4LB1N3mWf6yVWF6opprJPxH0+WoC
KRK3a5LZd6JBdY9ieUL83j11ELusZHQMMoZnrn3qzwXKfDYlPBAByZBY1PWRBeU8
j3LYy+pCQjod4Rln3Nrk1bMLU+9jgZCH2zSjAIrbC3yjS1vH5WzDogMkwdSd0AMV
k6ahkCY8W/M9IQ==
-----END CERTIFICATE-----