Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft
File:                     oE_JgO38R54EauArEOVyRbuSyLc.mft (raw, json)
Hash identifier:          7Pbl8vHP3IBJ8GWrqQbINwK20APcWaYILoUeeQzRuOA=
Subject key identifier:   D6:BB:EF:16:2C:AB:DB:DC:C1:C9:02:36:96:A7:4A:A9:6B:B8:15:76
Authority key identifier: A0:4F:C9:80:ED:FC:47:9E:04:6A:E0:2B:10:E5:72:45:BB:92:C8:B7
Certificate issuer:       /CN=a04fc980edfc479e046ae02b10e57245bb92c8b7
Certificate serial:       019682473A281A6D57EA97FC6B57DDE80996
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oE_JgO38R54EauArEOVyRbuSyLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft
Manifest number:          0516
Signing time:             Tue 29 Apr 2025 16:00:28 +0000
Manifest this update:     Tue 29 Apr 2025 16:00:28 +0000
Manifest next update:     Wed 30 Apr 2025 16:00:28 +0000
Files and hashes:         1: oE_JgO38R54EauArEOVyRbuSyLc.crl (hash: kqPOu9hChPzjRXv0R9Aa/iGQipSRok+LnjtTqBPn7cc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oE_JgO38R54EauArEOVyRbuSyLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:47:3a:28:1a:6d:57:ea:97:fc:6b:57:dd:e8:09:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a04fc980edfc479e046ae02b10e57245bb92c8b7
        Validity
            Not Before: Apr 29 16:00:28 2025 GMT
            Not After : Apr 30 16:00:28 2025 GMT
        Subject: CN=d6bbef162cabdbdcc1c9023696a74aa96bb81576
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7e:20:86:32:2d:8c:ab:89:b6:09:14:7c:99:
                    f2:2f:50:54:07:ce:b0:1e:5c:9b:ea:16:d7:2e:db:
                    91:0d:a6:7d:9e:2e:87:a5:5d:40:fc:cb:1d:6d:47:
                    39:a4:32:ec:d8:a6:62:ec:1d:14:55:39:99:cb:84:
                    7a:8e:d3:1d:fc:8c:43:ac:e4:3f:d6:7a:44:5a:28:
                    fc:3e:e3:3d:ae:6f:e5:62:ac:03:c5:da:a5:91:ba:
                    4b:b5:0c:35:84:70:07:ee:86:af:de:8c:3f:ed:39:
                    62:c6:d9:28:05:f5:3c:75:8c:e5:89:e9:83:6a:06:
                    96:82:48:06:52:90:8c:4f:05:a0:80:7b:da:d4:82:
                    f2:88:da:ae:b8:3e:a0:ce:7d:ba:c3:23:f1:92:f1:
                    c8:56:3e:8b:eb:14:b1:62:de:1f:d8:f3:bf:71:44:
                    5e:9d:4a:3d:ee:25:63:cc:6f:15:f3:f7:c5:c5:ae:
                    2a:01:66:1b:14:b7:18:b6:69:21:b4:7d:75:54:92:
                    4f:67:50:c4:e9:9c:d7:c9:1b:36:05:91:98:c2:e1:
                    ed:e1:39:6c:13:6e:63:eb:c0:3f:ce:7e:2c:3e:ed:
                    c7:28:7b:4f:7c:c1:e3:7c:1a:6b:6b:0c:bf:2a:6e:
                    bd:4b:e0:f8:2e:1f:aa:bd:0f:74:1b:28:b8:cc:55:
                    e1:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:BB:EF:16:2C:AB:DB:DC:C1:C9:02:36:96:A7:4A:A9:6B:B8:15:76
            X509v3 Authority Key Identifier:
