Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
File:                     wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft (raw, json)
Hash identifier:          QA6nRK/hysBM7PGIGUWpQq4lXZkIvKF4xajL+ZTw6YQ=
Subject key identifier:   0B:EA:82:40:CC:3E:7D:EE:60:1C:40:F7:C7:E6:AB:3D:06:A3:79:87
Authority key identifier: C2:8D:33:84:B4:12:C7:CC:DB:FF:A6:41:D4:14:C1:17:DD:0E:D0:55
Certificate issuer:       /CN=c28d3384b412c7ccdbffa641d414c117dd0ed055
Certificate serial:       019680C6BB8731D906FB742957EDE0302841
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
Manifest number:          024C
Signing time:             Tue 29 Apr 2025 09:00:29 +0000
Manifest this update:     Tue 29 Apr 2025 09:00:29 +0000
Manifest next update:     Wed 30 Apr 2025 09:00:29 +0000
Files and hashes:         1: wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl (hash: Z1pdAMQdmwSD4PvbxpRKkTXpBml+Gjr1pILIUty2QZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 09:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:c6:bb:87:31:d9:06:fb:74:29:57:ed:e0:30:28:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c28d3384b412c7ccdbffa641d414c117dd0ed055
        Validity
            Not Before: Apr 29 09:00:29 2025 GMT
            Not After : Apr 30 09:00:29 2025 GMT
        Subject: CN=0bea8240cc3e7dee601c40f7c7e6ab3d06a37987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5e:41:77:a6:84:a7:78:b4:3d:43:33:e4:1a:
                    f3:4c:3f:f5:ee:68:af:b1:d4:74:98:82:8a:fa:28:
                    4f:3b:e2:3e:e0:83:a6:a2:6d:d2:5a:f3:a5:89:f2:
                    3b:6c:ce:e5:d2:75:c4:eb:e1:b9:8d:f2:09:67:3b:
                    73:a8:b9:33:7e:ee:ab:44:85:85:79:aa:52:0a:98:
                    11:50:6c:ed:39:a3:56:9f:36:e1:f6:d5:80:d0:aa:
                    6c:d3:0d:6e:7c:1b:0d:f3:55:1d:35:3f:88:32:74:
                    b7:62:ce:dc:d0:32:6f:fd:f4:17:bf:a9:59:43:97:
                    de:1d:10:64:21:19:47:f7:07:17:e5:45:57:4e:ba:
                    f2:b0:09:de:1f:2d:73:29:5f:12:c2:ce:e6:69:9d:
                    88:96:3e:e7:c1:8a:4a:d0:29:c0:ae:dc:c5:56:dc:
                    52:1f:69:9e:54:ff:bb:bc:92:3b:6d:04:3f:ff:2b:
                    1e:e7:f6:80:1d:ca:2e:97:c2:9b:c8:2b:ea:61:d3:
                    95:63:55:23:84:fb:2a:bc:d1:38:eb:51:ff:70:e1:
                    a9:f6:ec:76:75:b8:5a:ba:2d:7e:b1:af:04:bd:b1:
                    b7:b1:d7:1e:e0:e0:5a:8c:1f:a2:b1:94:c4:bf:10:
                    1f:f4:46:46:55:b0:3f:9d:db:9d:61:1c:e5:92:80:
                    70:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:EA:82:40:CC:3E:7D:EE:60:1C:40:F7:C7:E6:AB:3D:06:A3:79:87
