Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
File:                     OPJMluat5giBDDDZoTB8xpr5_00.mft (raw, json)
Hash identifier:          0CGmCbiFT18rlhvx+oVbAkRV2J1x3a3lyO96VmFc+xU=
Subject key identifier:   0E:1D:4F:12:7B:6A:F2:97:35:56:A0:89:42:84:76:19:C9:E8:E8:35
Authority key identifier: 38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D
Certificate issuer:       /CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d
Certificate serial:       01964331DC05DCBA22E94523D5C7B7B8FB15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
Manifest number:          0BAA
Signing time:             Thu 17 Apr 2025 10:01:02 +0000
Manifest this update:     Thu 17 Apr 2025 10:01:02 +0000
Manifest next update:     Fri 18 Apr 2025 10:01:02 +0000
Files and hashes:         1: OPJMluat5giBDDDZoTB8xpr5_00.crl (hash: 6wxapLZUCIkhbZPy2mfrQOqfmEhW366H9dNAl0WFI0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:31:dc:05:dc:ba:22:e9:45:23:d5:c7:b7:b8:fb:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d
        Validity
            Not Before: Apr 17 10:01:02 2025 GMT
            Not After : Apr 18 10:01:02 2025 GMT
        Subject: CN=0e1d4f127b6af2973556a08942847619c9e8e835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:41:d5:47:8e:f8:79:93:f8:62:16:4a:ac:a5:
                    28:f7:26:5e:9b:8f:e6:30:21:e8:81:37:9e:64:c1:
                    0c:ec:dd:37:f2:07:ec:78:24:72:12:e6:a6:39:b3:
                    83:e0:7e:0f:9a:25:01:08:36:09:d2:18:72:34:e7:
                    19:1e:f1:15:ca:ca:ee:9c:68:06:7a:2f:8e:f9:f9:
                    69:41:b9:81:fe:3d:b9:e4:d9:fa:ab:38:50:83:a4:
                    d9:fa:cc:d7:fd:0f:ad:2c:d7:27:c2:3b:66:36:6a:
                    e8:bf:f4:d0:0c:d0:86:a8:6c:b8:74:b7:21:0e:44:
                    51:dd:e1:19:7c:a9:2c:30:f3:a4:0e:c6:32:fa:92:
                    5c:2d:e7:26:96:25:3e:56:5b:10:cd:62:c3:59:49:
                    f0:89:ed:9e:07:3f:81:1b:7d:7f:39:5b:d1:38:6b:
                    21:78:15:13:10:6a:0d:9a:72:de:de:cd:e5:49:99:
                    2a:4a:1b:96:d3:6f:e1:6a:06:29:d8:8d:fc:b4:f1:
                    13:fa:69:79:5d:dc:ba:c9:f0:34:68:8b:c3:d0:72:
                    6e:dc:0e:c0:45:8b:35:78:f6:3a:d2:b7:8d:07:fb:
                    0a:32:1f:f8:69:73:ed:11:3c:d3:9c:cb:79:da:90:
                    55:12:04:9d:36:68:f0:af:f5:60:7d:ea:7f:89:c2:
                    8b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1D:4F:12:7B:6A:F2:97:35:56:A0:89:42:84:76:19:C9:E8:E8:35
            X509v3 Authority Key Identifier:
                keyid:38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:74:f4:bb:52:1d:a8:1f:cd:7d:fd:ca:24:3c:09:35:9f:53:
         46:eb:6e:67:ba:a8:bc:3d:0a:ff:4b:15:70:60:62:41:53:62:
         3c:16:c3:0c:98:6a:87:fc:ae:cd:b2:cc:a4:9a:6b:0b:97:27:
         d1:80:33:79:df:24:01:d6:35:b3:61:61:03:2c:94:a3:f9:8f:
         ce:04:54:34:c7:3b:43:ea:ec:fb:09:d4:b0:60:3a:4a:66:22:
         90:d1:c2:60:03:3f:7b:84:b6:a6:da:28:07:9c:4c:3f:9b:8f:
         e5:2e:5f:cf:8d:38:71:c2:67:89:c8:42:85:d2:2c:cc:a1:b5:
         72:3e:af:ff:91:7d:d8:55:fc:61:f3:54:e8:43:5c:94:23:b9:
         07:72:79:66:6e:ad:3c:27:5e:f3:fb:96:bb:e5:fe:f8:85:89:
         dc:d4:97:f6:95:32:19:03:13:13:f0:bb:68:64:5c:09:e1:f4:
         e3:d3:ba:b4:41:68:2d:03:60:94:57:83:04:d8:d1:d5:90:ff:
         4a:51:54:3e:5f:c1:0c:55:03:82:38:0a:5a:64:3c:ab:35:3d:
         2a:fa:ca:5c:db:10:5d:73:46:f3:f1:26:34:e1:a2:e8:b9:ac:
         c0:3d:63:4e:ef:1c:7f:56:58:08:d2:23:9b:00:b8:c4:31:57:
         d8:c5:f2:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDMdwF3Loi6UUj1ce3uPsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjI0Yzk2ZTZhZGU2MDg4MTBjMzBkOWExMzA3Y2M2OWFm
OWZmNGQwHhcNMjUwNDE3MTAwMTAyWhcNMjUwNDE4MTAwMTAyWjAzMTEwLwYDVQQD
EygwZTFkNGYxMjdiNmFmMjk3MzU1NmEwODk0Mjg0NzYxOWM5ZThlODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUHVR474eZP4YhZKrKUo9yZem4/m
MCHogTeeZMEM7N038gfseCRyEuamObOD4H4PmiUBCDYJ0hhyNOcZHvEVysrunGgG
ei+O+flpQbmB/j255Nn6qzhQg6TZ+szX/Q+tLNcnwjtmNmrov/TQDNCGqGy4dLch
DkRR3eEZfKksMPOkDsYy+pJcLecmliU+VlsQzWLDWUnwie2eBz+BG31/OVvROGsh
eBUTEGoNmnLe3s3lSZkqShuW02/hagYp2I38tPET+ml5Xdy6yfA0aIvD0HJu3A7A
RYs1ePY60reNB/sKMh/4aXPtETzTnMt52pBVEgSdNmjwr/Vgfep/icKL+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4dTxJ7avKXNVagiUKEdhnJ6Og1MB8GA1UdIwQY
MBaAFDjyTJbmreYIgQww2aEwfMaa+f9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMt
MDRlNGE4NGE3NGFjLzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMtMDRlNGE4NGE3NGFj
LzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuXT0u1Id
qB/Nff3KJDwJNZ9TRutuZ7qovD0K/0sVcGBiQVNiPBbDDJhqh/yuzbLMpJprC5cn
0YAzed8kAdY1s2FhAyyUo/mPzgRUNMc7Q+rs+wnUsGA6SmYikNHCYAM/e4S2ptoo
B5xMP5uP5S5fz404ccJnichChdIszKG1cj6v/5F92FX8YfNU6ENclCO5B3J5Zm6t
PCde8/uWu+X++IWJ3NSX9pUyGQMTE/C7aGRcCeH049O6tEFoLQNglFeDBNjR1ZD/
SlFUPl/BDFUDgjgKWmQ8qzU9KvrKXNsQXXNG8/EmNOGi6LmswD1jTu8cf1ZYCNIj
mwC4xDFX2MXyzw==
-----END CERTIFICATE-----