Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
File:                     OXy939eSBtZcTugWjq9ucJAg-V0.mft (raw, json)
Hash identifier:          b+w0n/TNUGhH7wgqVGah5RHvb5YsA8o6YqzLPhtIKcg=
Subject key identifier:   8E:4A:E2:96:83:C6:AC:27:EF:A9:B7:C9:39:1A:B5:84:2B:EA:F6:3A
Authority key identifier: 39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D
Certificate issuer:       /CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
Certificate serial:       01964D7DFDADE4E64025399531A807378DC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
Manifest number:          08B9
Signing time:             Sat 19 Apr 2025 10:00:24 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:24 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:24 +0000
Files and hashes:         1: OXy939eSBtZcTugWjq9ucJAg-V0.crl (hash: KjfBI4Jmzt23ZRqUg8iP1laditn6TwhKSHX+3glTtuE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 10:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7d:fd:ad:e4:e6:40:25:39:95:31:a8:07:37:8d:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
        Validity
            Not Before: Apr 19 10:00:24 2025 GMT
            Not After : Apr 20 10:00:24 2025 GMT
        Subject: CN=8e4ae29683c6ac27efa9b7c9391ab5842beaf63a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:03:66:79:bf:11:3f:b0:1d:03:e2:e7:68:6b:
                    8f:c9:1b:7c:15:b6:50:bb:10:eb:13:96:dd:0b:33:
                    ec:d1:ca:ce:e5:09:5d:e0:10:2b:42:6d:ea:84:8d:
                    6e:9c:00:b6:43:c0:1a:2e:68:09:1b:04:18:f4:e0:
                    45:d6:cc:cd:40:aa:8f:1e:e2:c7:9f:11:f4:fa:05:
                    28:19:74:88:7f:3a:1a:1b:fc:03:7f:ff:47:61:93:
                    0d:a1:dd:7a:1c:24:fb:27:e0:ba:18:dd:a2:a4:dc:
                    21:da:27:56:9f:98:48:0e:28:44:dc:d6:6e:85:8a:
                    ad:eb:2b:54:70:c0:39:ef:b2:96:73:74:b5:96:63:
                    4a:3c:0a:4d:6d:fa:1c:d5:26:2e:8b:e2:1e:b7:95:
                    47:f1:77:5a:a3:f8:2c:bc:22:5d:22:84:6b:e6:6b:
                    51:2c:6a:21:99:59:d8:a5:8b:3f:b6:59:05:0d:38:
                    11:36:f7:45:fc:ae:25:20:40:1c:ff:7f:86:67:dd:
                    ac:f7:51:74:d4:59:92:93:b1:d2:99:36:8b:02:0f:
                    02:24:76:1a:45:73:fa:c4:a7:5c:03:97:7e:e3:4e:
                    e6:24:90:89:d0:d7:ec:86:ab:c0:65:21:d6:3f:35:
                    56:5b:6a:e0:69:2d:cb:5c:f0:3b:37:4b:72:5e:47:
                    7a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:4A:E2:96:83:C6:AC:27:EF:A9:B7:C9:39:1A:B5:84:2B:EA:F6:3A
            X509v3 Authority Key Identifier:
                keyid:39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:46:18:ea:6d:5d:89:1e:49:9c:91:69:22:3d:1a:66:4e:9b:
         df:f7:70:d4:8b:36:a1:ae:8b:33:28:23:b8:16:c4:18:22:7d:
         9b:4e:8d:37:dc:64:f4:0d:17:b9:ce:14:9d:66:6f:55:50:5f:
         8f:27:0f:6c:05:9a:55:d0:19:e9:81:ec:46:39:41:9a:43:96:
         05:51:cb:e0:df:3c:89:26:7b:29:4f:da:d0:d6:8b:0c:7b:f0:
         93:c8:69:c7:45:e5:ab:f5:d8:d1:4f:34:39:04:b5:b6:12:a0:
         72:72:0d:4d:c5:59:70:5a:62:89:a2:ce:60:1d:d4:10:9c:f4:
         85:be:a9:41:a0:06:9a:63:bc:ff:44:5d:9e:ba:f1:50:e4:c1:
         64:18:6b:03:39:ce:fb:92:9a:04:09:6b:74:90:98:20:40:59:
         6a:ac:e2:31:f6:15:a9:62:91:0c:d9:6b:83:4f:b3:9c:b1:e8:
         9d:3d:cd:c8:ba:ec:9d:af:68:b5:d6:93:7c:c6:a4:89:ce:29:
         88:0e:ae:db:8a:6c:50:84:37:9a:d2:05:79:31:9e:15:8a:f3:
         cc:17:fd:48:c5:32:36:6c:cf:91:af:aa:ea:9b:71:9b:91:4e:
         af:f7:e5:db:ac:5e:cf:64:73:d8:f2:fb:45:b8:88:f6:e3:21:
         b4:5f:c5:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNff2t5OZAJTmVMagHN43IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2NiZGRmZDc5MjA2ZDY1YzRlZTgxNjhlYWY2ZTcwOTAy
MGY5NWQwHhcNMjUwNDE5MTAwMDI0WhcNMjUwNDIwMTAwMDI0WjAzMTEwLwYDVQQD
Eyg4ZTRhZTI5NjgzYzZhYzI3ZWZhOWI3YzkzOTFhYjU4NDJiZWFmNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgNmeb8RP7AdA+LnaGuPyRt8FbZQ
uxDrE5bdCzPs0crO5Qld4BArQm3qhI1unAC2Q8AaLmgJGwQY9OBF1szNQKqPHuLH
nxH0+gUoGXSIfzoaG/wDf/9HYZMNod16HCT7J+C6GN2ipNwh2idWn5hIDihE3NZu
hYqt6ytUcMA577KWc3S1lmNKPApNbfoc1SYui+Iet5VH8Xdao/gsvCJdIoRr5mtR
LGohmVnYpYs/tlkFDTgRNvdF/K4lIEAc/3+GZ92s91F01FmSk7HSmTaLAg8CJHYa
RXP6xKdcA5d+407mJJCJ0NfshqvAZSHWPzVWW2rgaS3LXPA7N0tyXkd60QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5K4paDxqwn76m3yTkatYQr6vY6MB8GA1UdIwQY
MBaAFDl8vd/XkgbWXE7oFo6vbnCQIPldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2Mt
YTZiMGZkZTIxOTA2LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2MtYTZiMGZkZTIxOTA2
LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl0YY6m1d
iR5JnJFpIj0aZk6b3/dw1Is2oa6LMygjuBbEGCJ9m06NN9xk9A0Xuc4UnWZvVVBf
jycPbAWaVdAZ6YHsRjlBmkOWBVHL4N88iSZ7KU/a0NaLDHvwk8hpx0Xlq/XY0U80
OQS1thKgcnINTcVZcFpiiaLOYB3UEJz0hb6pQaAGmmO8/0RdnrrxUOTBZBhrAznO
+5KaBAlrdJCYIEBZaqziMfYVqWKRDNlrg0+znLHonT3NyLrsna9otdaTfMakic4p
iA6u24psUIQ3mtIFeTGeFYrzzBf9SMUyNmzPka+q6ptxm5FOr/fl26xez2Rz2PL7
RbiI9uMhtF/FZg==
-----END CERTIFICATE-----