Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          uJZY6gaUuqdI7f+pVeD9nbSij7ANFYcFJNSuMY0/OcU=
Subject key identifier:   C3:F4:83:DF:89:CA:B3:2B:25:5D:0B:1D:6E:64:63:21:1D:DE:B2:22
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       019771F5E16690FF7C736F02EE468A66C97D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          137A
Signing time:             Sun 15 Jun 2025 05:00:28 +0000
Manifest this update:     Sun 15 Jun 2025 05:00:28 +0000
Manifest next update:     Mon 16 Jun 2025 05:00:28 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: G3EbxwYmo/J2O2iIDp0xe4QWHRp2T6JPFr7umoQ/fAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:f5:e1:66:90:ff:7c:73:6f:02:ee:46:8a:66:c9:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Jun 15 05:00:28 2025 GMT
            Not After : Jun 16 05:00:28 2025 GMT
        Subject: CN=c3f483df89cab32b255d0b1d6e6463211ddeb222
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:4c:c0:9c:03:7c:f5:9b:17:e1:7d:e6:62:6c:
                    04:37:fc:f8:b5:5b:d8:4d:01:fe:c5:45:d2:06:be:
                    a8:b3:14:b0:dd:57:6c:21:ac:ba:38:3a:e8:c4:93:
                    5c:2a:1f:84:e4:94:37:bf:cf:98:3f:67:a1:32:3a:
                    18:d3:d3:d2:1d:64:39:c9:79:6c:6a:19:a6:30:34:
                    d9:ca:4d:10:c6:0a:5f:8c:c2:b6:34:cf:3e:b2:07:
                    d3:d8:d1:92:c0:68:29:fe:b5:14:f3:65:64:0e:98:
                    02:ef:8b:07:f9:dc:45:c1:00:0f:a8:5d:99:27:9b:
                    b8:1c:9b:b1:52:83:10:e0:73:b3:95:83:1f:fe:f1:
                    02:4c:b8:01:f4:d3:2a:b4:0b:7b:b5:10:73:7a:da:
                    a2:68:e8:9b:cb:41:d6:e3:58:3b:4a:65:0e:3c:19:
                    84:c0:5b:5c:21:7f:e5:1d:42:60:70:af:1d:15:cf:
                    a3:ae:64:e2:ad:ec:db:12:0c:fa:66:d1:96:b7:fd:
                    32:8c:3b:b0:49:6a:bd:3b:dd:fc:20:5d:b8:8f:4b:
                    67:91:ac:81:fb:e0:75:2e:58:69:dc:0c:e1:c8:28:
                    f6:c9:f2:62:12:bb:70:3f:1b:64:1b:cb:84:62:14:
                    ee:e1:87:62:6c:29:77:3d:86:b4:46:2a:f4:57:ab:
                    39:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:F4:83:DF:89:CA:B3:2B:25:5D:0B:1D:6E:64:63:21:1D:DE:B2:22
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:bc:78:a6:bc:92:ca:dd:d8:42:f7:ac:c2:55:b9:94:96:90:
         43:e8:91:81:48:6b:2e:c5:f7:26:d6:03:96:33:37:83:64:62:
         55:88:4a:77:1b:8d:a4:42:c6:9a:ca:ab:08:71:b0:b1:03:b2:
         95:ce:5b:3b:4b:43:6c:5b:03:f7:ae:66:72:76:06:81:cb:cb:
         b7:23:ee:0f:85:aa:26:1c:09:a4:13:70:91:3d:52:f8:92:f1:
         22:5b:37:3d:ab:08:53:80:0f:32:05:01:5d:60:02:7f:9e:6f:
         6d:69:e0:59:00:d0:89:3a:bc:d6:b0:f2:10:66:a3:db:c2:27:
         95:ca:53:dc:77:08:ca:f0:a6:d9:d0:ae:e5:2e:d4:31:4c:e1:
         82:20:07:b8:aa:94:ed:8a:1f:74:f6:22:08:aa:97:ad:1e:86:
         5d:5f:75:63:68:59:6d:03:b7:cf:45:3a:44:a4:a9:5f:46:18:
         e6:c4:cc:54:3e:d9:7b:f7:7d:1f:f8:da:9d:5f:36:94:c2:e6:
         cf:ab:2d:84:c8:f2:8e:fe:88:3e:d6:01:72:63:6b:9e:6f:e7:
         83:78:92:fd:d4:f5:41:b3:43:12:3e:4b:ff:19:0e:4c:64:b1:
         a0:3a:b2:5f:96:84:f8:1c:e6:1e:8f:ef:00:2e:97:24:48:e4:
         42:72:6e:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdx9eFmkP98c28C7kaKZsl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUwNjE1MDUwMDI4WhcNMjUwNjE2MDUwMDI4WjAzMTEwLwYDVQQD
EyhjM2Y0ODNkZjg5Y2FiMzJiMjU1ZDBiMWQ2ZTY0NjMyMTFkZGViMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UzAnAN89ZsX4X3mYmwEN/z4tVvY
TQH+xUXSBr6osxSw3VdsIay6ODroxJNcKh+E5JQ3v8+YP2ehMjoY09PSHWQ5yXls
ahmmMDTZyk0QxgpfjMK2NM8+sgfT2NGSwGgp/rUU82VkDpgC74sH+dxFwQAPqF2Z
J5u4HJuxUoMQ4HOzlYMf/vECTLgB9NMqtAt7tRBzetqiaOiby0HW41g7SmUOPBmE
wFtcIX/lHUJgcK8dFc+jrmTirezbEgz6ZtGWt/0yjDuwSWq9O938IF24j0tnkayB
++B1Llhp3AzhyCj2yfJiErtwPxtkG8uEYhTu4YdibCl3PYa0Rir0V6s5IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMP0g9+JyrMrJV0LHW5kYyEd3rIiMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkrx4pryS
yt3YQveswlW5lJaQQ+iRgUhrLsX3JtYDljM3g2RiVYhKdxuNpELGmsqrCHGwsQOy
lc5bO0tDbFsD965mcnYGgcvLtyPuD4WqJhwJpBNwkT1S+JLxIls3PasIU4APMgUB
XWACf55vbWngWQDQiTq81rDyEGaj28InlcpT3HcIyvCm2dCu5S7UMUzhgiAHuKqU
7YofdPYiCKqXrR6GXV91Y2hZbQO3z0U6RKSpX0YY5sTMVD7Ze/d9H/janV82lMLm
z6sthMjyjv6IPtYBcmNrnm/ng3iS/dT1QbNDEj5L/xkOTGSxoDqyX5aE+BzmHo/v
AC6XJEjkQnJuFA==
-----END CERTIFICATE-----