Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          CVjqICNLiuA+FWhyYEis17HgB0f+WWhcmIOV61C0YcY=
Subject key identifier:   18:60:DF:3A:12:9F:89:DD:AB:39:9B:E7:6B:AF:C3:D7:BA:60:42:8F
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       0196A27811655C08DCD34A6C6AC3CD483FB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          1523
Signing time:             Mon 05 May 2025 22:01:39 +0000
Manifest this update:     Mon 05 May 2025 22:01:39 +0000
Manifest next update:     Tue 06 May 2025 22:01:39 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: L2fraEu+KNxU9VfkYuL0GyuygUIzS0z3R0xPRBuaEVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:78:11:65:5c:08:dc:d3:4a:6c:6a:c3:cd:48:3f:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: May  5 22:01:39 2025 GMT
            Not After : May  6 22:01:39 2025 GMT
        Subject: CN=1860df3a129f89ddab399be76bafc3d7ba60428f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5b:da:8f:ec:3f:33:0f:f7:8a:4b:ca:21:bf:
                    cd:3e:d8:39:dc:55:eb:cb:7a:7b:dd:7d:b4:03:78:
                    6d:cc:42:10:19:6b:9c:13:40:f4:89:dd:50:3f:74:
                    f5:48:20:b7:d6:af:2e:72:f6:df:ee:db:0a:83:97:
                    1f:c0:93:2c:da:0d:8d:71:96:ca:ba:4c:31:69:b8:
                    40:ac:fe:c0:9b:bf:5b:5c:20:5c:e4:b1:51:b6:c8:
                    7a:ce:85:ca:04:77:f9:92:21:7f:d3:5a:b1:f2:fc:
                    7b:fe:7f:04:02:44:0c:e7:4d:a5:4e:58:b8:fe:1b:
                    22:4c:fd:16:16:bd:5a:0d:78:07:bc:c0:dc:64:e2:
                    65:e8:29:f1:5b:b0:32:2e:16:94:91:f2:1f:26:c8:
                    8a:af:1b:2c:ba:e9:a5:ae:29:9c:f5:59:69:7d:69:
                    a3:44:0e:52:3a:ec:44:03:32:16:e9:10:b1:cb:99:
                    0e:85:df:e0:90:e6:b1:4d:7c:30:b5:c4:80:22:67:
                    c2:2f:26:f8:ae:ac:f3:85:a0:29:d6:88:c1:bc:6c:
                    93:3f:b2:4f:f2:c4:74:a8:51:c6:20:04:ae:f2:d5:
                    7b:3d:bc:1e:1f:6d:2d:f7:8d:3f:c7:6b:35:39:73:
                    90:04:15:af:34:84:06:9c:7f:91:0a:4e:7c:29:3a:
                    03:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:60:DF:3A:12:9F:89:DD:AB:39:9B:E7:6B:AF:C3:D7:BA:60:42:8F
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:9d:15:40:3a:5d:fc:5c:37:9d:27:b0:78:27:b0:17:51:c1:
         05:01:da:26:d4:cc:82:9f:14:f4:a0:01:fe:75:2f:13:1f:66:
         45:f5:96:a6:c5:6c:18:81:58:79:c0:ee:be:24:a8:ed:72:21:
         4d:53:8a:64:98:b0:35:19:6f:48:b7:86:f5:3e:54:a8:31:a5:
         e5:2e:fe:20:59:de:3c:72:71:00:96:1f:18:9d:0d:15:11:af:
         79:77:1b:3b:48:3f:d2:54:fc:0f:5f:b2:17:39:76:ac:4d:dc:
         7e:13:4a:ef:48:a5:6f:1c:c0:11:50:73:0c:af:0e:b5:b1:90:
         ee:fa:0f:e9:c0:6a:2e:ac:1a:b9:8e:51:d8:fb:97:5e:3f:60:
         26:3d:a9:75:10:13:3f:dc:be:6d:8b:e7:29:c1:83:4c:67:9d:
         bd:eb:03:3d:84:f5:62:80:eb:3d:30:b9:03:b8:ab:76:39:37:
         02:33:3f:46:c4:51:40:c7:05:9b:90:eb:42:08:52:e8:da:5d:
         3f:eb:08:cc:2a:af:ad:8f:8a:d1:fd:7b:29:3e:bd:c0:0f:c4:
         8b:fb:88:34:12:04:ba:2e:57:fc:15:74:7d:ad:53:fb:e0:57:
         a3:00:b0:6c:0b:ae:10:31:b7:9c:7c:37:e8:73:e4:44:67:40:
         5a:fc:20:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaieBFlXAjc00psasPNSD+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjUwNTA1MjIwMTM5WhcNMjUwNTA2MjIwMTM5WjAzMTEwLwYDVQQD
EygxODYwZGYzYTEyOWY4OWRkYWIzOTliZTc2YmFmYzNkN2JhNjA0MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1vaj+w/Mw/3ikvKIb/NPtg53FXr
y3p73X20A3htzEIQGWucE0D0id1QP3T1SCC31q8ucvbf7tsKg5cfwJMs2g2NcZbK
ukwxabhArP7Am79bXCBc5LFRtsh6zoXKBHf5kiF/01qx8vx7/n8EAkQM502lTli4
/hsiTP0WFr1aDXgHvMDcZOJl6CnxW7AyLhaUkfIfJsiKrxssuumlrimc9VlpfWmj
RA5SOuxEAzIW6RCxy5kOhd/gkOaxTXwwtcSAImfCLyb4rqzzhaAp1ojBvGyTP7JP
8sR0qFHGIASu8tV7PbweH20t940/x2s1OXOQBBWvNIQGnH+RCk58KToDhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhg3zoSn4ndqzmb52uvw9e6YEKPMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZ0VQDpd
/Fw3nSeweCewF1HBBQHaJtTMgp8U9KAB/nUvEx9mRfWWpsVsGIFYecDuviSo7XIh
TVOKZJiwNRlvSLeG9T5UqDGl5S7+IFnePHJxAJYfGJ0NFRGveXcbO0g/0lT8D1+y
Fzl2rE3cfhNK70ilbxzAEVBzDK8OtbGQ7voP6cBqLqwauY5R2PuXXj9gJj2pdRAT
P9y+bYvnKcGDTGedvesDPYT1YoDrPTC5A7irdjk3AjM/RsRRQMcFm5DrQghS6Npd
P+sIzCqvrY+K0f17KT69wA/Ei/uINBIEui5X/BV0fa1T++BXowCwbAuuEDG3nHw3
6HPkRGdAWvwgjQ==
-----END CERTIFICATE-----