Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
File:                     oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft (raw, json)
Hash identifier:          I2hsT7vjSKVoQik6RR9iCX0ItQXlf61Euke2A121wfY=
Subject key identifier:   32:94:70:A3:BA:1B:4A:CE:90:A0:59:ED:20:2F:F3:F4:05:8C:6D:E1
Authority key identifier: A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39
Certificate issuer:       /CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
Certificate serial:       0196760CBB352D05F01139066B01BCEA5039
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
Manifest number:          10DF
Signing time:             Sun 27 Apr 2025 07:01:07 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:07 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:07 +0000
Files and hashes:         1: oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl (hash: B6OFTwr/HKidyk3bX0Std4XmvCYpuUkhQ7aZbW9BQ8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:bb:35:2d:05:f0:11:39:06:6b:01:bc:ea:50:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ca33e7f6725eb4ee87ba91b1dd2e1c42168c39
        Validity
            Not Before: Apr 27 07:01:07 2025 GMT
            Not After : Apr 28 07:01:07 2025 GMT
        Subject: CN=329470a3ba1b4ace90a059ed202ff3f4058c6de1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:24:f2:03:02:d1:1a:f9:a5:dd:96:a7:00:c4:
                    5b:c9:a4:41:f0:78:6e:5d:ce:01:5f:8d:64:95:b8:
                    97:35:a7:9c:82:6e:c6:02:e9:83:79:a4:c6:e4:f0:
                    68:2b:af:97:fb:cc:ed:49:5c:10:cc:c4:ec:54:de:
                    60:9f:98:85:7e:f1:73:cd:a2:07:e8:90:8b:64:9b:
                    71:28:40:d6:64:38:6b:ca:74:1b:d2:df:d9:73:f6:
                    a7:e5:4f:cf:d1:75:38:66:2e:ff:16:e9:08:34:85:
                    3c:77:b0:8a:cc:95:12:95:45:33:de:8e:34:9a:00:
                    25:31:07:fc:a1:ef:99:01:8b:ad:8b:35:93:db:13:
                    74:62:2f:d9:c1:e9:6d:26:6c:0c:b5:c2:8e:ac:e3:
                    b6:43:8b:fe:2a:9a:c8:f6:de:89:dc:6c:7d:cf:37:
                    02:3f:fa:17:36:da:23:13:8c:90:77:93:38:8d:00:
                    96:f0:07:65:92:c9:03:32:33:28:e2:82:56:53:86:
                    3f:65:32:8b:bb:b8:15:31:13:23:ac:49:8c:23:1c:
                    5e:73:f0:5c:34:93:84:c2:12:c9:20:ef:2d:fd:f5:
                    a2:20:f0:c8:9c:75:01:25:ae:9c:5c:28:bf:c6:3f:
                    3b:e9:46:e2:c7:23:ac:3e:04:2b:a6:ad:f6:46:5d:
                    82:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:94:70:A3:BA:1B:4A:CE:90:A0:59:ED:20:2F:F3:F4:05:8C:6D:E1
            X509v3 Authority Key Identifier:
                keyid:A0:CA:33:E7:F6:72:5E:B4:EE:87:BA:91:B1:DD:2E:1C:42:16:8C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c4b401-e595-4a00-9123-f21ab7e9e1f5/1/oMoz5_ZyXrTuh7qRsd0uHEIWjDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:c3:24:ad:05:bc:d5:56:d2:95:83:43:4b:55:e2:67:ed:9b:
         a9:8d:16:a4:85:89:3d:dd:50:21:00:ab:92:5c:7c:ef:8e:c1:
         59:d1:db:0b:29:2c:3c:57:d7:7e:23:47:1d:cb:26:8f:c2:51:
         07:ac:df:af:2f:a5:dc:04:f6:b1:0c:88:22:c5:41:ac:00:a5:
         34:a8:2e:53:04:4e:6c:01:15:d3:58:0c:d0:59:c9:b3:23:d6:
         ec:7c:ae:ff:bd:ee:64:d2:0e:3f:c4:fc:c0:5f:e8:98:1b:8b:
         8d:a1:13:a9:1d:9c:0b:2b:95:a8:4c:d0:ed:3d:20:a4:ea:2e:
         a3:49:b9:ae:d0:95:4a:f2:97:6b:4d:b8:7c:48:71:81:f3:68:
         d3:67:f9:29:4c:47:ce:9d:a7:3e:2c:ea:fd:ee:76:d5:5c:2f:
         0f:14:64:16:e1:82:15:2b:3b:ce:da:e1:2e:8d:c5:16:4b:8e:
         c0:d5:99:2d:ba:17:a6:23:c6:08:e3:8c:a8:6f:71:70:c3:74:
         65:a7:7a:67:31:b0:1d:a8:84:5b:bd:8c:c7:5e:4e:95:ae:fa:
         db:99:42:d4:d6:0a:58:51:0b:dc:f7:9c:46:a9:7d:8a:2e:d9:
         86:87:18:af:fd:af:f3:45:26:ed:80:d5:58:16:ca:d2:80:da:
         80:3a:f2:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DLs1LQXwETkGawG86lA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2EzM2U3ZjY3MjVlYjRlZTg3YmE5MWIxZGQyZTFjNDIx
NjhjMzkwHhcNMjUwNDI3MDcwMTA3WhcNMjUwNDI4MDcwMTA3WjAzMTEwLwYDVQQD
EygzMjk0NzBhM2JhMWI0YWNlOTBhMDU5ZWQyMDJmZjNmNDA1OGM2ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCTyAwLRGvml3ZanAMRbyaRB8Hhu
Xc4BX41klbiXNaecgm7GAumDeaTG5PBoK6+X+8ztSVwQzMTsVN5gn5iFfvFzzaIH
6JCLZJtxKEDWZDhrynQb0t/Zc/an5U/P0XU4Zi7/FukINIU8d7CKzJUSlUUz3o40
mgAlMQf8oe+ZAYutizWT2xN0Yi/ZweltJmwMtcKOrOO2Q4v+KprI9t6J3Gx9zzcC
P/oXNtojE4yQd5M4jQCW8AdlkskDMjMo4oJWU4Y/ZTKLu7gVMRMjrEmMIxxec/Bc
NJOEwhLJIO8t/fWiIPDInHUBJa6cXCi/xj876UbixyOsPgQrpq32Rl2C+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKUcKO6G0rOkKBZ7SAv8/QFjG3hMB8GA1UdIwQY
MBaAFKDKM+f2cl607oe6kbHdLhxCFow5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMt
ZjIxYWI3ZTllMWY1LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jNGI0MDEtZTU5NS00YTAwLTkxMjMtZjIxYWI3ZTllMWY1
LzEvb01vejVfWnlYclR1aDdxUnNkMHVIRUlXakRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAocMkrQW8
1VbSlYNDS1XiZ+2bqY0WpIWJPd1QIQCrklx8747BWdHbCyksPFfXfiNHHcsmj8JR
B6zfry+l3AT2sQyIIsVBrAClNKguUwRObAEV01gM0FnJsyPW7Hyu/73uZNIOP8T8
wF/omBuLjaETqR2cCyuVqEzQ7T0gpOouo0m5rtCVSvKXa024fEhxgfNo02f5KUxH
zp2nPizq/e521VwvDxRkFuGCFSs7ztrhLo3FFkuOwNWZLboXpiPGCOOMqG9xcMN0
Zad6ZzGwHaiEW72Mx15Ola7625lC1NYKWFEL3PecRql9ii7ZhocYr/2v80Um7YDV
WBbK0oDagDryUw==
-----END CERTIFICATE-----