Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
File:                     OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft (raw, json)
Hash identifier:          qjlKAFGv1wih5pV0QcUcHh/KyGbeuX0kErEp/6VqYXs=
Subject key identifier:   A2:A2:C5:24:9D:D9:F3:8C:C3:09:66:B7:59:75:AE:3A:91:2D:2D:25
Authority key identifier: 3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D
Certificate issuer:       /CN=3abc6247ee0caec365a8022f5f8c6feccca5710d
Certificate serial:       019778D450489C043287651DAA621AE806D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
Manifest number:          0E73
Signing time:             Mon 16 Jun 2025 13:01:09 +0000
Manifest this update:     Mon 16 Jun 2025 13:01:09 +0000
Manifest next update:     Tue 17 Jun 2025 13:01:09 +0000
Files and hashes:         1: OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl (hash: 5CNvNbR8YxVdnYJypAFPZshf049pTZA+rE8MUsHJWT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:d4:50:48:9c:04:32:87:65:1d:aa:62:1a:e8:06:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3abc6247ee0caec365a8022f5f8c6feccca5710d
        Validity
            Not Before: Jun 16 13:01:09 2025 GMT
            Not After : Jun 17 13:01:09 2025 GMT
        Subject: CN=a2a2c5249dd9f38cc30966b75975ae3a912d2d25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b4:f4:5c:d6:c4:39:9d:90:7c:8e:85:b4:3e:
                    70:73:23:85:ff:5e:b3:14:67:d9:2d:30:df:09:02:
                    20:81:30:a8:0e:1b:d6:54:a9:38:e7:7d:af:a3:7a:
                    71:82:11:be:21:e6:f5:5b:1c:43:42:43:7e:53:92:
                    cc:03:59:b9:f3:a5:5a:a8:2b:6d:51:cf:df:4a:b8:
                    30:36:f9:6f:76:d4:65:15:49:d7:cc:1f:98:af:76:
                    6e:22:a7:2c:33:be:58:de:3e:8b:20:3a:32:85:95:
                    20:c7:e5:37:77:e5:ba:71:92:1e:98:95:7d:a8:66:
                    38:4c:6a:01:8d:6b:b6:c5:7a:5b:f6:71:ac:b9:89:
                    4b:d8:88:70:2c:6d:96:54:83:07:ae:0c:8b:4c:32:
                    a2:f7:b4:1b:0a:99:a7:30:6c:33:c2:25:bd:53:5d:
                    d8:9a:bb:9f:46:cd:51:de:24:c3:78:d8:7a:2c:d4:
                    75:f5:30:97:5b:e4:ad:1b:f4:e8:f0:5a:de:ba:15:
                    90:56:05:bd:46:2c:36:33:d9:e3:ad:62:e0:fe:51:
                    24:14:4c:89:44:97:7a:00:9e:2c:77:9a:50:00:fe:
                    f3:22:d2:9e:ed:8e:1e:f3:fa:2b:51:61:fe:27:5f:
                    e7:14:96:d0:fe:63:db:fa:48:54:7a:9e:04:d3:55:
                    02:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A2:C5:24:9D:D9:F3:8C:C3:09:66:B7:59:75:AE:3A:91:2D:2D:25
            X509v3 Authority Key Identifier:
                keyid:3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:23:fc:b9:f9:08:42:c6:bb:8a:69:06:14:9a:b0:3b:ea:82:
         23:1e:ac:9e:14:13:6f:4c:59:9d:d3:ea:9f:23:f5:e2:cb:2a:
         87:b0:38:63:d1:8f:58:24:70:21:c8:dd:70:3f:8c:c1:45:8c:
         04:09:34:c8:ec:11:96:cd:bd:ef:b3:ac:b6:a0:0b:e8:a6:08:
         19:1b:79:b7:22:ce:0b:68:e8:0e:2d:bb:f3:40:b4:43:56:b0:
         02:6a:97:20:c8:51:6a:6e:20:57:a7:0b:6f:f2:88:db:20:8a:
         89:f0:5b:07:b1:30:95:02:63:a5:39:92:83:72:a3:87:60:a4:
         37:b7:b6:ea:2a:14:b2:75:1d:82:9c:be:9d:04:86:26:75:a6:
         c7:1f:90:92:4e:d1:f7:a6:69:f2:21:ad:f0:06:64:e8:2f:68:
         b7:e4:c7:3c:3d:6b:de:34:31:b4:b8:27:70:c4:54:d2:c7:3d:
         4e:50:07:1d:ef:b1:d9:1a:61:a9:63:f5:77:da:94:71:56:a5:
         1b:3e:5f:bb:55:32:20:6e:62:4a:df:89:56:49:7c:73:17:69:
         de:c6:20:34:57:ac:00:3a:c7:67:ab:cb:6f:18:d7:7c:6d:61:
         2e:b2:8a:bc:dd:d6:92:06:02:71:ed:f3:c5:73:6a:bb:f9:b0:
         78:bf:70:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd41FBInAQyh2UdqmIa6AbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmM2MjQ3ZWUwY2FlYzM2NWE4MDIyZjVmOGM2ZmVjY2Nh
NTcxMGQwHhcNMjUwNjE2MTMwMTA5WhcNMjUwNjE3MTMwMTA5WjAzMTEwLwYDVQQD
EyhhMmEyYzUyNDlkZDlmMzhjYzMwOTY2Yjc1OTc1YWUzYTkxMmQyZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbT0XNbEOZ2QfI6FtD5wcyOF/16z
FGfZLTDfCQIggTCoDhvWVKk4532vo3pxghG+Ieb1WxxDQkN+U5LMA1m586VaqCtt
Uc/fSrgwNvlvdtRlFUnXzB+Yr3ZuIqcsM75Y3j6LIDoyhZUgx+U3d+W6cZIemJV9
qGY4TGoBjWu2xXpb9nGsuYlL2IhwLG2WVIMHrgyLTDKi97QbCpmnMGwzwiW9U13Y
mrufRs1R3iTDeNh6LNR19TCXW+StG/To8FreuhWQVgW9Riw2M9njrWLg/lEkFEyJ
RJd6AJ4sd5pQAP7zItKe7Y4e8/orUWH+J1/nFJbQ/mPb+khUep4E01UCwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKixSSd2fOMwwlmt1l1rjqRLS0lMB8GA1UdIwQY
MBaAFDq8YkfuDK7DZagCL1+Mb+zMpXENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWIt
YjhjZjY0OWRlMzJjLzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWItYjhjZjY0OWRlMzJj
LzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFyP8ufkI
Qsa7imkGFJqwO+qCIx6snhQTb0xZndPqnyP14ssqh7A4Y9GPWCRwIcjdcD+MwUWM
BAk0yOwRls2977OstqAL6KYIGRt5tyLOC2joDi2780C0Q1awAmqXIMhRam4gV6cL
b/KI2yCKifBbB7EwlQJjpTmSg3Kjh2CkN7e26ioUsnUdgpy+nQSGJnWmxx+Qkk7R
96Zp8iGt8AZk6C9ot+THPD1r3jQxtLgncMRU0sc9TlAHHe+x2RphqWP1d9qUcVal
Gz5fu1UyIG5iSt+JVkl8cxdp3sYgNFesADrHZ6vLbxjXfG1hLrKKvN3WkgYCce3z
xXNqu/mweL9wcg==
-----END CERTIFICATE-----