Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          JsNPi3jnmEWZRuUQNMR3kqj52Y2lz4OOCb3vHs2fvvM=
Subject key identifier:   0A:8E:6E:15:04:F8:F1:3E:EB:0D:65:65:39:6A:30:8D:10:30:7A:CF
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019659150B56654428EA093466B13F41959E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          090C
Signing time:             Mon 21 Apr 2025 16:01:13 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:13 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:13 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: IvkJtnAs7hYvD3u8XBOl6qjxcQdbtw5V32wtIvRuBak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 16:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:0b:56:65:44:28:ea:09:34:66:b1:3f:41:95:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: Apr 21 16:01:13 2025 GMT
            Not After : Apr 22 16:01:13 2025 GMT
        Subject: CN=0a8e6e1504f8f13eeb0d6565396a308d10307acf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ac:45:0b:b7:80:9b:18:c8:0d:e5:0a:7b:f5:
                    79:1e:e2:46:04:82:c5:1e:20:f3:5c:28:7a:83:cc:
                    68:10:e3:43:d7:6f:8b:63:81:21:61:b7:18:dd:a6:
                    24:1a:8f:40:a3:7b:86:2f:fb:4a:12:77:d0:59:36:
                    27:32:60:d0:c1:28:85:77:97:fb:ef:99:9a:83:3a:
                    a4:a6:0e:d0:9f:bc:e5:f2:8d:49:5a:00:8f:e8:01:
                    d6:2c:26:97:3d:b9:5d:8a:51:51:f3:a1:16:2d:f0:
                    6c:3a:eb:dc:66:02:f1:a6:c5:ac:2a:2f:f3:74:fa:
                    97:da:e6:99:5a:fb:21:f3:43:02:db:74:41:1e:af:
                    bb:a5:d6:30:c4:d4:84:b1:6a:55:ac:34:88:67:0a:
                    36:98:42:85:82:58:da:f4:0d:47:a6:1b:fa:59:2e:
                    f7:65:07:58:5d:ce:a1:78:58:d5:32:eb:ce:1e:9f:
                    f1:f8:2f:19:47:58:3f:c1:83:fd:bc:a8:5c:67:3a:
                    9a:3d:06:32:8a:05:04:38:47:fa:a9:96:1c:1d:e3:
                    df:13:55:60:dc:00:d5:6b:50:ec:93:1a:ee:64:a5:
                    17:6c:6f:89:f0:e7:05:81:af:f8:9a:b0:3c:10:81:
                    7f:ef:52:f6:2a:3f:3e:b6:17:4e:b4:65:ec:97:b2:
                    eb:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:8E:6E:15:04:F8:F1:3E:EB:0D:65:65:39:6A:30:8D:10:30:7A:CF
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:9a:3e:04:0e:39:32:7a:43:73:1b:cc:5a:de:56:ba:3e:2a:
         e3:0c:6d:90:be:bb:a4:5f:bd:16:c5:6c:f2:5e:19:b7:30:88:
         4f:a7:2d:27:0c:92:09:fb:ff:07:cc:7a:9b:c5:5b:45:30:ff:
         1f:00:2e:b4:56:8c:8c:7d:a3:f2:bd:f0:35:bd:0e:d8:52:ec:
         1a:d5:60:7a:8c:a2:d0:e0:dc:30:16:39:e4:4d:ab:91:d0:87:
         44:1b:05:4a:bc:0b:33:c1:d7:6d:15:a7:86:d2:81:dc:d7:59:
         73:d3:59:f8:47:01:8d:59:89:4f:fc:40:b8:e9:44:af:0d:71:
         4b:73:6c:e5:bc:3c:d9:b7:e9:e3:31:3c:8e:8e:19:c5:cd:5d:
         ad:62:27:d4:bc:d8:e5:45:7c:5b:ae:0a:3c:66:06:ce:ef:6c:
         ef:13:fa:13:9e:b0:aa:e4:02:40:f0:e0:9e:10:a0:7a:f5:90:
         fe:90:ed:16:88:21:15:0a:a7:64:eb:b7:6e:39:19:d6:c9:9c:
         d6:c0:da:4e:c2:93:6c:8e:6f:e2:64:61:96:da:5e:97:f4:ef:
         5c:46:04:db:b0:7f:26:21:b3:4a:07:a9:b8:89:61:ad:b7:51:
         b7:a1:b5:e3:f4:ae:ce:7d:68:5b:d4:51:fa:9e:ba:c2:ac:cc:
         ca:d8:dc:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFQtWZUQo6gk0ZrE/QZWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjUwNDIxMTYwMTEzWhcNMjUwNDIyMTYwMTEzWjAzMTEwLwYDVQQD
EygwYThlNmUxNTA0ZjhmMTNlZWIwZDY1NjUzOTZhMzA4ZDEwMzA3YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6xFC7eAmxjIDeUKe/V5HuJGBILF
HiDzXCh6g8xoEOND12+LY4EhYbcY3aYkGo9Ao3uGL/tKEnfQWTYnMmDQwSiFd5f7
75magzqkpg7Qn7zl8o1JWgCP6AHWLCaXPbldilFR86EWLfBsOuvcZgLxpsWsKi/z
dPqX2uaZWvsh80MC23RBHq+7pdYwxNSEsWpVrDSIZwo2mEKFglja9A1Hphv6WS73
ZQdYXc6heFjVMuvOHp/x+C8ZR1g/wYP9vKhcZzqaPQYyigUEOEf6qZYcHePfE1Vg
3ADVa1DskxruZKUXbG+J8OcFga/4mrA8EIF/71L2Kj8+thdOtGXsl7Lr4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqObhUE+PE+6w1lZTlqMI0QMHrPMB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhpo+BA45
MnpDcxvMWt5Wuj4q4wxtkL67pF+9FsVs8l4ZtzCIT6ctJwySCfv/B8x6m8VbRTD/
HwAutFaMjH2j8r3wNb0O2FLsGtVgeoyi0ODcMBY55E2rkdCHRBsFSrwLM8HXbRWn
htKB3NdZc9NZ+EcBjVmJT/xAuOlErw1xS3Ns5bw82bfp4zE8jo4Zxc1drWIn1LzY
5UV8W64KPGYGzu9s7xP6E56wquQCQPDgnhCgevWQ/pDtFoghFQqnZOu3bjkZ1smc
1sDaTsKTbI5v4mRhltpel/TvXEYE27B/JiGzSgepuIlhrbdRt6G14/Suzn1oW9RR
+p66wqzMytjc5Q==
-----END CERTIFICATE-----