Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          pSz7adU1ZQSgJ5oyQop93bNmUbPcFMYgbhxCBp7zuEM=
Subject key identifier:   0B:FC:0C:C7:70:A7:F9:0A:FF:22:74:49:B8:5E:79:18:90:A2:BA:74
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       01958BBB97BBA6F97A08E69D0EA348BF04E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          03B5
Signing time:             Wed 12 Mar 2025 19:01:21 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:21 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:21 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: XK1VX0TCp0h2+SlgQfrb/j/sEFWSBRmin4Ka9Waovpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:97:bb:a6:f9:7a:08:e6:9d:0e:a3:48:bf:04:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Mar 12 19:01:21 2025 GMT
            Not After : Mar 13 19:01:21 2025 GMT
        Subject: CN=0bfc0cc770a7f90aff227449b85e791890a2ba74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:2d:1f:73:84:b1:40:59:cd:65:53:b4:fa:f9:
                    cb:88:cb:6c:89:06:a5:1b:cd:9e:20:a4:dc:50:cc:
                    0f:67:18:23:5e:c7:a7:7b:71:26:ae:af:29:bb:52:
                    6d:c4:bf:0d:f1:5d:19:e1:38:84:2d:c3:e9:a3:ed:
                    80:8f:3c:47:e5:e9:92:a5:fd:6f:12:61:33:db:78:
                    9f:28:af:ea:a6:52:bc:45:fc:ea:bd:ce:4a:c6:b3:
                    5f:50:aa:02:04:2d:d2:f4:e6:f8:87:b5:6f:f1:e6:
                    24:33:b1:1a:c4:fc:25:d0:45:3e:c5:77:6a:b5:c1:
                    0e:f0:04:81:03:1f:6e:81:f0:8c:0b:18:af:eb:03:
                    ad:ef:2e:e5:70:68:d0:1c:ad:d1:4b:00:7c:d5:00:
                    38:c4:4b:dc:fa:5c:dd:94:9b:83:69:92:af:b2:9e:
                    fd:c7:02:b3:37:2b:a2:c7:42:2e:e0:bd:59:81:b9:
                    34:89:99:ef:96:e4:e4:ce:a3:6e:26:91:a9:9e:f7:
                    61:01:06:01:b2:e0:d3:66:44:b8:51:0f:5d:d4:88:
                    b3:f9:f5:a2:b4:a8:14:c4:4e:5a:89:3a:a5:ca:45:
                    e2:28:68:95:5d:73:4d:8d:a8:e9:5f:7b:b9:30:09:
                    8b:d3:e7:53:dd:ff:4c:12:35:54:7c:53:1a:0e:d0:
                    b8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:FC:0C:C7:70:A7:F9:0A:FF:22:74:49:B8:5E:79:18:90:A2:BA:74
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:0f:cd:89:f5:52:7d:44:bf:9d:da:f9:87:37:5b:e0:bd:b0:
         0d:fc:4c:69:ab:88:20:6b:3a:64:a3:2c:6f:b1:44:dd:ae:28:
         b6:91:27:53:91:6e:1f:a4:a4:74:46:27:59:85:64:d4:70:14:
         2e:79:be:18:6c:53:b2:ef:fe:21:aa:17:82:f6:90:1f:3e:a6:
         0f:1b:ce:94:f8:17:78:47:2c:5f:d4:37:3c:a7:db:1c:86:0e:
         ec:c6:38:47:6f:d7:92:41:d8:5d:de:4d:56:05:53:a2:24:e3:
         81:47:b6:25:70:14:30:ba:d0:77:12:a4:de:a6:e0:08:b6:5a:
         23:5e:5c:32:e4:a0:ed:35:4a:0e:de:9b:2b:bc:00:43:6b:bb:
         b6:07:4e:70:22:a3:20:80:5c:68:7a:e5:e6:ed:c2:8a:9d:db:
         62:e7:f0:0e:f6:7c:b6:78:9f:e5:30:a2:7e:9a:73:4a:a5:8c:
         9d:51:d8:91:f0:ea:4c:f7:2f:cb:dc:cf:bc:4c:4b:86:94:b1:
         68:27:66:de:6d:7f:bd:40:b1:e3:6b:37:31:06:ed:ac:1e:78:
         b5:5a:19:a5:f0:cf:fa:80:27:79:38:26:d0:2c:a8:ef:c8:30:
         e9:ab:9d:c5:15:93:2c:f0:b1:34:71:5f:18:f7:c1:7f:c6:c6:
         60:4e:19:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu5e7pvl6COadDqNIvwTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUwMzEyMTkwMTIxWhcNMjUwMzEzMTkwMTIxWjAzMTEwLwYDVQQD
EygwYmZjMGNjNzcwYTdmOTBhZmYyMjc0NDliODVlNzkxODkwYTJiYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7y0fc4SxQFnNZVO0+vnLiMtsiQal
G82eIKTcUMwPZxgjXsene3Emrq8pu1JtxL8N8V0Z4TiELcPpo+2AjzxH5emSpf1v
EmEz23ifKK/qplK8Rfzqvc5KxrNfUKoCBC3S9Ob4h7Vv8eYkM7EaxPwl0EU+xXdq
tcEO8ASBAx9ugfCMCxiv6wOt7y7lcGjQHK3RSwB81QA4xEvc+lzdlJuDaZKvsp79
xwKzNyuix0Iu4L1Zgbk0iZnvluTkzqNuJpGpnvdhAQYBsuDTZkS4UQ9d1Iiz+fWi
tKgUxE5aiTqlykXiKGiVXXNNjajpX3u5MAmL0+dT3f9MEjVUfFMaDtC4YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAv8DMdwp/kK/yJ0SbheeRiQorp0MB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxQ/NifVS
fUS/ndr5hzdb4L2wDfxMaauIIGs6ZKMsb7FE3a4otpEnU5FuH6SkdEYnWYVk1HAU
Lnm+GGxTsu/+IaoXgvaQHz6mDxvOlPgXeEcsX9Q3PKfbHIYO7MY4R2/XkkHYXd5N
VgVToiTjgUe2JXAUMLrQdxKk3qbgCLZaI15cMuSg7TVKDt6bK7wAQ2u7tgdOcCKj
IIBcaHrl5u3Cip3bYufwDvZ8tnif5TCifppzSqWMnVHYkfDqTPcvy9zPvExLhpSx
aCdm3m1/vUCx42s3MQbtrB54tVoZpfDP+oAneTgm0Cyo78gw6audxRWTLPCxNHFf
GPfBf8bGYE4ZEg==
-----END CERTIFICATE-----