Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          DKBWMf/D6WY07iooiVcgvHY3eigk9dwaqYMwA9pszFY=
Subject key identifier:   5C:02:A2:AF:3C:52:E1:C8:40:B5:20:6A:CC:1A:5E:75:16:53:64:98
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0197711ADAE5F02B1AC6C1D543A44DEF82B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          158E
Signing time:             Sun 15 Jun 2025 01:01:14 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:14 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:14 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: oas5qCBuhQ0A+8K2WbEnAlCIpTs08JTdBZ3SYe8PJF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:da:e5:f0:2b:1a:c6:c1:d5:43:a4:4d:ef:82:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Jun 15 01:01:14 2025 GMT
            Not After : Jun 16 01:01:14 2025 GMT
        Subject: CN=5c02a2af3c52e1c840b5206acc1a5e7516536498
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:35:a1:55:79:db:d0:c6:07:fd:07:c3:13:bd:
                    66:a1:1d:e7:67:0d:1b:83:55:f2:01:c7:4f:ca:ea:
                    52:a4:c5:0b:0c:fa:c9:95:be:1e:05:3a:79:dd:73:
                    4f:ec:7b:8d:b5:a7:d3:d5:bf:9c:21:b0:9b:39:91:
                    cc:50:7d:46:50:db:48:c8:ea:7c:69:03:6a:54:84:
                    69:9b:cf:f5:f9:7d:11:9c:94:18:e7:a5:18:94:8f:
                    65:c1:30:f9:d7:6f:06:39:2e:b7:00:5e:77:06:67:
                    94:d9:42:7e:cf:44:a6:21:5a:84:99:6b:de:1f:1f:
                    6a:89:e5:fe:f0:31:aa:43:6a:07:72:c8:09:6f:30:
                    6a:54:89:97:5d:00:10:90:81:a2:4e:fc:70:24:b0:
                    d6:99:ea:34:34:95:cb:f3:26:6b:e2:8d:c1:14:fe:
                    41:f7:6d:72:e0:84:33:32:36:1f:80:2a:c8:39:5e:
                    31:94:b2:0c:13:10:23:84:d4:16:32:14:c5:c5:88:
                    c5:24:da:da:1a:24:c9:f4:ff:b0:d3:4f:42:99:89:
                    16:6c:e5:59:80:d3:ec:e5:47:7b:e7:bb:71:82:16:
                    60:ce:33:50:06:c4:ae:3b:75:23:8d:bf:b5:6e:80:
                    b2:9b:e6:8f:3c:97:55:a0:ca:22:c5:f4:7c:b2:70:
                    82:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:02:A2:AF:3C:52:E1:C8:40:B5:20:6A:CC:1A:5E:75:16:53:64:98
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:ae:f8:2e:21:ce:6b:df:a7:7a:09:82:cd:41:ba:a4:53:69:
         32:31:02:7b:77:29:7e:d7:9e:58:6b:b1:e0:d4:43:af:c6:08:
         b1:85:a1:27:3d:d0:83:35:50:69:94:a3:ab:80:8f:95:d8:e8:
         2e:4a:65:59:ee:5d:2e:65:5e:0a:0d:e3:32:47:63:17:da:d2:
         0b:b4:e8:7f:c1:27:cc:a4:8c:f8:63:90:f5:71:0b:f1:a4:9b:
         a7:27:56:07:13:92:8e:ac:a8:a9:02:49:0e:a2:3e:e4:88:bb:
         ca:c5:a7:54:19:aa:26:12:54:0b:f4:e3:ec:aa:f8:1a:8a:26:
         1e:95:a6:0a:07:18:f2:e1:54:fd:99:d3:73:12:64:c7:3f:0a:
         2f:d0:d6:8c:2f:82:9c:15:b4:7f:23:cf:a8:44:c1:36:e8:93:
         61:38:1e:55:88:7c:88:77:c5:52:dd:5d:91:ec:7d:10:f2:0d:
         dd:94:0d:84:15:3b:50:65:2b:d8:c9:33:cf:e8:ae:5f:eb:4d:
         f1:a3:23:e4:5e:53:de:d5:a0:cc:1b:8f:0b:92:e9:39:b2:4a:
         91:78:5c:15:5e:b7:b6:28:b8:4b:e9:00:ed:47:56:e8:7c:d8:
         c8:24:42:93:90:0b:73:81:f9:67:63:7a:66:52:f4:d5:90:b5:
         ab:40:da:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGtrl8CsaxsHVQ6RN74KwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwNjE1MDEwMTE0WhcNMjUwNjE2MDEwMTE0WjAzMTEwLwYDVQQD
Eyg1YzAyYTJhZjNjNTJlMWM4NDBiNTIwNmFjYzFhNWU3NTE2NTM2NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DWhVXnb0MYH/QfDE71moR3nZw0b
g1XyAcdPyupSpMULDPrJlb4eBTp53XNP7HuNtafT1b+cIbCbOZHMUH1GUNtIyOp8
aQNqVIRpm8/1+X0RnJQY56UYlI9lwTD5128GOS63AF53BmeU2UJ+z0SmIVqEmWve
Hx9qieX+8DGqQ2oHcsgJbzBqVImXXQAQkIGiTvxwJLDWmeo0NJXL8yZr4o3BFP5B
921y4IQzMjYfgCrIOV4xlLIMExAjhNQWMhTFxYjFJNraGiTJ9P+w009CmYkWbOVZ
gNPs5Ud757txghZgzjNQBsSuO3Ujjb+1boCym+aPPJdVoMoixfR8snCCKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwCoq88UuHIQLUgaswaXnUWU2SYMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp674LiHO
a9+negmCzUG6pFNpMjECe3cpfteeWGux4NRDr8YIsYWhJz3QgzVQaZSjq4CPldjo
LkplWe5dLmVeCg3jMkdjF9rSC7Tof8EnzKSM+GOQ9XEL8aSbpydWBxOSjqyoqQJJ
DqI+5Ii7ysWnVBmqJhJUC/Tj7Kr4GoomHpWmCgcY8uFU/ZnTcxJkxz8KL9DWjC+C
nBW0fyPPqETBNuiTYTgeVYh8iHfFUt1dkex9EPIN3ZQNhBU7UGUr2Mkzz+iuX+tN
8aMj5F5T3tWgzBuPC5LpObJKkXhcFV63tii4S+kA7UdW6HzYyCRCk5ALc4H5Z2N6
ZlL01ZC1q0Da7Q==
-----END CERTIFICATE-----