Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
File:                     oMWM0HH3gLesNAwBROsE-1DMu_E.mft (raw, json)
Hash identifier:          OWFIxQOYAROgXBmNn5GWWHktuW67993GAnJtn3zSoR4=
Subject key identifier:   9B:98:2E:23:3C:0C:57:4B:86:B9:B2:0C:C7:A7:23:56:B8:9D:60:D9
Authority key identifier: A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1
Certificate issuer:       /CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
Certificate serial:       01976C2B5C0672E19257DD519EB3ABA0E9E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
Manifest number:          157F
Signing time:             Sat 14 Jun 2025 02:01:10 +0000
Manifest this update:     Sat 14 Jun 2025 02:01:10 +0000
Manifest next update:     Sun 15 Jun 2025 02:01:10 +0000
Files and hashes:         1: oMWM0HH3gLesNAwBROsE-1DMu_E.crl (hash: O14x3G0wJHwHFlM7W7ZkZJELwF4QMtlFEqMZAnzxOws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:5c:06:72:e1:92:57:dd:51:9e:b3:ab:a0:e9:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
        Validity
            Not Before: Jun 14 02:01:10 2025 GMT
            Not After : Jun 15 02:01:10 2025 GMT
        Subject: CN=9b982e233c0c574b86b9b20cc7a72356b89d60d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:3c:25:6b:2f:49:60:9b:d5:33:e8:f5:18:b4:
                    98:fe:56:06:aa:4e:0a:4d:cc:0d:ff:97:79:91:7d:
                    00:4a:b5:46:6a:fb:e2:80:c1:f6:57:00:f3:10:4a:
                    97:75:3e:25:1e:2e:52:4c:ce:7f:d1:f3:d4:f2:98:
                    56:04:4b:03:99:e8:6f:c9:f1:05:72:8e:40:ad:e0:
                    f4:82:9c:a4:a1:a7:e4:bf:9a:72:b2:92:06:88:0f:
                    b7:50:36:f8:0e:16:4c:94:a9:42:38:9f:74:a1:65:
                    4a:bb:2d:68:76:2d:09:66:eb:52:69:8e:eb:61:1d:
                    be:fd:14:64:97:12:c1:c7:6f:5d:0c:30:31:52:14:
                    a5:34:2f:30:1f:97:bc:88:ba:2e:cf:c9:38:3c:46:
                    e4:21:fe:6e:c9:cf:79:52:bf:e6:a9:fb:e0:19:c4:
                    c7:b8:11:de:4f:74:30:18:8e:5f:0c:51:8a:51:1f:
                    95:ab:c6:a1:cd:36:31:25:0b:f7:8f:a8:34:c8:7d:
                    d4:f4:d6:14:a4:fa:e6:32:8c:b8:10:b6:f8:c3:60:
                    be:b2:fe:78:74:eb:51:c1:fc:45:6f:22:d0:23:e4:
                    0f:b8:79:72:18:8a:a1:51:2c:67:38:c7:db:6c:09:
                    e4:69:6f:62:5e:cb:73:1e:f6:4f:5b:24:6c:57:88:
                    0a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:98:2E:23:3C:0C:57:4B:86:B9:B2:0C:C7:A7:23:56:B8:9D:60:D9
            X509v3 Authority Key Identifier:
                keyid:A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:0a:8d:ef:01:34:03:3a:0d:d9:57:9a:ab:db:9a:72:a8:4b:
         ba:40:1b:61:a2:f5:ee:08:7c:f1:cf:a9:71:ca:3b:0c:ba:20:
         fa:44:bc:86:02:4c:40:f0:c3:00:f7:18:6f:fc:c6:a3:71:d0:
         42:45:1e:d4:b5:b1:78:9c:07:2a:9f:99:1d:b5:e2:49:1b:1e:
         5f:ce:24:14:e3:5d:6f:16:2b:28:79:2a:bc:d2:df:9a:17:db:
         b5:c9:9d:2a:7b:12:b7:6d:75:15:e0:d9:43:13:78:d9:36:67:
         f2:1c:15:99:c4:2f:7b:e2:33:30:76:b0:d7:01:28:eb:54:42:
         58:0c:7f:d6:05:72:e4:29:ae:8e:71:88:b6:dc:a5:c7:37:3f:
         f4:ed:c2:61:a8:49:8b:2c:a2:ce:ee:6d:99:6c:06:d2:6b:2c:
         65:92:f2:24:3e:56:49:f8:73:08:b2:38:60:17:e9:ca:d7:2e:
         d3:76:c5:10:18:24:4a:53:5b:1e:f0:ab:4d:cf:84:d3:cc:8e:
         41:06:3d:e3:1b:7c:67:cb:3d:c9:5b:1b:4d:fa:a7:c0:7e:e1:
         73:74:34:35:d8:5b:ef:d4:4c:3d:e2:24:bc:42:0d:21:82:e3:
         b2:62:3f:2f:a0:d3:6c:42:50:06:e4:8d:2c:e8:51:4f:2d:09:
         d6:8b:13:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK1wGcuGSV91RnrOroOnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzU4Y2QwNzFmNzgwYjdhYzM0MGMwMTQ0ZWIwNGZiNTBj
Y2JiZjEwHhcNMjUwNjE0MDIwMTEwWhcNMjUwNjE1MDIwMTEwWjAzMTEwLwYDVQQD
Eyg5Yjk4MmUyMzNjMGM1NzRiODZiOWIyMGNjN2E3MjM1NmI4OWQ2MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzwlay9JYJvVM+j1GLSY/lYGqk4K
TcwN/5d5kX0ASrVGavvigMH2VwDzEEqXdT4lHi5STM5/0fPU8phWBEsDmehvyfEF
co5AreD0gpykoafkv5pyspIGiA+3UDb4DhZMlKlCOJ90oWVKuy1odi0JZutSaY7r
YR2+/RRklxLBx29dDDAxUhSlNC8wH5e8iLouz8k4PEbkIf5uyc95Ur/mqfvgGcTH
uBHeT3QwGI5fDFGKUR+Vq8ahzTYxJQv3j6g0yH3U9NYUpPrmMoy4ELb4w2C+sv54
dOtRwfxFbyLQI+QPuHlyGIqhUSxnOMfbbAnkaW9iXstzHvZPWyRsV4gKPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuYLiM8DFdLhrmyDMenI1a4nWDZMB8GA1UdIwQY
MBaAFKDFjNBx94C3rDQMAUTrBPtQzLvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzkt
NjZiMmY5OWMwYjQ1LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzktNjZiMmY5OWMwYjQ1
LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHwqN7wE0
AzoN2Veaq9uacqhLukAbYaL17gh88c+pcco7DLog+kS8hgJMQPDDAPcYb/zGo3HQ
QkUe1LWxeJwHKp+ZHbXiSRseX84kFONdbxYrKHkqvNLfmhfbtcmdKnsSt211FeDZ
QxN42TZn8hwVmcQve+IzMHaw1wEo61RCWAx/1gVy5CmujnGIttylxzc/9O3CYahJ
iyyizu5tmWwG0mssZZLyJD5WSfhzCLI4YBfpytcu03bFEBgkSlNbHvCrTc+E08yO
QQY94xt8Z8s9yVsbTfqnwH7hc3Q0Ndhb79RMPeIkvEINIYLjsmI/L6DTbEJQBuSN
LOhRTy0J1osT7A==
-----END CERTIFICATE-----