            X509v3 Authority Key Identifier:
                keyid:C2:8D:33:84:B4:12:C7:CC:DB:FF:A6:41:D4:14:C1:17:DD:0E:D0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:02:ed:9e:bd:34:0c:a8:0b:cc:e6:39:88:e3:19:b1:0c:2b:
         a0:10:aa:d5:02:5a:7f:82:db:bb:d6:e8:35:9f:d1:52:ba:79:
         b8:53:38:61:2a:30:a1:98:31:d3:5f:99:d7:1f:14:80:0e:87:
         aa:fe:90:1d:84:29:20:c7:77:05:7a:8c:bb:7e:76:dd:84:15:
         34:15:ec:2f:f2:9f:f2:5b:bb:e2:cb:27:b1:64:70:4b:f6:f7:
         6a:59:24:3c:68:9e:d8:c7:da:22:8b:5d:8e:11:d7:4a:fe:e8:
         c4:1e:45:75:14:42:19:7f:01:5a:8b:75:3d:5e:a6:2a:3f:1a:
         2f:ae:89:a9:bf:27:7c:5b:16:fe:ea:06:ed:26:e5:24:c7:c2:
         67:75:90:fc:69:76:77:d0:5e:e2:d1:1d:da:66:b9:f2:6e:ed:
         78:a2:0e:3a:cc:c8:86:f8:60:41:99:2c:30:12:da:a8:ad:ef:
         08:1d:51:9a:b2:be:e7:2f:85:f6:eb:30:74:0d:79:de:9f:2f:
         f7:1b:90:4f:cb:d0:5d:e4:53:55:1d:c3:a3:29:46:ad:06:0d:
         3a:26:63:9e:d9:58:49:c5:da:40:b5:a1:55:16:38:ac:be:0f:
         96:e8:5f:4a:a2:fd:25:34:6c:ba:d5:1f:4c:a7:31:f4:1e:f2:
         52:96:51:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAxruHMdkG+3QpV+3gMChBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOGQzMzg0YjQxMmM3Y2NkYmZmYTY0MWQ0MTRjMTE3ZGQw
ZWQwNTUwHhcNMjUwNDI5MDkwMDI5WhcNMjUwNDMwMDkwMDI5WjAzMTEwLwYDVQQD
EygwYmVhODI0MGNjM2U3ZGVlNjAxYzQwZjdjN2U2YWIzZDA2YTM3OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl5Bd6aEp3i0PUMz5BrzTD/17miv
sdR0mIKK+ihPO+I+4IOmom3SWvOlifI7bM7l0nXE6+G5jfIJZztzqLkzfu6rRIWF
eapSCpgRUGztOaNWnzbh9tWA0Kps0w1ufBsN81UdNT+IMnS3Ys7c0DJv/fQXv6lZ
Q5feHRBkIRlH9wcX5UVXTrrysAneHy1zKV8Sws7maZ2Ilj7nwYpK0CnArtzFVtxS
H2meVP+7vJI7bQQ//yse5/aAHcoul8KbyCvqYdOVY1UjhPsqvNE461H/cOGp9ux2
dbhaui1+sa8EvbG3sdce4OBajB+isZTEvxAf9EZGVbA/ndudYRzlkoBwhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvqgkDMPn3uYBxA98fmqz0Go3mHMB8GA1UdIwQY
MBaAFMKNM4S0EsfM2/+mQdQUwRfdDtBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80YTYxZmMtZDA3Ny00ZjRkLWIyZWEt
ZDkwMzY4MjcwZTE0LzEvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80YTYxZmMtZDA3Ny00ZjRkLWIyZWEtZDkwMzY4MjcwZTE0
LzEvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgLtnr00
DKgLzOY5iOMZsQwroBCq1QJaf4Lbu9boNZ/RUrp5uFM4YSowoZgx01+Z1x8UgA6H
qv6QHYQpIMd3BXqMu3523YQVNBXsL/Kf8lu74ssnsWRwS/b3alkkPGie2MfaIotd
jhHXSv7oxB5FdRRCGX8BWot1PV6mKj8aL66Jqb8nfFsW/uoG7SblJMfCZ3WQ/Gl2
d9Be4tEd2ma58m7teKIOOszIhvhgQZksMBLaqK3vCB1RmrK+5y+F9uswdA153p8v
9xuQT8vQXeRTVR3DoylGrQYNOiZjntlYScXaQLWhVRY4rL4PluhfSqL9JTRsutUf
TKcx9B7yUpZRFw==
-----END CERTIFICATE-----