Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
File:                     1OXVJHHqh0idSKBiCEem1VbxY9s.mft (raw, json)
Hash identifier:          A+tj27eaaiMuQP2YhIPwh9JinxC0eTGXe2hUJe9qWPk=
Subject key identifier:   F8:A1:0E:D4:3D:A4:84:FC:06:46:6D:1B:44:DA:B6:D1:57:FB:F0:4F
Authority key identifier: D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB
Certificate issuer:       /CN=d4e5d52471ea87489d48a0620847a6d556f163db
Certificate serial:       01965493085AAA70E6BB43F5A5A4E28A0DF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
Manifest number:          148C
Signing time:             Sun 20 Apr 2025 19:00:44 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:44 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:44 +0000
Files and hashes:         1: 1OXVJHHqh0idSKBiCEem1VbxY9s.crl (hash: kW6p26TBNCRT5y3RcrDO8mQqaC3a1P5PNfn7ENLKt5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:93:08:5a:aa:70:e6:bb:43:f5:a5:a4:e2:8a:0d:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e5d52471ea87489d48a0620847a6d556f163db
        Validity
            Not Before: Apr 20 19:00:44 2025 GMT
            Not After : Apr 21 19:00:44 2025 GMT
        Subject: CN=f8a10ed43da484fc06466d1b44dab6d157fbf04f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:91:2e:f6:78:96:98:3c:a4:58:f7:70:71:95:
                    d0:09:86:26:63:a4:4b:01:03:59:bd:07:14:03:33:
                    7f:7a:de:4c:df:c5:16:2f:9f:c5:6d:3f:80:87:76:
                    2d:1b:bf:9a:20:11:02:2f:65:4d:06:ff:c6:c0:05:
                    82:32:b9:e4:e5:3c:f1:d3:a6:95:7a:a6:b2:fe:85:
                    be:67:ea:fd:45:81:f9:11:75:8f:69:ab:28:4a:30:
                    3e:16:81:9e:82:da:6c:90:fa:e3:ec:be:4a:21:51:
                    1e:e1:c9:c2:4f:ef:31:cf:9e:dc:f2:a6:f7:1b:e6:
                    ca:9e:8c:10:ff:de:6d:3f:ef:4b:2f:a0:31:69:9e:
                    28:96:72:b9:9a:0f:7f:2c:01:8e:1d:82:2e:32:63:
                    0f:d9:38:c8:3b:a4:56:c9:a0:65:81:a9:0e:5c:e9:
                    2f:35:09:35:ed:6f:56:98:61:67:eb:6e:48:68:6e:
                    e5:d9:f4:01:d4:4b:6c:d9:d9:75:e9:65:1f:a3:97:
                    c2:13:6d:61:1d:10:fe:bb:3d:c3:e4:d0:53:58:97:
                    57:9e:0d:61:b3:68:ad:45:18:bb:5b:bb:30:15:84:
                    27:d9:66:b2:44:74:70:54:89:1d:0c:2e:20:23:f8:
                    51:79:b0:a6:52:3c:32:89:c6:d2:6d:e9:25:64:3d:
                    eb:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:A1:0E:D4:3D:A4:84:FC:06:46:6D:1B:44:DA:B6:D1:57:FB:F0:4F
            X509v3 Authority Key Identifier:
                keyid:D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:3e:a0:a0:64:ad:ae:39:af:ed:a4:08:94:0e:1c:4d:f4:d2:
         4a:c0:b7:b8:56:84:67:63:fd:8d:cc:ea:3a:26:94:69:43:01:
         b3:e6:35:43:fa:b0:9d:b1:6e:06:81:e6:37:cc:dd:30:a5:67:
         13:f4:77:63:22:b9:31:2f:91:35:09:e4:22:e0:8c:6e:86:88:
         6c:d9:17:45:5e:b2:c8:dc:8a:df:d4:45:9f:ad:1a:11:0f:d2:
         e2:6c:1e:86:88:fb:ce:4f:f5:bb:7c:e1:2b:c4:d4:df:a6:7a:
         7c:9f:72:47:ef:33:6e:cc:28:33:9c:1b:10:ff:ba:c1:23:9a:
         6e:4f:27:1d:1c:39:69:ca:b7:a8:3b:51:20:0b:7b:14:0f:db:
         6e:4e:5d:84:9b:9a:ed:65:23:fb:65:af:e8:84:32:66:98:bb:
         ac:a1:d3:0e:61:d4:64:2d:91:d1:67:6a:af:af:59:af:66:5b:
         4f:f2:57:c1:fd:dd:f8:93:0b:aa:b0:a4:e0:d4:5a:8d:88:9f:
         b0:2f:4b:01:12:89:5a:4f:9c:70:bf:05:bb:de:49:37:40:ea:
         de:fa:c2:5d:bf:80:6b:d1:1d:d7:90:af:fb:2f:18:bd:7e:c7:
         c3:17:05:46:11:e2:db:ec:e4:14:2f:0e:e8:75:1e:9f:5e:28:
         b5:a2:f8:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkwhaqnDmu0P1paTiig3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTVkNTI0NzFlYTg3NDg5ZDQ4YTA2MjA4NDdhNmQ1NTZm
MTYzZGIwHhcNMjUwNDIwMTkwMDQ0WhcNMjUwNDIxMTkwMDQ0WjAzMTEwLwYDVQQD
EyhmOGExMGVkNDNkYTQ4NGZjMDY0NjZkMWI0NGRhYjZkMTU3ZmJmMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5Eu9niWmDykWPdwcZXQCYYmY6RL
AQNZvQcUAzN/et5M38UWL5/FbT+Ah3YtG7+aIBECL2VNBv/GwAWCMrnk5Tzx06aV
eqay/oW+Z+r9RYH5EXWPaasoSjA+FoGegtpskPrj7L5KIVEe4cnCT+8xz57c8qb3
G+bKnowQ/95tP+9LL6AxaZ4olnK5mg9/LAGOHYIuMmMP2TjIO6RWyaBlgakOXOkv
NQk17W9WmGFn625IaG7l2fQB1Ets2dl16WUfo5fCE21hHRD+uz3D5NBTWJdXng1h
s2itRRi7W7swFYQn2WayRHRwVIkdDC4gI/hRebCmUjwyicbSbeklZD3rZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPihDtQ9pIT8BkZtG0TattFX+/BPMB8GA1UdIwQY
MBaAFNTl1SRx6odInUigYghHptVW8WPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMt
MDE4MmNiMDJjODAwLzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMtMDE4MmNiMDJjODAw
LzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGz6goGSt
rjmv7aQIlA4cTfTSSsC3uFaEZ2P9jczqOiaUaUMBs+Y1Q/qwnbFuBoHmN8zdMKVn
E/R3YyK5MS+RNQnkIuCMboaIbNkXRV6yyNyK39RFn60aEQ/S4mwehoj7zk/1u3zh
K8TU36Z6fJ9yR+8zbswoM5wbEP+6wSOabk8nHRw5acq3qDtRIAt7FA/bbk5dhJua
7WUj+2Wv6IQyZpi7rKHTDmHUZC2R0Wdqr69Zr2ZbT/JXwf3d+JMLqrCk4NRajYif
sC9LARKJWk+ccL8Fu95JN0Dq3vrCXb+Aa9Ed15Cv+y8YvX7HwxcFRhHi2+zkFC8O
6HUen14otaL4Lw==
-----END CERTIFICATE-----