Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          Bvq/y3z5aXLAC/achTAO0jOuXMO78+tizX1jkdb9wXM=
Subject key identifier:   C1:69:F9:1B:2E:90:9E:64:7B:EF:56:9F:34:2E:04:33:60:4A:99:96
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       0197711AE9AD459FDA26B220674E19CB25EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          0E35
Signing time:             Sun 15 Jun 2025 01:01:18 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:18 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:18 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: YSDfjfv73Jv/aJQv6oYJEFSJHc6bdMKfTXtx1haOUxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:e9:ad:45:9f:da:26:b2:20:67:4e:19:cb:25:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Jun 15 01:01:18 2025 GMT
            Not After : Jun 16 01:01:18 2025 GMT
        Subject: CN=c169f91b2e909e647bef569f342e0433604a9996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1b:f9:02:22:80:95:1c:cd:e3:6e:cb:f3:9b:
                    3f:d5:44:74:56:bb:53:54:96:37:1e:ac:4e:87:4f:
                    05:da:c5:fa:b5:95:41:c0:32:2d:fe:9c:bf:b1:9b:
                    c8:a3:9c:39:41:80:71:27:8d:dd:bf:2a:30:6d:f4:
                    a7:42:5e:34:fc:fa:52:d6:db:55:5f:4a:58:5d:6f:
                    47:fa:25:72:a1:dd:00:ad:93:b6:fa:1d:2b:ce:cb:
                    eb:a2:56:93:0f:30:23:2d:c1:dd:cf:b8:1a:ed:2e:
                    20:19:54:ab:4f:24:97:1e:50:07:92:05:66:e6:1e:
                    5d:71:ad:04:a8:c9:f6:af:26:d3:bd:12:11:71:1e:
                    d8:d0:e9:ee:df:a8:44:73:03:94:47:97:87:14:7e:
                    fb:57:69:6f:2f:63:e4:d8:b9:e6:65:ee:24:d8:0b:
                    f1:11:9a:89:32:b5:54:21:b2:7a:83:76:bd:dd:d8:
                    58:38:ac:f0:91:42:b2:38:09:0f:e3:0c:71:a4:a9:
                    a7:75:da:b3:ee:45:fe:50:99:74:6b:d6:90:f3:40:
                    3d:85:27:b3:db:49:fc:c0:85:1d:23:f3:47:c4:b9:
                    f6:f4:4c:24:0f:93:e2:fa:3f:14:b4:c5:b1:2c:9e:
                    de:8b:fc:ad:18:ac:dd:ca:2c:ce:ba:ec:e5:98:8d:
                    4f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:69:F9:1B:2E:90:9E:64:7B:EF:56:9F:34:2E:04:33:60:4A:99:96
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:87:fc:ba:84:1d:82:95:8d:e7:7b:1a:24:76:0d:5d:1f:d9:
         16:71:79:48:24:bf:16:89:96:0f:23:f6:03:d1:a9:a8:9f:35:
         05:d7:6a:40:ed:db:17:01:d7:0e:02:7c:eb:4b:48:fd:a4:73:
         2a:82:5d:e8:11:25:3c:4e:9b:36:cb:68:00:f4:b2:25:f4:51:
         94:e2:7f:f9:5b:b5:83:01:59:68:18:12:74:b1:42:2d:fa:40:
         cc:c5:15:a9:29:0e:aa:9d:c9:d2:96:af:48:43:4e:42:de:cc:
         9d:0b:85:4c:4d:05:f8:ba:f5:60:84:d2:c2:1b:65:a1:9b:0d:
         90:14:6a:7e:fe:3a:89:94:d6:c1:ca:9b:3f:03:ce:85:77:61:
         f6:42:23:2b:f9:e5:c3:76:6f:14:01:81:8e:53:a9:04:5d:88:
         de:f0:55:20:a9:84:2e:1f:63:39:95:7b:66:00:e6:c8:a9:15:
         cb:03:99:de:9d:03:fb:05:9d:59:2a:5a:47:39:0c:66:00:90:
         12:47:45:df:43:21:37:21:bf:5b:27:a7:59:63:ac:37:ac:4f:
         32:1d:f3:cb:f7:6c:7d:d0:d0:98:77:c2:de:1b:62:4a:fb:fd:
         ef:49:dd:f5:99:a5:00:88:eb:7a:75:96:68:73:d6:71:19:59:
         60:4b:ac:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGumtRZ/aJrIgZ04ZyyXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjUwNjE1MDEwMTE4WhcNMjUwNjE2MDEwMTE4WjAzMTEwLwYDVQQD
EyhjMTY5ZjkxYjJlOTA5ZTY0N2JlZjU2OWYzNDJlMDQzMzYwNGE5OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Rv5AiKAlRzN427L85s/1UR0VrtT
VJY3HqxOh08F2sX6tZVBwDIt/py/sZvIo5w5QYBxJ43dvyowbfSnQl40/PpS1ttV
X0pYXW9H+iVyod0ArZO2+h0rzsvrolaTDzAjLcHdz7ga7S4gGVSrTySXHlAHkgVm
5h5dca0EqMn2rybTvRIRcR7Y0Onu36hEcwOUR5eHFH77V2lvL2Pk2LnmZe4k2Avx
EZqJMrVUIbJ6g3a93dhYOKzwkUKyOAkP4wxxpKmnddqz7kX+UJl0a9aQ80A9hSez
20n8wIUdI/NHxLn29EwkD5Pi+j8UtMWxLJ7ei/ytGKzdyizOuuzlmI1PewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFp+RsukJ5ke+9WnzQuBDNgSpmWMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqYf8uoQd
gpWN53saJHYNXR/ZFnF5SCS/FomWDyP2A9GpqJ81BddqQO3bFwHXDgJ860tI/aRz
KoJd6BElPE6bNstoAPSyJfRRlOJ/+Vu1gwFZaBgSdLFCLfpAzMUVqSkOqp3J0pav
SENOQt7MnQuFTE0F+Lr1YITSwhtloZsNkBRqfv46iZTWwcqbPwPOhXdh9kIjK/nl
w3ZvFAGBjlOpBF2I3vBVIKmELh9jOZV7ZgDmyKkVywOZ3p0D+wWdWSpaRzkMZgCQ
EkdF30MhNyG/WyenWWOsN6xPMh3zy/dsfdDQmHfC3htiSvv970nd9ZmlAIjrenWW
aHPWcRlZYEuskQ==
-----END CERTIFICATE-----