Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          Eqmc0Hdgvwoh7lkoVSgIxwP6fBy8lrV+2jLQqiklEA8=
Subject key identifier:   6C:04:FD:DA:0C:52:F6:F5:B9:F9:E0:7D:C9:A3:4A:F4:66:33:61:2A
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       01976E872DCF832A1A522C1336F3638D7ECF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          09A0
Signing time:             Sat 14 Jun 2025 13:00:42 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:42 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:42 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: WRO9BgYeI12PjKAl95D62i0uR5fgRNaVgWGcK+p1+vE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:2d:cf:83:2a:1a:52:2c:13:36:f3:63:8d:7e:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Jun 14 13:00:42 2025 GMT
            Not After : Jun 15 13:00:42 2025 GMT
        Subject: CN=6c04fdda0c52f6f5b9f9e07dc9a34af46633612a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ce:29:7b:be:ea:3f:64:6c:6b:58:66:1e:99:
                    04:97:ac:36:25:59:bc:56:ec:94:68:f6:0d:6d:6e:
                    ae:8b:92:c5:5b:9c:06:e5:36:ac:3d:24:cd:6c:7a:
                    1d:d4:62:de:3f:46:7c:23:ba:60:3e:82:c6:65:dc:
                    80:73:62:bb:d1:82:3c:db:f5:d6:37:7d:b5:77:90:
                    0e:ab:e8:0c:0e:fa:b4:69:f9:64:5a:65:5f:34:4e:
                    7c:ee:d5:ef:9e:d1:28:18:be:81:3f:69:aa:6e:c4:
                    99:3a:26:7f:60:5b:28:7d:97:ea:d2:9a:1c:62:2d:
                    1a:fe:89:25:f6:94:97:72:17:f1:03:42:4e:f1:28:
                    97:38:f0:fe:4a:a2:16:e4:75:b8:ae:5d:ae:5b:bf:
                    45:9e:90:6e:50:d4:9c:34:2a:94:d0:98:4b:e5:4e:
                    f4:3e:ee:dd:70:09:44:0f:d8:f8:18:b5:8e:e8:e8:
                    f7:94:d7:9c:76:f3:7a:74:3d:68:c7:96:ca:91:df:
                    49:a9:97:6f:d3:c2:19:21:64:36:14:fc:e5:ba:e2:
                    c0:cb:dc:47:4a:d9:dc:e3:f2:11:42:e2:52:b4:ae:
                    4e:64:a5:c3:ff:88:98:b4:33:89:c6:3f:1a:86:88:
                    08:75:7d:34:9c:ed:de:80:40:fc:f6:5d:f1:f6:19:
                    ad:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:04:FD:DA:0C:52:F6:F5:B9:F9:E0:7D:C9:A3:4A:F4:66:33:61:2A
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:11:94:80:c1:89:d7:a8:7f:30:3d:b0:be:f5:11:eb:3e:99:
         92:9d:38:ab:81:7d:6d:b9:d6:75:cf:ca:4a:6f:4b:29:61:b1:
         95:73:d7:fe:1f:91:02:3b:56:bc:30:80:3f:74:c2:89:76:05:
         cd:79:b9:4a:51:ae:33:d1:69:70:7a:10:f0:17:d9:99:01:36:
         87:aa:cd:bd:c1:25:11:75:a4:6a:2c:7e:4f:40:34:8b:2d:97:
         be:14:64:59:6d:7a:58:a1:41:c9:69:2b:ce:1b:d3:a8:fb:20:
         7d:5d:bd:00:39:c7:6b:e4:e2:ad:bb:18:d1:44:c3:d3:e7:25:
         91:91:29:64:39:57:37:2a:a7:42:67:5c:13:fb:38:19:b1:32:
         71:28:58:4e:58:e2:fa:83:79:11:eb:78:d7:59:0a:46:0b:b1:
         c3:55:3e:c9:90:54:d0:3f:2a:79:2c:bb:73:91:11:ec:cc:41:
         af:c9:57:2a:a2:ba:c2:de:09:b7:c7:23:2d:bc:ac:63:2f:cd:
         ca:fe:0e:05:9e:02:80:79:da:b9:25:54:7a:5d:97:67:c0:7f:
         f5:0b:97:45:85:c2:0e:7f:dd:d1:15:07:7e:f0:46:f8:d6:31:
         b1:d1:6f:63:5b:c5:22:f6:6d:49:d3:3c:39:44:4c:f7:6b:cc:
         57:de:5f:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhy3PgyoaUiwTNvNjjX7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUwNjE0MTMwMDQyWhcNMjUwNjE1MTMwMDQyWjAzMTEwLwYDVQQD
Eyg2YzA0ZmRkYTBjNTJmNmY1YjlmOWUwN2RjOWEzNGFmNDY2MzM2MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM4pe77qP2Rsa1hmHpkEl6w2JVm8
VuyUaPYNbW6ui5LFW5wG5TasPSTNbHod1GLeP0Z8I7pgPoLGZdyAc2K70YI82/XW
N321d5AOq+gMDvq0aflkWmVfNE587tXvntEoGL6BP2mqbsSZOiZ/YFsofZfq0poc
Yi0a/okl9pSXchfxA0JO8SiXOPD+SqIW5HW4rl2uW79FnpBuUNScNCqU0JhL5U70
Pu7dcAlED9j4GLWO6Oj3lNecdvN6dD1ox5bKkd9JqZdv08IZIWQ2FPzluuLAy9xH
Stnc4/IRQuJStK5OZKXD/4iYtDOJxj8ahogIdX00nO3egED89l3x9hmtmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwE/doMUvb1ufngfcmjSvRmM2EqMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBGUgMGJ
16h/MD2wvvUR6z6Zkp04q4F9bbnWdc/KSm9LKWGxlXPX/h+RAjtWvDCAP3TCiXYF
zXm5SlGuM9FpcHoQ8BfZmQE2h6rNvcElEXWkaix+T0A0iy2XvhRkWW16WKFByWkr
zhvTqPsgfV29ADnHa+TirbsY0UTD0+clkZEpZDlXNyqnQmdcE/s4GbEycShYTlji
+oN5Eet411kKRguxw1U+yZBU0D8qeSy7c5ER7MxBr8lXKqK6wt4Jt8cjLbysYy/N
yv4OBZ4CgHnauSVUel2XZ8B/9QuXRYXCDn/d0RUHfvBG+NYxsdFvY1vFIvZtSdM8
OURM92vMV95fQg==
-----END CERTIFICATE-----