Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
File:                     obtQVKF8yU__wrwpWhW_74qQQwo.mft (raw, json)
Hash identifier:          KLNpMekhDUVx5rZeCAL2mrzXhjxvwvu2jOSl6QmGY3k=
Subject key identifier:   B6:42:5B:4A:B6:AC:3C:C1:B8:47:43:67:C0:7F:01:6E:76:11:D2:16
Authority key identifier: A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A
Certificate issuer:       /CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
Certificate serial:       01974D45021EBC905682419F4073F890C03F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
Manifest number:          0593
Signing time:             Sun 08 Jun 2025 02:00:57 +0000
Manifest this update:     Sun 08 Jun 2025 02:00:57 +0000
Manifest next update:     Mon 09 Jun 2025 02:00:57 +0000
Files and hashes:         1: obtQVKF8yU__wrwpWhW_74qQQwo.crl (hash: vYhx7PGZ7qSfU1f3iF8NFhhN4Pgb+YoS+B3ZyF9VISc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 02:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:45:02:1e:bc:90:56:82:41:9f:40:73:f8:90:c0:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
        Validity
            Not Before: Jun  8 02:00:57 2025 GMT
            Not After : Jun  9 02:00:57 2025 GMT
        Subject: CN=b6425b4ab6ac3cc1b8474367c07f016e7611d216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a7:48:ab:dc:b8:94:70:ef:56:b6:05:47:36:
                    e2:de:88:73:a1:25:f3:44:7c:0b:b8:6b:3e:2e:a2:
                    6d:50:91:09:7a:68:bd:74:9d:92:68:70:29:b1:ec:
                    e4:4b:c0:67:ed:97:22:51:58:6c:27:79:d0:75:3d:
                    e6:16:48:93:69:14:01:13:84:f6:84:93:81:97:3f:
                    22:40:ea:e1:16:02:ce:87:bb:c8:28:59:31:34:00:
                    91:88:e7:a9:d6:f5:0e:f9:49:94:61:3d:a6:bf:34:
                    7c:e2:05:76:6e:35:80:88:14:24:8e:49:db:97:58:
                    27:3d:4d:cb:08:ac:e9:52:d0:04:c5:1b:e2:3e:84:
                    e8:33:eb:a4:d4:88:9e:e7:7b:5b:bf:32:4f:3c:4c:
                    2f:c4:7c:a5:76:75:d0:6f:d7:c7:37:77:1d:56:32:
                    b5:1b:d1:69:24:64:89:96:e2:c7:f6:f5:d8:fe:e7:
                    19:90:5c:0b:96:43:3d:e2:be:e7:03:0c:41:f5:79:
                    37:69:54:03:07:01:b1:51:d4:1a:04:40:f8:fe:c4:
                    c3:f3:8e:79:05:8e:b3:ad:73:44:76:db:99:f6:3e:
                    29:83:80:2d:34:49:fb:02:2b:30:7d:d8:8b:81:48:
                    f5:05:c2:d5:82:ec:b9:e2:91:3b:94:e2:ec:58:c5:
                    5d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:42:5B:4A:B6:AC:3C:C1:B8:47:43:67:C0:7F:01:6E:76:11:D2:16
            X509v3 Authority Key Identifier:
                keyid:A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:8b:a2:05:e4:97:c5:22:e4:1b:29:37:4e:4e:f8:50:a2:3c:
         58:49:ea:b4:68:3c:3c:e9:e8:38:d5:55:02:c0:07:d4:55:45:
         03:50:dd:68:85:04:76:c1:0c:0f:73:f1:bf:82:21:f7:6b:66:
         2e:2b:cc:aa:1a:37:ca:d5:81:a7:01:64:a9:51:13:dd:6a:e1:
         20:cb:00:9a:00:43:75:6c:55:cb:d8:b4:4b:d8:56:37:32:c8:
         87:60:de:94:77:7c:a6:24:6d:b1:3a:63:99:63:d0:d6:64:5c:
         ff:af:b2:5d:16:e8:99:a2:7f:38:1a:22:6e:6c:5b:e0:56:be:
         cb:ad:9e:c6:e8:4c:13:f4:48:2c:cc:ee:3e:20:39:cd:4b:e5:
         ed:d9:25:a8:53:b6:96:b8:a1:fe:d0:47:fd:48:a2:bd:4c:0a:
         db:38:08:2f:67:b0:d4:3f:44:ed:72:a7:28:c9:cd:eb:8c:46:
         3c:17:ba:d9:e7:f5:b4:a7:ed:f7:ad:6a:bd:12:62:26:ec:da:
         dd:10:3d:a6:2e:c6:a3:0d:a3:e5:11:b8:69:1d:80:27:cf:b1:
         98:da:9b:9e:95:07:98:17:84:07:7f:3b:44:fe:83:dc:75:25:
         2f:c2:62:4f:8a:4f:36:10:ce:e6:e1:41:1c:b6:b7:07:9f:af:
         82:8a:f1:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRQIevJBWgkGfQHP4kMA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYmI1MDU0YTE3Y2M5NGZmZmMyYmMyOTVhMTViZmVmOGE5
MDQzMGEwHhcNMjUwNjA4MDIwMDU3WhcNMjUwNjA5MDIwMDU3WjAzMTEwLwYDVQQD
EyhiNjQyNWI0YWI2YWMzY2MxYjg0NzQzNjdjMDdmMDE2ZTc2MTFkMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6dIq9y4lHDvVrYFRzbi3ohzoSXz
RHwLuGs+LqJtUJEJemi9dJ2SaHApsezkS8Bn7ZciUVhsJ3nQdT3mFkiTaRQBE4T2
hJOBlz8iQOrhFgLOh7vIKFkxNACRiOep1vUO+UmUYT2mvzR84gV2bjWAiBQkjknb
l1gnPU3LCKzpUtAExRviPoToM+uk1Iie53tbvzJPPEwvxHyldnXQb9fHN3cdVjK1
G9FpJGSJluLH9vXY/ucZkFwLlkM94r7nAwxB9Xk3aVQDBwGxUdQaBED4/sTD8455
BY6zrXNEdtuZ9j4pg4AtNEn7AiswfdiLgUj1BcLVguy54pE7lOLsWMVd1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZCW0q2rDzBuEdDZ8B/AW52EdIWMB8GA1UdIwQY
MBaAFKG7UFShfMlP/8K8KVoVv++KkEMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgt
NzIyNTVkMjQ5YzVkLzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgtNzIyNTVkMjQ5YzVk
LzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADouiBeSX
xSLkGyk3Tk74UKI8WEnqtGg8POnoONVVAsAH1FVFA1DdaIUEdsEMD3Pxv4Ih92tm
LivMqho3ytWBpwFkqVET3WrhIMsAmgBDdWxVy9i0S9hWNzLIh2DelHd8piRtsTpj
mWPQ1mRc/6+yXRbomaJ/OBoibmxb4Fa+y62exuhME/RILMzuPiA5zUvl7dklqFO2
lrih/tBH/UiivUwK2zgIL2ew1D9E7XKnKMnN64xGPBe62ef1tKft961qvRJiJuza
3RA9pi7Gow2j5RG4aR2AJ8+xmNqbnpUHmBeEB387RP6D3HUlL8JiT4pPNhDO5uFB
HLa3B5+vgorxSw==
-----END CERTIFICATE-----