Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
File:                     1OXVJHHqh0idSKBiCEem1VbxY9s.mft (raw, json)
Hash identifier:          RXi0miYCjgcp2N66zDjZomZ4jL5MQjZogk36KNQnvwM=
Subject key identifier:   05:CD:69:CD:79:27:16:9B:78:85:AB:12:7B:94:A5:66:3E:D2:D1:F5
Authority key identifier: D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB
Certificate issuer:       /CN=d4e5d52471ea87489d48a0620847a6d556f163db
Certificate serial:       01974BC45DDC470D41F05D486FC5D2A7A883
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
Manifest number:          150C
Signing time:             Sat 07 Jun 2025 19:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:49 +0000
Files and hashes:         1: 1OXVJHHqh0idSKBiCEem1VbxY9s.crl (hash: A7iaJ9VrXNMmKC33zpnYictvzzNTPF26TzxIX2q6inU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:5d:dc:47:0d:41:f0:5d:48:6f:c5:d2:a7:a8:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e5d52471ea87489d48a0620847a6d556f163db
        Validity
            Not Before: Jun  7 19:00:49 2025 GMT
            Not After : Jun  8 19:00:49 2025 GMT
        Subject: CN=05cd69cd7927169b7885ab127b94a5663ed2d1f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:76:a3:0a:e8:02:13:33:22:18:b3:08:ac:a5:
                    6e:b4:80:83:c9:23:37:5a:66:bc:a4:97:4d:0b:39:
                    14:9a:bf:c4:c7:8f:28:da:3d:1a:54:70:fb:78:1a:
                    62:4c:83:09:b5:f7:0a:47:8b:08:eb:4e:64:55:b0:
                    37:f5:1e:96:dc:ed:c1:dc:38:53:72:9c:af:99:48:
                    d2:40:43:6f:b0:c9:06:a9:48:2f:29:49:4e:00:26:
                    f4:f8:7d:f6:fa:4e:bc:8a:5d:be:82:ca:2a:d4:d9:
                    1e:bd:ba:f1:1b:78:d4:95:68:f3:6a:dc:1d:d4:e2:
                    7c:c2:78:ee:18:bd:1f:b9:0c:da:5a:b7:b0:97:da:
                    36:dc:9e:48:01:f1:ce:d9:03:88:47:e9:c6:ed:6a:
                    cb:18:74:e8:c9:ab:c3:ef:f3:71:3f:8b:3c:e8:61:
                    36:bb:b5:f4:a3:cb:29:65:62:dd:72:a9:72:ff:45:
                    c5:23:bb:a4:92:85:ff:7d:74:10:2e:a9:f1:a1:71:
                    39:74:ec:35:76:79:21:92:21:e9:c5:f7:ca:0b:1f:
                    12:13:3e:5f:84:06:f7:f9:6f:98:a8:8e:55:34:bb:
                    03:d4:b6:74:ae:d6:bc:15:9c:df:8c:ea:db:8e:ae:
                    41:cf:59:2e:48:fc:21:15:cf:64:8f:e6:35:1d:af:
                    b5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:CD:69:CD:79:27:16:9B:78:85:AB:12:7B:94:A5:66:3E:D2:D1:F5
            X509v3 Authority Key Identifier:
                keyid:D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:96:17:a6:5d:20:16:18:fa:11:b7:d2:0a:ac:66:56:ff:0b:
         14:74:15:b3:a4:5c:6c:26:a6:cb:a3:d3:24:53:1a:e1:0e:d8:
         61:31:e8:83:52:c4:1d:4e:9d:69:22:5d:f8:41:b3:a9:2f:d1:
         d7:c5:7d:fa:5b:ca:08:6a:3a:48:34:d4:72:ce:1c:8b:00:63:
         d6:41:b0:9d:3c:92:da:f5:cf:31:f9:26:d3:db:ed:37:8a:c3:
         f6:fc:1e:7f:bc:92:01:9f:cd:37:5d:67:41:fa:97:14:2b:0c:
         86:5b:da:72:d1:7a:e8:37:a6:da:bb:b1:d4:09:42:e7:70:a1:
         3d:66:0d:98:bf:e6:40:2b:a1:f7:47:47:d2:e4:13:3a:7f:ba:
         de:f0:ca:47:ed:bd:2a:0e:dd:e7:ec:c7:a7:bd:db:e4:75:14:
         b7:84:8a:12:b1:3b:9c:13:34:49:28:31:59:fc:6c:6e:1a:df:
         bb:5a:0a:a2:03:6e:49:2e:f2:7f:d0:f3:b9:41:f8:d5:bd:f1:
         01:60:12:40:5b:56:13:fe:d8:1f:41:64:00:84:db:05:8f:fc:
         69:55:9f:30:88:ae:88:f9:7f:c3:60:bf:01:9e:8a:49:f4:ed:
         5a:09:98:5a:72:b9:f6:3b:7b:5f:ab:e4:2d:1a:39:25:f8:54:
         c9:c7:f3:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxF3cRw1B8F1Ib8XSp6iDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTVkNTI0NzFlYTg3NDg5ZDQ4YTA2MjA4NDdhNmQ1NTZm
MTYzZGIwHhcNMjUwNjA3MTkwMDQ5WhcNMjUwNjA4MTkwMDQ5WjAzMTEwLwYDVQQD
EygwNWNkNjljZDc5MjcxNjliNzg4NWFiMTI3Yjk0YTU2NjNlZDJkMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43ajCugCEzMiGLMIrKVutICDySM3
Wma8pJdNCzkUmr/Ex48o2j0aVHD7eBpiTIMJtfcKR4sI605kVbA39R6W3O3B3DhT
cpyvmUjSQENvsMkGqUgvKUlOACb0+H32+k68il2+gsoq1NkevbrxG3jUlWjzatwd
1OJ8wnjuGL0fuQzaWrewl9o23J5IAfHO2QOIR+nG7WrLGHToyavD7/NxP4s86GE2
u7X0o8spZWLdcqly/0XFI7ukkoX/fXQQLqnxoXE5dOw1dnkhkiHpxffKCx8SEz5f
hAb3+W+YqI5VNLsD1LZ0rta8FZzfjOrbjq5Bz1kuSPwhFc9kj+Y1Ha+12QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXNac15JxabeIWrEnuUpWY+0tH1MB8GA1UdIwQY
MBaAFNTl1SRx6odInUigYghHptVW8WPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMt
MDE4MmNiMDJjODAwLzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMtMDE4MmNiMDJjODAw
LzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIpYXpl0g
Fhj6EbfSCqxmVv8LFHQVs6RcbCamy6PTJFMa4Q7YYTHog1LEHU6daSJd+EGzqS/R
18V9+lvKCGo6SDTUcs4ciwBj1kGwnTyS2vXPMfkm09vtN4rD9vwef7ySAZ/NN11n
QfqXFCsMhlvactF66Dem2rux1AlC53ChPWYNmL/mQCuh90dH0uQTOn+63vDKR+29
Kg7d5+zHp73b5HUUt4SKErE7nBM0SSgxWfxsbhrfu1oKogNuSS7yf9DzuUH41b3x
AWASQFtWE/7YH0FkAITbBY/8aVWfMIiuiPl/w2C/AZ6KSfTtWgmYWnK59jt7X6vk
LRo5JfhUycfzBg==
-----END CERTIFICATE-----