                keyid:A0:4F:C9:80:ED:FC:47:9E:04:6A:E0:2B:10:E5:72:45:BB:92:C8:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE_JgO38R54EauArEOVyRbuSyLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:c9:5f:46:95:c0:ef:68:af:96:27:ae:ce:19:41:f5:02:c5:
         09:a4:ad:5d:a3:63:db:f9:42:d8:36:be:60:3e:62:d3:35:8d:
         39:7f:26:da:67:8c:9f:39:88:e0:fe:e9:f2:f7:5c:1e:f8:ca:
         13:a8:79:12:07:c9:55:05:d0:e4:c4:80:6c:56:43:8d:d7:97:
         b4:a5:81:b1:32:9d:a6:3f:5b:c6:e9:b2:c8:9c:a4:3d:93:6c:
         01:43:a6:fb:91:80:f2:a3:7e:be:d5:d4:6c:cc:e0:57:b7:ca:
         a2:72:60:8f:d5:e6:6e:10:5b:4f:5a:82:f2:e8:50:53:a7:d8:
         9d:7d:bd:5e:33:8b:b6:8f:c4:31:d4:14:3c:1e:72:e4:8f:60:
         fd:fb:9b:8a:dd:b2:2c:da:d9:0e:0e:05:84:80:7a:98:7c:aa:
         6d:63:b1:97:cb:85:e0:8f:8b:34:f4:ab:3d:fb:12:86:7a:c5:
         8a:17:ed:97:9b:55:8a:91:9b:6d:42:e5:db:c0:48:76:a8:b4:
         2e:d3:c7:75:e2:e0:2f:8b:88:27:27:d5:4e:dc:f6:c4:29:8f:
         1a:9b:a4:de:f8:6a:e6:93:00:fb:82:de:35:3e:27:5b:d6:ab:
         13:15:d6:4c:90:e3:ce:77:f7:2d:81:d1:61:c5:d0:3e:4f:af:
         5e:94:5f:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCRzooGm1X6pf8a1fd6AmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNGZjOTgwZWRmYzQ3OWUwNDZhZTAyYjEwZTU3MjQ1YmI5
MmM4YjcwHhcNMjUwNDI5MTYwMDI4WhcNMjUwNDMwMTYwMDI4WjAzMTEwLwYDVQQD
EyhkNmJiZWYxNjJjYWJkYmRjYzFjOTAyMzY5NmE3NGFhOTZiYjgxNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX4ghjItjKuJtgkUfJnyL1BUB86w
Hlyb6hbXLtuRDaZ9ni6HpV1A/MsdbUc5pDLs2KZi7B0UVTmZy4R6jtMd/IxDrOQ/
1npEWij8PuM9rm/lYqwDxdqlkbpLtQw1hHAH7oav3ow/7TlixtkoBfU8dYzliemD
agaWgkgGUpCMTwWggHva1ILyiNquuD6gzn26wyPxkvHIVj6L6xSxYt4f2PO/cURe
nUo97iVjzG8V8/fFxa4qAWYbFLcYtmkhtH11VJJPZ1DE6ZzXyRs2BZGYwuHt4Tls
E25j68A/zn4sPu3HKHtPfMHjfBprawy/Km69S+D4Lh+qvQ90Gyi4zFXhcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNa77xYsq9vcwckCNpanSqlruBV2MB8GA1UdIwQY
MBaAFKBPyYDt/EeeBGrgKxDlckW7ksi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VfSmdPMzhSNTRFYXVBckVPVnlSYnVTeUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNTVkZjEtMGJhNi00MzBmLTgwOWQt
NmIwMzVjZWUxOTgxLzEvb0VfSmdPMzhSNTRFYXVBckVPVnlSYnVTeUxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNTVkZjEtMGJhNi00MzBmLTgwOWQtNmIwMzVjZWUxOTgx
LzEvb0VfSmdPMzhSNTRFYXVBckVPVnlSYnVTeUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACclfRpXA
72ivlieuzhlB9QLFCaStXaNj2/lC2Da+YD5i0zWNOX8m2meMnzmI4P7p8vdcHvjK
E6h5EgfJVQXQ5MSAbFZDjdeXtKWBsTKdpj9bxumyyJykPZNsAUOm+5GA8qN+vtXU
bMzgV7fKonJgj9XmbhBbT1qC8uhQU6fYnX29XjOLto/EMdQUPB5y5I9g/fubit2y
LNrZDg4FhIB6mHyqbWOxl8uF4I+LNPSrPfsShnrFihftl5tVipGbbULl28BIdqi0
LtPHdeLgL4uIJyfVTtz2xCmPGpuk3vhq5pMA+4LeNT4nW9arExXWTJDjznf3LYHR
YcXQPk+vXpRfgQ==
-----END CERTIFICATE-----