Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          bMix6C4c3cQpRHROKAz8UHc+fUyRU5e8HjOwOmYgp+A=
Subject key identifier:   78:FA:B9:16:6D:C8:61:3B:5B:7D:17:57:B0:F0:B3:4C:47:2E:C0:A8
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       019677557CD8B25C819F8535A31798138CBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0961
Signing time:             Sun 27 Apr 2025 13:00:13 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:13 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:13 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: cSzG+cm8DMQhorOJqdwNGOM/j4apboTvzBN/UPuklpw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 13:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:55:7c:d8:b2:5c:81:9f:85:35:a3:17:98:13:8c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Apr 27 13:00:13 2025 GMT
            Not After : Apr 28 13:00:13 2025 GMT
        Subject: CN=78fab9166dc8613b5b7d1757b0f0b34c472ec0a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7d:0d:0c:58:8d:ed:c9:d6:2d:b3:35:fa:f1:
                    51:26:07:dc:4d:ed:d2:7d:a9:b6:ef:9a:08:19:2e:
                    2a:93:c9:b3:fb:ea:27:e3:99:ac:87:b7:49:04:45:
                    35:f9:9c:a6:84:53:12:ea:fc:17:63:fa:0f:27:8f:
                    f2:9c:b0:a2:b6:43:dd:97:45:27:ea:67:b7:dd:8f:
                    34:ac:5c:4c:bc:55:83:95:f1:c1:d8:a0:55:6a:4b:
                    4e:42:01:83:