Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          hsDGc8Y5XwmSbb7nAwasGWhMlOXBeNW2Vitlwr/vNVY=
Subject key identifier:   1E:9C:06:72:39:89:4A:2A:90:69:33:8A:D5:97:9C:18:2C:CF:53:A9
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0196760D37A2FA3B206ADCDF54EADA56CBAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 07:01:39 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:39 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:39 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: +7VhNzlpbYOMeD0xwNzlR3hS96uCs1CQpEAtd0L3KhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0d:37:a2:fa:3b:20:6a:dc:df:54:ea:da:56:cb:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Apr 27 07:01:39 2025 GMT
            Not After : Apr 28 07:01:39 2025 GMT
        Subject: CN=1e9c067239894a2a9069338ad5979c182ccf53a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f7:70:c7:3e:7b:c1:61:17:bb:f8:8b:a3:57:
                    ee:b4:91:df:ec:bd:ca:43:10:41:cc:25:fb:77:d3:
                    7c:54:37:c6:e4:7f:b9:e2:fc:17:7b:26:b1:bb:59:
                    c4:ec:23:fd:16:bd:02:7d:8f:02:8b:aa:3b:a5:5c:
                    ed:89:cf:d1:21:e5:ea:bd:57:9a:be:46:0c:14:fc:
                    9f:37:74:71:95:b4:ed:54:e9:6f:09:5a:32:50:8f:
                    36:e9:59:4b:17:32:56:79:71:35:1b:84:92:9e:d9:
                    e8:ef:27:44:a2:9c:53:2b:e6:eb:3e:e2:bd:84:7e:
                    2d:06:98:f6:7e:82:7e:f7:33:20:3a:0d:81:d4:49:
                    a0:d6:a0:db:a2:17:03:55:a3:ae:33:72:4d:bb:96:
                    4b:2f:5c:74:b4:46:f8:4a:8c:38:e6:c2:3c:14:1c:
                    0b:cd:30:79:89:86:4b:96:b6:e1:db:65:d9:1f:2d:
                    43:2d:08:ce:5f:5c:1c:95:b8:a6:3f:14:6d:4d:9e:
                    b4:1b:4d:3d:6f:69:52:15:1b:b7:ab:9c:b5:3a:3d:
                    da:6a:48:20:93:27:09:85:f1:8e:07:09:04:5e:81:
                    9d:8f:83:03:db:58:ab:1e:05:30:14:e3:d8:0e:6e:
                    82:f6:03:a2:39:29:67:23:4c:af:ba:14:b8:a6:5e:
                    a4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:9C:06:72:39:89:4A:2A:90:69:33:8A:D5:97:9C:18:2C:CF:53:A9
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:f0:94:17:7e:e5:64:9f:6a:bf:d3:56:be:45:c3:3c:ad:ff:
         e2:80:08:da:29:9f:68:48:46:92:9d:fb:ed:3b:04:b6:7f:1b:
         4a:f2:a0:bb:9d:ba:4e:9b:bc:1f:57:18:0e:fb:e2:31:86:f4:
         18:0e:6c:63:76:9a:d8:ad:d5:e7:79:cc:41:e3:c5:d7:6d:10:
         b1:f8:55:57:4c:39:a2:8a:d1:6b:85:b6:1e:13:74:00:75:a3:
         a2:6f:2b:da:22:2b:c3:8b:ec:1d:f2:6c:e6:f4:05:0e:9e:b8:
         31:32:e2:79:79:16:99:ed:35:ec:a3:de:25:e0:7d:f9:68:63:
         71:a8:23:82:16:d4:95:42:21:84:0d:4e:c0:fa:d5:cf:a6:b0:
         4a:0d:22:b8:07:b1:2b:95:22:3e:0e:b0:08:83:e5:36:92:3a:
         be:84:f8:af:7c:e2:cc:10:67:4e:53:5b:c6:de:f6:88:5e:8e:
         d4:94:9c:24:08:ba:9a:75:61:71:a9:1c:57:1b:5d:fb:f0:7f:
         40:f6:1d:7d:a1:90:bc:a4:de:44:e8:7e:d0:21:9e:0f:af:65:
         fd:4a:e4:a5:d0:b6:38:19:de:a7:5c:e0:0c:43:3b:3f:47:b3:
         b6:b0:b8:4f:f7:e4:7a:6a:a9:97:af:62:83:db:c0:c8:6b:c5:
         87:57:4f:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DTei+jsgatzfVOraVsuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwNDI3MDcwMTM5WhcNMjUwNDI4MDcwMTM5WjAzMTEwLwYDVQQD
EygxZTljMDY3MjM5ODk0YTJhOTA2OTMzOGFkNTk3OWMxODJjY2Y1M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPdwxz57wWEXu/iLo1futJHf7L3K
QxBBzCX7d9N8VDfG5H+54vwXeyaxu1nE7CP9Fr0CfY8Ci6o7pVztic/RIeXqvVea
vkYMFPyfN3RxlbTtVOlvCVoyUI826VlLFzJWeXE1G4SSntno7ydEopxTK+brPuK9
hH4tBpj2foJ+9zMgOg2B1Emg1qDbohcDVaOuM3JNu5ZLL1x0tEb4Sow45sI8FBwL
zTB5iYZLlrbh22XZHy1DLQjOX1wclbimPxRtTZ60G009b2lSFRu3q5y1Oj3aakgg
kycJhfGOBwkEXoGdj4MD21irHgUwFOPYDm6C9gOiOSlnI0yvuhS4pl6k2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6cBnI5iUoqkGkzitWXnBgsz1OpMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsfCUF37l
ZJ9qv9NWvkXDPK3/4oAI2imfaEhGkp377TsEtn8bSvKgu526Tpu8H1cYDvviMYb0
GA5sY3aa2K3V53nMQePF120QsfhVV0w5oorRa4W2HhN0AHWjom8r2iIrw4vsHfJs
5vQFDp64MTLieXkWme017KPeJeB9+WhjcagjghbUlUIhhA1OwPrVz6awSg0iuAex
K5UiPg6wCIPlNpI6voT4r3zizBBnTlNbxt72iF6O1JScJAi6mnVhcakcVxtd+/B/
QPYdfaGQvKTeROh+0CGeD69l/UrkpdC2OBnep1zgDEM7P0eztrC4T/fkemqpl69i
g9vAyGvFh1dPOQ==
-----END CERTIFICATE-----