Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          NVllrAHT6/GrORJfBmDrmL1UPI4p7GPwG77+Y5EkLf0=
Subject key identifier:   2A:D1:D2:2C:57:E3:08:6C:06:94:68:C8:9E:4A:D3:A0:B9:94:22:4F
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       01976BF3F09126F2A7D5E3809F941ACDAB52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          01D8
Signing time:             Sat 14 Jun 2025 01:00:38 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:38 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:38 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: D4UuMui9CCr/6d3KOzbP03/zX5l4Ae2gOM66yXFl68Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f3:f0:91:26:f2:a7:d5:e3:80:9f:94:1a:cd:ab:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Jun 14 01:00:38 2025 GMT
            Not After : Jun 15 01:00:38 2025 GMT
        Subject: CN=2ad1d22c57e3086c069468c89e4ad3a0b994224f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:40:50:5e:bc:2d:cd:0b:ba:53:74:6e:54:db:
                    7b:e2:5f:0b:bc:b0:48:75:28:5b:e6:82:1f:15:f2:
                    07:ec:d7:dd:53:a1:9f:41:6b:07:e4:60:a7:ee:a5:
                    b1:a1:cc:5d:e6:08:63:23:fb:bf:75:db:40:1b:14:
                    c6:5e:d0:3b:06:49:cb:38:ae:dd:58:35:7c:2c:1a:
                    9d:ba:e8:3e:ef:da:4d:8c:59:23:f9:59:79:b3:80:
                    80:38:bc:08:2a:a1:75:38:76:73:a1:21:e7:49:11:
                    7c:ff:62:01:27:cf:e8:df:d3:b8:1f:fd:e6:68:57:
                    30:08:95:28:a3:21:ac:c2:c6:be:7f:bb:d1:c3:2a:
                    8f:81:5a:84:bc:6d:eb:08:0f:3d:56:ae:67:4f:8d:
                    32:9d:a4:13:fd:70:ee:45:8c:d3:04:85:a8:ce:9a:
                    a7:2a:e4:c4:b3:d8:85:3a:bb:34:3c:2d:06:f4:ba:
                    a4:88:ec:fb:a1:b5:42:0e:5a:6b:11:c7:e9:28:6e:
                    91:85:8d:77:4c:d0:1c:44:05:09:c7:9a:6d:c9:3c:
                    1d:ee:45:c2:cd:4c:7c:b9:50:9c:ae:db:b5:d4:ec:
                    58:ee:cd:0c:a6:42:a9:2b:6c:87:c9:37:7a:7a:75:
                    47:56:97:01:fe:2e:c6:0f:ce:93:a4:0d:77:85:a9:
                    38:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:D1:D2:2C:57:E3:08:6C:06:94:68:C8:9E:4A:D3:A0:B9:94:22:4F
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:9e:c1:fb:42:c0:05:02:a8:12:77:25:2d:d6:49:25:fd:de:
         28:61:d4:87:84:67:e7:8b:96:98:d5:fd:3d:58:f6:a9:d9:05:
         d1:1e:bf:e4:aa:00:63:b9:cf:be:07:5e:79:b0:1f:eb:f5:29:
         6e:dc:a7:53:2d:34:83:56:ce:1d:34:e0:f6:97:4b:41:4f:4c:
         36:80:46:be:2a:a9:52:a3:ef:ec:e6:7a:c3:d6:0a:7c:30:9b:
         ba:d4:46:7d:f0:ee:e8:a9:14:d3:59:65:dd:d1:40:54:9d:41:
         79:e3:75:14:fb:50:7b:49:23:62:a5:7e:1f:5f:95:d6:41:26:
         58:fe:78:86:dc:20:64:5a:19:13:e5:72:e4:e3:91:cd:30:70:
         26:44:7d:67:74:9d:91:4d:e5:f5:c0:f3:91:dc:4e:54:e6:b4:
         a9:bc:22:d2:a7:1c:03:13:99:90:80:9e:4b:0e:8b:ce:80:9c:
         33:fa:88:cc:07:6b:1e:2b:a0:72:32:bd:de:2c:46:91:c3:0f:
         9a:34:50:14:a8:b1:31:f1:af:28:7c:fb:17:8f:b7:16:18:c5:
         47:84:45:b1:ad:85:4c:dc:1a:bb:44:f7:39:58:07:89:47:1a:
         13:b8:75:fc:cf:c3:d3:a6:e4:2c:6e:61:e2:9c:16:c3:44:49:
         0b:e7:b1:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr8/CRJvKn1eOAn5QazatSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUwNjE0MDEwMDM4WhcNMjUwNjE1MDEwMDM4WjAzMTEwLwYDVQQD
EygyYWQxZDIyYzU3ZTMwODZjMDY5NDY4Yzg5ZTRhZDNhMGI5OTQyMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskBQXrwtzQu6U3RuVNt74l8LvLBI
dShb5oIfFfIH7NfdU6GfQWsH5GCn7qWxocxd5ghjI/u/ddtAGxTGXtA7BknLOK7d
WDV8LBqduug+79pNjFkj+Vl5s4CAOLwIKqF1OHZzoSHnSRF8/2IBJ8/o39O4H/3m
aFcwCJUooyGswsa+f7vRwyqPgVqEvG3rCA89Vq5nT40ynaQT/XDuRYzTBIWozpqn
KuTEs9iFOrs0PC0G9LqkiOz7obVCDlprEcfpKG6RhY13TNAcRAUJx5ptyTwd7kXC
zUx8uVCcrtu11OxY7s0MpkKpK2yHyTd6enVHVpcB/i7GD86TpA13hak4AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrR0ixX4whsBpRoyJ5K06C5lCJPMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANZ7B+0LA
BQKoEnclLdZJJf3eKGHUh4Rn54uWmNX9PVj2qdkF0R6/5KoAY7nPvgdeebAf6/Up
btynUy00g1bOHTTg9pdLQU9MNoBGviqpUqPv7OZ6w9YKfDCbutRGffDu6KkU01ll
3dFAVJ1BeeN1FPtQe0kjYqV+H1+V1kEmWP54htwgZFoZE+Vy5OORzTBwJkR9Z3Sd
kU3l9cDzkdxOVOa0qbwi0qccAxOZkICeSw6LzoCcM/qIzAdrHiugcjK93ixGkcMP
mjRQFKixMfGvKHz7F4+3FhjFR4RFsa2FTNwau0T3OVgHiUcaE7h1/M/D06bkLG5h
4pwWw0RJC+exvg==
-----END CERTIFICATE-----