Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
File:                     oMWM0HH3gLesNAwBROsE-1DMu_E.mft (raw, json)
Hash identifier:          lqQsPVr7mDg+AED/LpN9n1RYjOVhdc3/B2DidXnFXqQ=
Subject key identifier:   48:C3:C4:67:40:8F:21:9C:EC:8B:05:4F:16:BD:C4:D7:8C:B5:6A:A6
Authority key identifier: A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1
Certificate issuer:       /CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
Certificate serial:       019678D681AE9F8352FD312BB7B207A9E690
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
Manifest number:          1501
Signing time:             Sun 27 Apr 2025 20:00:45 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:45 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:45 +0000
Files and hashes:         1: oMWM0HH3gLesNAwBROsE-1DMu_E.crl (hash: anIf7ru/Fgg6sJQCGS7JQxjcqvNY1EIDZHDa7CPIkds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 20:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:81:ae:9f:83:52:fd:31:2b:b7:b2:07:a9:e6:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
        Validity
            Not Before: Apr 27 20:00:45 2025 GMT
            Not After : Apr 28 20:00:45 2025 GMT
        Subject: CN=48c3c467408f219cec8b054f16bdc4d78cb56aa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:59:74:47:a7:96:30:aa:6c:51:ce:89:a4:08:
                    b7:b5:c5:21:1d:83:aa:bf:57:57:7b:c8:4e:b0:63:
                    08:ed:52:6d:64:89:e9:2c:20:d2:49:18:7e:56:db:
                    f9:2d:a7:4a:af:21:33:0c:11:84:27:98:af:64:ba:
                    50:70:08:c7:c8:50:5d:75:0c:51:10:8f:6e:ee:f3:
                    e5:33:17:22:b0:c3:4d:b7:c4:ea:6e:73:65:8d:f7:
                    c5:9f:56:76:11:f3:c1:52:a6:20:49:ba:12:8a:29:
                    ed:14:a9:35:38:37:fa:57:a3:67:a2:2e:f9:29:ad:
                    88:62:fe:d8:bc:5f:4c:f4:ea:fc:ab:a0:e1:2e:c8:
                    d1:d0:b6:a6:af:a2:5c:1c:36:9a:e2:04:f8:a8:6d:
                    9d:31:e7:5e:d1:2b:b7:31:ca:e6:22:86:2c:ad:60:
                    fc:e6:00:d8:f9:c4:b0:e5:47:54:b1:e1:63:30:cd:
                    ed:d1:d8:d0:25:60:97:e9:95:d8:fd:14:3c:9d:b0:
                    36:4e:26:5b:c0:64:66:bc:a1:35:d3:30:bc:34:67:
                    17:cb:8a:a6:d5:da:9d:b5:d5:5d:bf:53:3a:12:2f:
                    90:ea:a8:dc:39:c0:9e:5b:5c:a4:07:a2:1d:72:5b:
                    4f:d3:e1:52:52:a5:8d:fa:8b:24:57:75:d5:98:2d:
                    55:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C3:C4:67:40:8F:21:9C:EC:8B:05:4F:16:BD:C4:D7:8C:B5:6A:A6
            X509v3 Authority Key Identifier:
                keyid:A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:44:6a:6c:91:45:62:4d:2d:12:98:76:52:7e:b8:e6:4e:6e:
         32:dd:85:c6:d7:2f:7d:95:fb:cc:7c:61:b6:82:ee:d1:85:2b:
         25:db:d1:37:0c:a9:5d:13:69:64:03:83:ba:dc:d8:85:d7:fa:
         2c:59:a8:43:ef:a0:18:5e:e5:be:f3:4d:fa:e8:f1:ce:61:df:
         39:36:eb:7b:45:71:77:ef:0a:b6:c3:1a:69:94:93:4b:37:ff:
         94:2f:fc:7b:f1:22:76:c5:67:ef:1f:27:de:96:4a:6f:91:f1:
         9e:85:af:aa:e7:eb:36:82:92:42:5c:8b:38:fc:35:fb:63:81:
         31:dd:2c:2d:55:7f:17:47:f5:9f:d6:27:29:9a:1c:99:3a:0c:
         46:c2:75:7f:8f:84:0f:93:2a:8c:bb:6d:38:d6:51:df:31:73:
         c2:1b:b3:56:01:a1:ab:1f:58:d2:db:73:99:fa:9b:b7:fd:63:
         05:70:c2:ac:47:12:b8:f4:1c:84:11:12:2c:5c:9d:f4:8f:7e:
         06:d7:72:df:d8:b8:34:2f:7f:bd:1f:42:84:aa:fb:fe:ea:8d:
         ac:ae:5a:ca:7f:74:62:61:c2:1b:bf:8f:0f:00:2c:41:82:38:
         4a:0a:13:78:00:78:56:07:86:3f:36:49:19:66:3b:00:a9:d5:
         f1:53:26:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41oGun4NS/TErt7IHqeaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzU4Y2QwNzFmNzgwYjdhYzM0MGMwMTQ0ZWIwNGZiNTBj
Y2JiZjEwHhcNMjUwNDI3MjAwMDQ1WhcNMjUwNDI4MjAwMDQ1WjAzMTEwLwYDVQQD
Eyg0OGMzYzQ2NzQwOGYyMTljZWM4YjA1NGYxNmJkYzRkNzhjYjU2YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFl0R6eWMKpsUc6JpAi3tcUhHYOq
v1dXe8hOsGMI7VJtZInpLCDSSRh+Vtv5LadKryEzDBGEJ5ivZLpQcAjHyFBddQxR
EI9u7vPlMxcisMNNt8TqbnNljffFn1Z2EfPBUqYgSboSiintFKk1ODf6V6Nnoi75
Ka2IYv7YvF9M9Or8q6DhLsjR0Lamr6JcHDaa4gT4qG2dMede0Su3McrmIoYsrWD8
5gDY+cSw5UdUseFjMM3t0djQJWCX6ZXY/RQ8nbA2TiZbwGRmvKE10zC8NGcXy4qm
1dqdtdVdv1M6Ei+Q6qjcOcCeW1ykB6IdcltP0+FSUqWN+oskV3XVmC1VJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjDxGdAjyGc7IsFTxa9xNeMtWqmMB8GA1UdIwQY
MBaAFKDFjNBx94C3rDQMAUTrBPtQzLvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzkt
NjZiMmY5OWMwYjQ1LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzktNjZiMmY5OWMwYjQ1
LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkRqbJFF
Yk0tEph2Un645k5uMt2FxtcvfZX7zHxhtoLu0YUrJdvRNwypXRNpZAODutzYhdf6
LFmoQ++gGF7lvvNN+ujxzmHfOTbre0Vxd+8KtsMaaZSTSzf/lC/8e/EidsVn7x8n
3pZKb5HxnoWvqufrNoKSQlyLOPw1+2OBMd0sLVV/F0f1n9YnKZocmToMRsJ1f4+E
D5MqjLttONZR3zFzwhuzVgGhqx9Y0ttzmfqbt/1jBXDCrEcSuPQchBESLFyd9I9+
Btdy39i4NC9/vR9ChKr7/uqNrK5ayn90YmHCG7+PDwAsQYI4SgoTeAB4VgeGPzZJ
GWY7AKnV8VMmzA==
-----END CERTIFICATE-----