Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          F61l8FUUcv6tqvrppwKNLAPL8Wv3QFRqYWAnlW/K9wA=
Subject key identifier:   98:C5:D1:22:80:21:B9:C8:6D:46:3A:50:1D:1A:A2:15:E9:05:DD:A9
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       01976BF41DD1A453CC1698C763FE76D5680D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 01:00:49 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:49 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:49 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: N5KHJUN27c4z1IAulcGmGFXmO99zq+QzZQc1tNBKDNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:1d:d1:a4:53:cc:16:98:c7:63:fe:76:d5:68:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Jun 14 01:00:49 2025 GMT
            Not After : Jun 15 01:00:49 2025 GMT
        Subject: CN=98c5d1228021b9c86d463a501d1aa215e905dda9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1e:6c:7a:48:e3:ee:d5:95:a3:0d:e1:0a:67:
                    5e:77:59:d7:17:40:7a:2d:20:32:82:da:d5:57:22:
                    a6:1f:68:2f:a9:cc:79:32:ef:88:2f:ea:19:cd:13:
                    db:5a:5d:40:93:79:38:ac:68:fa:b9:fe:ef:2d:a3:
                    4d:4a:f4:0a:ab:63:7f:96:2c:59:76:35:16:08:7f:
                    99:f0:7f:7f:a2:ab:25:86:d5:28:18:23:0e:9f:84:
                    12:c9:9a:9a:58:79:03:b4:f5:7e:1d:41:bd:a4:40:
                    b2:e9:74:d1:92:e3:c8:29:ce:2d:33:ef:18:0a:d5:
                    f7:ff:16:7f:2d:5e:aa:ea:57:78:a6:f8:46:66:5f:
                    15:5a:6a:6e:a3:18:53:db:0e:db:a7:01:df:0e:72:
                    8f:64:c6:b9:2b:19:a0:70:87:d8:e9:18:34:af:92:
                    c8:ac:65:4f:34:5f:53:90:c6:46:e8:55:5a:ef:5a:
                    42:f5:6e:45:03:9f:e2:34:a0:a2:38:85:49:d2:86:
                    56:87:b0:8f:7c:d8:ba:03:03:0c:13:d5:1b:44:b4:
                    04:c9:26:af:05:5f:c6:86:9f:78:04:f7:33:c4:e2:
                    e2:21:1a:74:77:12:26:5b:d9:7f:a6:80:d8:d2:5e:
                    00:26:48:e3:99:a5:4b:33:91:ed:0d:bc:b3:0c:8b:
                    46:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C5:D1:22:80:21:B9:C8:6D:46:3A:50:1D:1A:A2:15:E9:05:DD:A9
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:37:6e:98:e3:13:1b:12:01:e4:d1:9b:49:00:be:8f:73:81:
         3b:80:0c:ca:9d:e5:8d:0d:55:59:71:04:df:bb:81:0a:56:28:
         82:91:99:79:20:c9:51:93:7d:a3:ef:26:ac:00:61:af:1f:33:
         89:8d:0a:19:ed:f0:55:96:6e:05:76:41:8f:91:fe:fd:e6:9b:
         0e:00:39:40:a3:22:4e:04:f3:24:03:4e:7c:b4:6c:49:72:7f:
         25:a1:64:39:fd:42:5f:1f:1c:75:8f:d0:91:b3:81:0d:82:35:
         cc:47:28:ce:e1:d1:b1:90:f1:17:02:e2:2f:29:2c:2d:ba:64:
         ab:b3:29:f5:bd:77:36:27:8e:72:ae:57:95:81:43:73:82:36:
         b3:ab:4c:35:27:1f:b9:f5:58:92:ea:ce:ac:c6:37:c2:c3:87:
         9d:31:81:4a:f0:40:db:43:f7:b0:c5:8d:89:68:d3:6f:49:40:
         1c:49:17:e1:d3:29:27:46:d4:8a:6a:5a:15:2f:db:a5:c4:df:
         f6:2a:7b:fc:63:7c:3c:5b:bc:0a:7e:28:03:6c:a4:26:21:d8:
         7b:4b:6c:52:b8:fb:bd:71:20:73:dd:c9:4b:be:44:c8:86:84:
         b6:e7:b5:d8:c2:03:bb:90:20:27:11:e3:0a:51:f0:1a:b9:03:
         1a:b6:42:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9B3RpFPMFpjHY/521WgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjUwNjE0MDEwMDQ5WhcNMjUwNjE1MDEwMDQ5WjAzMTEwLwYDVQQD
Eyg5OGM1ZDEyMjgwMjFiOWM4NmQ0NjNhNTAxZDFhYTIxNWU5MDVkZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR5sekjj7tWVow3hCmded1nXF0B6
LSAygtrVVyKmH2gvqcx5Mu+IL+oZzRPbWl1Ak3k4rGj6uf7vLaNNSvQKq2N/lixZ
djUWCH+Z8H9/oqslhtUoGCMOn4QSyZqaWHkDtPV+HUG9pECy6XTRkuPIKc4tM+8Y
CtX3/xZ/LV6q6ld4pvhGZl8VWmpuoxhT2w7bpwHfDnKPZMa5KxmgcIfY6Rg0r5LI
rGVPNF9TkMZG6FVa71pC9W5FA5/iNKCiOIVJ0oZWh7CPfNi6AwMME9UbRLQEySav
BV/Ghp94BPczxOLiIRp0dxImW9l/poDY0l4AJkjjmaVLM5HtDbyzDItGzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjF0SKAIbnIbUY6UB0aohXpBd2pMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWjdumOMT
GxIB5NGbSQC+j3OBO4AMyp3ljQ1VWXEE37uBClYogpGZeSDJUZN9o+8mrABhrx8z
iY0KGe3wVZZuBXZBj5H+/eabDgA5QKMiTgTzJANOfLRsSXJ/JaFkOf1CXx8cdY/Q
kbOBDYI1zEcozuHRsZDxFwLiLyksLbpkq7Mp9b13NieOcq5XlYFDc4I2s6tMNScf
ufVYkurOrMY3wsOHnTGBSvBA20P3sMWNiWjTb0lAHEkX4dMpJ0bUimpaFS/bpcTf
9ip7/GN8PFu8Cn4oA2ykJiHYe0tsUrj7vXEgc93JS75EyIaEtue12MIDu5AgJxHj
ClHwGrkDGrZC6Q==
-----END CERTIFICATE-----