Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          g1zHjGntXyh7LyMtOx4dhzc8r6zjAvSkGohdSW9j4ws=
Subject key identifier:   43:A4:B0:06:EE:00:AE:94:36:28:16:39:96:F6:57:ED:9F:1C:9E:80
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       01988242F60C934A8F3084BD6E5E46C97DF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          1407
Signing time:             Thu 07 Aug 2025 02:01:22 +0000
Manifest this update:     Thu 07 Aug 2025 02:01:22 +0000
Manifest next update:     Fri 08 Aug 2025 02:01:22 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: XWjnKF9k26dNP06f7I+l59GnMOElLWMsGsdTcvZ+iNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:42:f6:0c:93:4a:8f:30:84:bd:6e:5e:46:c9:7d:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Aug  7 02:01:22 2025 GMT
            Not After : Aug  8 02:01:22 2025 GMT
        Subject: CN=43a4b006ee00ae943628163996f657ed9f1c9e80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:71:72:33:59:48:0f:89:f1:58:b7:53:56:81:
                    47:fa:cb:3f:38:c6:c4:55:22:d5:b2:a1:1d:aa:42:
                    c5:39:ba:4c:b4:4d:44:62:65:ed:94:36:1c:68:4d:
                    fe:c1:1f:05:a1:58:31:0b:d7:75:61:a3:6d:7c:e4:
                    87:1b:4b:33:fd:90:75:77:2e:75:8a:f6:5a:ac:06:
                    da:0c:ec:ee:b7:55:a6:22:51:40:4a:0d:4f:e9:4f:
                    65:a5:b9:11:a1:dc:49:c7:5a:f2:05:69:40:0a:75:
                    e5:89:ca:15:0d:c9:0c:43:3b:86:f9:37:11:3a:0b:
                    b0:35:b0:b0:5e:a6:b3:4f:fd:bb:9e:ca:de:fd:ea:
                    2d:af:db:42:f6:9d:bd:29:89:2c:c7:c0:1a:7b:e3:
                    96:9b:50:28:2b:56:5a:06:8c:81:49:02:50:ce:73:
                    d5:3d:d7:ce:79:53:5a:84:8f:88:8e:f8:59:2e:c0:
                    01:11:99:89:48:0f:ef:fb:99:1a:df:ec:60:3b:90:
                    89:08:b9:b4:ae:c7:81:4c:ad:d5:0f:00:b0:32:58:
                    de:9a:70:cc:80:b3:fa:27:ef:51:27:df:2c:be:f3:
                    31:c7:66:b0:76:d5:8c:9a:26:0a:b4:7a:30:cf:c2:
                    92:cb:f2:47:91:88:40:0a:ab:26:4c:58:40:83:1f:
                    49:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A4:B0:06:EE:00:AE:94:36:28:16:39:96:F6:57:ED:9F:1C:9E:80
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:f3:9f:32:aa:14:cd:00:c5:7a:52:f7:27:32:09:4e:45:94:
         94:60:45:76:be:18:f8:ac:55:c0:13:ef:29:42:2d:9f:cd:cb:
         a3:6b:ca:34:8f:21:67:1a:37:16:24:ee:7b:a7:fa:b5:d9:4c:
         95:ba:83:42:07:4b:4f:bc:e9:81:1b:9a:79:e2:76:fc:73:9a:
         c7:23:f7:3a:00:16:54:c0:b6:9e:38:8f:7e:57:f9:48:4e:df:
         f3:6f:9b:2d:c6:24:10:8c:65:5c:51:b7:39:d1:1c:9a:fb:28:
         fb:de:2c:63:a6:0a:40:08:b4:53:4e:89:3e:a0:69:3a:5b:98:
         3b:d9:3b:bf:51:3d:8f:63:ed:0f:67:e1:cf:01:75:0f:44:ea:
         a2:de:10:0e:73:22:22:24:5f:24:9f:3f:44:82:d4:d3:83:0a:
         28:6e:34:dd:67:43:7a:20:7b:41:f9:b7:1d:b9:25:e8:43:ce:
         13:49:a4:a9:6f:8b:37:98:d2:55:a1:f6:35:37:8f:41:0e:59:
         24:8c:b5:b3:ad:8f:35:11:4c:db:6c:b2:e5:f5:03:d6:8c:20:
         2e:4e:f7:88:9c:26:a6:31:b2:da:82:7f:9c:59:6d:ae:5b:c9:
         91:5c:e1:d7:e9:d8:d7:3e:4c:ab:9b:b7:25:7f:08:f8:cf:cc:
         10:8d:64:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCQvYMk0qPMIS9bl5GyX32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUwODA3MDIwMTIyWhcNMjUwODA4MDIwMTIyWjAzMTEwLwYDVQQD
Eyg0M2E0YjAwNmVlMDBhZTk0MzYyODE2Mzk5NmY2NTdlZDlmMWM5ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3FyM1lID4nxWLdTVoFH+ss/OMbE
VSLVsqEdqkLFObpMtE1EYmXtlDYcaE3+wR8FoVgxC9d1YaNtfOSHG0sz/ZB1dy51
ivZarAbaDOzut1WmIlFASg1P6U9lpbkRodxJx1ryBWlACnXlicoVDckMQzuG+TcR
OguwNbCwXqazT/27nsre/eotr9tC9p29KYksx8Aae+OWm1AoK1ZaBoyBSQJQznPV
PdfOeVNahI+IjvhZLsABEZmJSA/v+5ka3+xgO5CJCLm0rseBTK3VDwCwMljemnDM
gLP6J+9RJ98svvMxx2awdtWMmiYKtHowz8KSy/JHkYhACqsmTFhAgx9JuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOksAbuAK6UNigWOZb2V+2fHJ6AMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo/OfMqoU
zQDFelL3JzIJTkWUlGBFdr4Y+KxVwBPvKUItn83Lo2vKNI8hZxo3FiTue6f6tdlM
lbqDQgdLT7zpgRuaeeJ2/HOaxyP3OgAWVMC2njiPflf5SE7f82+bLcYkEIxlXFG3
OdEcmvso+94sY6YKQAi0U06JPqBpOluYO9k7v1E9j2PtD2fhzwF1D0Tqot4QDnMi
IiRfJJ8/RILU04MKKG403WdDeiB7Qfm3Hbkl6EPOE0mkqW+LN5jSVaH2NTePQQ5Z
JIy1s62PNRFM22yy5fUD1owgLk73iJwmpjGy2oJ/nFltrlvJkVzh1+nY1z5Mq5u3
JX8I+M/MEI1kxA==
-----END CERTIFICATE-----