Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
File:                     oJD-k_R_g4ea4suDVIjNn31pm8A.mft (raw, json)
Hash identifier:          g/FNB06JpWP6WXolrWH9UUIhWlrtRjWVRCU1PmXG/Sc=
Subject key identifier:   C9:E5:30:74:AC:B2:F5:DD:36:CD:21:CA:90:93:CB:EF:00:2B:2E:C3
Authority key identifier: A0:90:FE:93:F4:7F:83:87:9A:E2:CB:83:54:88:CD:9F:7D:69:9B:C0
Certificate issuer:       /CN=a090fe93f47f83879ae2cb835488cd9f7d699bc0
Certificate serial:       019649A137FC3EC3900D3A2BB7CD2C31999C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
Manifest number:          14F6
Signing time:             Fri 18 Apr 2025 16:00:24 +0000
Manifest this update:     Fri 18 Apr 2025 16:00:24 +0000
Manifest next update:     Sat 19 Apr 2025 16:00:24 +0000
Files and hashes:         1: oJD-k_R_g4ea4suDVIjNn31pm8A.crl (hash: 90NMJdjTvD6nxHk5VwX2eyPLBsRhIjJaPP3E45LLMZs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:a1:37:fc:3e:c3:90:0d:3a:2b:b7:cd:2c:31:99:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a090fe93f47f83879ae2cb835488cd9f7d699bc0
        Validity
            Not Before: Apr 18 16:00:24 2025 GMT
            Not After : Apr 19 16:00:24 2025 GMT
        Subject: CN=c9e53074acb2f5dd36cd21ca9093cbef002b2ec3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e8:31:eb:c4:98:ec:ec:ed:75:d6:c1:90:2a:
                    d9:0d:f1:2f:03:5c:16:10:b6:81:ab:85:57:5c:0f:
                    37:bf:c0:47:e0:e8:7e:7a:a1:8f:15:b2:20:cd:be:
                    20:95:58:61:aa:11:a6:f5:d2:04:42:23:6e:3a:5c:
                    35:77:12:42:fc:38:5c:68:34:3f:7a:52:df:93:71:
                    85:49:cd:f8:f5:b5:b6:d4:56:4b:15:a5:28:5b:b4:
                    62:fe:b2:2d:86:c5:79:6d:20:12:64:fe:77:b5:3c:
                    c9:e1:31:dd:73:7e:be:49:aa:a9:f6:95:28:30:40:
                    3a:30:29:17:4d:21:2a:f0:ab:3b:a8:82:7b:60:6f:
                    33:77:48:a8:6d:b2:c3:e2:80:69:1f:1d:c8:ec:5b:
                    96:d2:cf:59:61:dd:34:cb:dc:89:3b:ab:de:6a:4f:
                    9b:02:3c:f8:af:09:af:cb:3e:8e:a8:35:d6:9e:3b:
                    ac:6e:db:c9:99:f6:3c:05:21:19:56:a9:a9:c5:b6:
                    e2:db:31:3d:0e:1c:b2:0d:1e:6a:2b:c4:1f:70:b9:
                    18:24:7c:96:1b:b8:65:39:5e:15:c8:a1:34:d6:28:
                    c8:ce:e7:1d:d3:fa:87:63:68:af:72:9e:eb:44:e6:
                    af:99:a5:e1:8b:3a:ef:20:48:a9:36:d6:13:40:24:
                    9f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:E5:30:74:AC:B2:F5:DD:36:CD:21:CA:90:93:CB:EF:00:2B:2E:C3
