Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          wL3ojsDCWrhRGjICAPRCbd/5PLYXcr2sA9qjh1xheMI=
Subject key identifier:   D2:7E:6E:12:F7:AE:27:9A:05:78:1B:FE:06:52:7F:CA:CF:7E:04:52
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       019677FBD23378BC22ACD370D43B5DE53556
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          0DB4
Signing time:             Sun 27 Apr 2025 16:01:54 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:54 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:54 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: Amk4aw8efVN82I9I/PhxgW5nqDwDrQCNtbtSaQhFufc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:d2:33:78:bc:22:ac:d3:70:d4:3b:5d:e5:35:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Apr 27 16:01:54 2025 GMT
            Not After : Apr 28 16:01:54 2025 GMT
        Subject: CN=d27e6e12f7ae279a05781bfe06527fcacf7e0452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:81:cf:b9:60:0c:9d:5e:b5:04:14:cc:37:e1:
                    f8:0b:bd:b7:cf:d8:22:f9:eb:87:ea:84:80:59:a7:
                    e0:0d:96:ea:6b:44:c2:72:03:85:56:8a:48:e6:c2:
                    2b:87:3a:8d:1a:dd:1e:da:bd:55:0a:93:dd:21:12:
                    87:40:f7:c0:6b:81:47:91:a6:de:56:05:b7:29:bf:
                    82:1f:d3:a4:ac:68:1a:65:92:0f:f9:6f:64:d0:2a:
                    89:df:c4:90:99:c8:c7:63:7b:fd:90:8b:69:9d:61:
                    d0:8e:42:c5:60:cf:80:eb:81:02:da:72:28:e8:dd:
                    84:0e:bf:23:4d:cf:d2:52:3f:27:c5:80:70:45:a7:
                    c5:bc:92:6f:ea:7a:80:a2:2a:15:dd:07:02:6c:0d:
                    2d:7d:28:af:5b:49:24:c5:34:a8:7f:b0:a2:c7:4c:
                    54:14:ee:7f:93:b3:0a:86:7f:98:ef:cb:d5:22:13:
                    0c:a0:d0:31:e8:ba:34:da:58:07:fb:dc:ed:73:06:
                    a8:5f:f1:7b:ef:cd:04:b3:35:ca:0f:02:e7:02:3d:
                    d5:ff:f0:49:a8:7c:f8:d5:84:48:27:93:b4:f7:85:
                    73:48:35:52:4f:a2:0e:60:96:78:22:ce:04:4f:4f:
                    c9:51:f9:7c:d3:ba:cf:34:82:cc:17:70:77:f2:28:
                    60:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:7E:6E:12:F7:AE:27:9A:05:78:1B:FE:06:52:7F:CA:CF:7E:04:52
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:43:c1:70:78:58:f7:3f:5f:48:fa:60:63:74:ea:f5:49:eb:
         a9:c4:b1:27:ba:67:3d:3c:b1:19:78:d8:cb:cc:2c:4b:d3:75:
         60:62:3a:ce:2a:52:9d:c4:cd:a3:a9:f0:98:0e:9a:ca:b1:26:
         32:41:a7:d5:48:19:db:3c:cf:45:3e:0f:37:09:76:9d:ac:93:
         45:5d:4e:70:f1:02:6f:35:91:9f:7d:31:81:9d:94:b5:05:47:
         03:4a:a8:0b:cd:82:f0:fc:26:e3:b2:01:0b:13:86:02:2c:ef:
         1c:57:0e:1a:f0:00:1d:3d:07:d1:24:90:68:4c:f7:ac:7f:0d:
         73:42:5b:ba:d5:34:35:0e:09:a6:7c:4f:5e:d2:6f:15:ce:18:
         a9:72:1c:ab:97:6f:0b:6e:fe:1f:96:f2:82:97:ed:83:c4:4f:
         3d:cd:b4:83:c9:a0:a9:69:a9:1b:12:78:c4:f0:f7:31:ae:c9:
         53:15:99:d4:69:8e:14:c0:d9:87:43:74:39:83:51:b2:99:96:
         14:de:ea:eb:98:c6:ab:97:61:5e:ac:d4:88:8d:55:bc:d2:48:
         d0:b8:65:3c:e1:3b:7e:f9:e9:6f:eb:8a:f1:3e:e9:07:6e:05:
         60:14:6d:f7:de:0c:3f:85:c0:f0:27:e7:26:0b:a8:cf:2c:23:
         0d:30:71:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+9IzeLwirNNw1Dtd5TVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjUwNDI3MTYwMTU0WhcNMjUwNDI4MTYwMTU0WjAzMTEwLwYDVQQD
EyhkMjdlNmUxMmY3YWUyNzlhMDU3ODFiZmUwNjUyN2ZjYWNmN2UwNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoHPuWAMnV61BBTMN+H4C723z9gi
+euH6oSAWafgDZbqa0TCcgOFVopI5sIrhzqNGt0e2r1VCpPdIRKHQPfAa4FHkabe
VgW3Kb+CH9OkrGgaZZIP+W9k0CqJ38SQmcjHY3v9kItpnWHQjkLFYM+A64EC2nIo
6N2EDr8jTc/SUj8nxYBwRafFvJJv6nqAoioV3QcCbA0tfSivW0kkxTSof7Cix0xU
FO5/k7MKhn+Y78vVIhMMoNAx6Lo02lgH+9ztcwaoX/F7780EszXKDwLnAj3V//BJ
qHz41YRIJ5O094VzSDVST6IOYJZ4Is4ET0/JUfl807rPNILMF3B38ihgOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJ+bhL3rieaBXgb/gZSf8rPfgRSMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqkPBcHhY
9z9fSPpgY3Tq9UnrqcSxJ7pnPTyxGXjYy8wsS9N1YGI6zipSncTNo6nwmA6ayrEm
MkGn1UgZ2zzPRT4PNwl2nayTRV1OcPECbzWRn30xgZ2UtQVHA0qoC82C8Pwm47IB
CxOGAizvHFcOGvAAHT0H0SSQaEz3rH8Nc0JbutU0NQ4JpnxPXtJvFc4YqXIcq5dv
C27+H5bygpftg8RPPc20g8mgqWmpGxJ4xPD3Ma7JUxWZ1GmOFMDZh0N0OYNRspmW
FN7q65jGq5dhXqzUiI1VvNJI0LhlPOE7fvnpb+uK8T7pB24FYBRt994MP4XA8Cfn
JguozywjDTBxqQ==
-----END CERTIFICATE-----