Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          OfzrmygNlsHbzW9nwY4wD1UILwmPs9U7545z6XhWkQA=
Subject key identifier:   CF:15:8D:EA:D4:1F:E8:41:B4:F8:C5:81:09:0F:FA:01:16:53:46:3B
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       01967EA13DA49709654A9EB2764178DE63D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          1215
Signing time:             Mon 28 Apr 2025 23:00:18 +0000
Manifest this update:     Mon 28 Apr 2025 23:00:18 +0000
Manifest next update:     Tue 29 Apr 2025 23:00:18 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: NadBjRgoOln4VG5a+kQRJoPvFV7HyB2/0DucZNHVKps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:a1:3d:a4:97:09:65:4a:9e:b2:76:41:78:de:63:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Apr 28 23:00:18 2025 GMT
            Not After : Apr 29 23:00:18 2025 GMT
        Subject: CN=cf158dead41fe841b4f8c581090ffa011653463b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7a:52:4d:0e:a6:4c:41:09:9a:e4:c3:0b:84:
                    c3:32:3b:02:1a:e3:c7:6e:22:d8:c9:41:06:0e:f6:
                    66:27:fa:1a:c9:b1:51:93:7a:e5:09:1c:e0:1d:be:
                    01:83:8d:c8:6d:f1:f3:31:df:1a:8e:29:3c:be:6f:
                    11:6d:39:e7:5b:07:62:21:10:1a:6a:5d:78:0c:9b:
                    fc:15:d5:c2:60:d1:41:9f:84:97:f4:9a:16:f8:29:
                    45:89:23:5e:28:9e:d5:06:cc:f6:15:ec:0c:e3:55:
                    b3:58:16:b1:51:10:79:25:ec:15:e0:d0:37:35:94:
                    c4:36:f7:80:09:48:f1:00:08:24:42:80:e5:f0:6b:
                    0a:cf:43:d5:4b:21:fd:89:cf:7d:45:ab:e1:49:5b:
                    56:eb:38:1e:d7:91:47:c8:bd:69:20:35:19:ed:96:
                    af:75:a8:bc:3d:a3:a3:2e:4b:fa:0e:fe:6a:22:9b:
                    fb:d4:35:14:85:98:8a:1b:70:08:00:1b:17:2c:d9:
                    28:00:fe:d4:2c:38:dc:d8:71:3d:40:a9:f0:9a:b0:
                    c4:11:48:97:35:9e:4d:f1:6d:ac:38:7a:88:7c:a5:
                    6c:c1:90:a9:11:8f:e0:13:4b:e1:9e:e9:8c:48:70:
                    72:f6:e9:30:f8:c7:94:e3:70:19:8b:b5:2b:93:17:
                    fb:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:15:8D:EA:D4:1F:E8:41:B4:F8:C5:81:09:0F:FA:01:16:53:46:3B
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:91:5a:8e:82:3f:ca:30:20:b8:b5:03:b7:46:e7:97:02:7e:
         41:9c:8b:e9:7f:fa:6f:8c:bf:7b:8c:af:60:f9:6e:ee:52:91:
         1f:f0:4a:85:7b:a0:8b:89:bc:62:00:5c:38:f7:26:05:2e:32:
         18:48:86:c8:c3:13:fe:10:2d:d6:66:8c:51:00:aa:3d:eb:a2:
         ab:f4:37:cd:23:6e:83:91:54:50:56:7e:80:ff:b6:0c:04:56:
         63:ec:9b:df:07:7b:b7:61:b7:31:2c:3e:24:8a:1f:01:8a:3c:
         ec:dc:20:c7:4b:3c:93:f2:8c:3f:6d:ca:9e:e0:9a:a4:b6:44:
         da:b0:ae:dc:3c:fa:be:f4:1f:8f:06:b3:d8:d1:ec:04:42:56:
         17:43:ab:3f:04:b6:b7:97:08:b4:38:2d:53:24:fc:5a:d6:e0:
         1a:96:4a:fd:35:14:6e:6d:ef:13:f6:4f:c4:e4:89:53:53:c1:
         6e:ea:31:08:ee:dc:69:6a:5d:60:6a:0e:62:26:8e:b4:14:19:
         8c:3e:4c:8a:e5:08:cd:b8:a2:3b:f4:2d:f3:51:4d:50:aa:42:
         8b:1e:df:4c:01:7b:b1:5d:33:c8:ac:e4:14:a0:b4:ec:12:53:
         e8:dd:f0:63:d9:8f:ac:e7:91:73:69:36:89:a1:30:fa:14:7e:
         23:6e:84:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+oT2klwllSp6ydkF43mPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjUwNDI4MjMwMDE4WhcNMjUwNDI5MjMwMDE4WjAzMTEwLwYDVQQD
EyhjZjE1OGRlYWQ0MWZlODQxYjRmOGM1ODEwOTBmZmEwMTE2NTM0NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3pSTQ6mTEEJmuTDC4TDMjsCGuPH
biLYyUEGDvZmJ/oaybFRk3rlCRzgHb4Bg43IbfHzMd8ajik8vm8RbTnnWwdiIRAa
al14DJv8FdXCYNFBn4SX9JoW+ClFiSNeKJ7VBsz2FewM41WzWBaxURB5JewV4NA3
NZTENveACUjxAAgkQoDl8GsKz0PVSyH9ic99RavhSVtW6zge15FHyL1pIDUZ7Zav
dai8PaOjLkv6Dv5qIpv71DUUhZiKG3AIABsXLNkoAP7ULDjc2HE9QKnwmrDEEUiX
NZ5N8W2sOHqIfKVswZCpEY/gE0vhnumMSHBy9ukw+MeU43AZi7Urkxf7wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8VjerUH+hBtPjFgQkP+gEWU0Y7MB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZFajoI/
yjAguLUDt0bnlwJ+QZyL6X/6b4y/e4yvYPlu7lKRH/BKhXugi4m8YgBcOPcmBS4y
GEiGyMMT/hAt1maMUQCqPeuiq/Q3zSNug5FUUFZ+gP+2DARWY+yb3wd7t2G3MSw+
JIofAYo87Nwgx0s8k/KMP23KnuCapLZE2rCu3Dz6vvQfjwaz2NHsBEJWF0OrPwS2
t5cItDgtUyT8WtbgGpZK/TUUbm3vE/ZPxOSJU1PBbuoxCO7caWpdYGoOYiaOtBQZ
jD5MiuUIzbiiO/Qt81FNUKpCix7fTAF7sV0zyKzkFKC07BJT6N3wY9mPrOeRc2k2
iaEw+hR+I26EFw==
-----END CERTIFICATE-----