            X509v3 Authority Key Identifier:
                keyid:A0:90:FE:93:F4:7F:83:87:9A:E2:CB:83:54:88:CD:9F:7D:69:9B:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:28:0a:ff:2f:e6:04:1e:1c:9c:c9:21:4e:f9:70:47:af:2b:
         88:33:7d:27:fb:d8:be:6c:80:8d:bf:a9:9e:25:bd:01:f0:18:
         4c:12:7d:62:d6:8e:a1:63:e3:ef:01:ef:a7:3f:06:51:75:04:
         9a:68:53:fe:0e:6d:45:62:52:1c:5b:ca:63:00:c8:4c:c9:12:
         0a:b3:50:39:2f:17:ca:92:a3:23:bd:50:89:e7:f2:53:5a:de:
         de:21:f6:45:b6:27:95:cc:2e:36:ac:42:81:64:51:83:74:40:
         ff:3e:13:00:68:ee:3c:7e:09:6f:4a:fb:56:c1:df:5a:fc:1b:
         68:ad:5e:20:97:46:e9:f6:95:1b:53:2c:4e:7a:40:7f:96:4e:
         5b:ea:68:a0:16:7e:ba:5e:73:d0:04:4c:1a:bc:a4:f9:0a:fd:
         fd:1d:58:cb:1a:60:a5:b8:f1:b4:d5:23:9a:52:8d:68:48:9a:
         23:dc:0c:d0:b6:b3:77:97:12:ce:12:12:39:3d:65:f6:58:d7:
         06:d7:63:82:0e:e0:c7:76:50:3b:df:b2:2b:d6:24:aa:9c:51:
         39:eb:f4:24:53:e7:e9:92:e4:57:08:77:93:1e:0e:07:a3:3e:
         f9:2e:b3:31:9a:45:1e:b8:64:b8:c8:2e:2c:2f:53:33:98:02:
         e7:de:b7:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJoTf8PsOQDTort80sMZmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOTBmZTkzZjQ3ZjgzODc5YWUyY2I4MzU0ODhjZDlmN2Q2
OTliYzAwHhcNMjUwNDE4MTYwMDI0WhcNMjUwNDE5MTYwMDI0WjAzMTEwLwYDVQQD
EyhjOWU1MzA3NGFjYjJmNWRkMzZjZDIxY2E5MDkzY2JlZjAwMmIyZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+gx68SY7OztddbBkCrZDfEvA1wW
ELaBq4VXXA83v8BH4Oh+eqGPFbIgzb4glVhhqhGm9dIEQiNuOlw1dxJC/DhcaDQ/
elLfk3GFSc349bW21FZLFaUoW7Ri/rIthsV5bSASZP53tTzJ4THdc36+Saqp9pUo
MEA6MCkXTSEq8Ks7qIJ7YG8zd0iobbLD4oBpHx3I7FuW0s9ZYd00y9yJO6veak+b
Ajz4rwmvyz6OqDXWnjusbtvJmfY8BSEZVqmpxbbi2zE9DhyyDR5qK8QfcLkYJHyW
G7hlOV4VyKE01ijIzucd0/qHY2ivcp7rROavmaXhizrvIEipNtYTQCSf3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnlMHSssvXdNs0hypCTy+8AKy7DMB8GA1UdIwQY
MBaAFKCQ/pP0f4OHmuLLg1SIzZ99aZvAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYmJjYzktZjgzMi00YjViLWJjMjIt
MjU3ODFlMTE2NzgyLzEvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYmJjYzktZjgzMi00YjViLWJjMjItMjU3ODFlMTE2Nzgy
LzEvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYigK/y/m
BB4cnMkhTvlwR68riDN9J/vYvmyAjb+pniW9AfAYTBJ9YtaOoWPj7wHvpz8GUXUE
mmhT/g5tRWJSHFvKYwDITMkSCrNQOS8XypKjI71QiefyU1re3iH2RbYnlcwuNqxC
gWRRg3RA/z4TAGjuPH4Jb0r7VsHfWvwbaK1eIJdG6faVG1MsTnpAf5ZOW+pooBZ+
ul5z0ARMGryk+Qr9/R1YyxpgpbjxtNUjmlKNaEiaI9wM0Lazd5cSzhISOT1l9ljX
Btdjgg7gx3ZQO9+yK9YkqpxROev0JFPn6ZLkVwh3kx4OB6M++S6zMZpFHrhkuMgu
LC9TM5gC59631g==
-----END CERTIFICATE-----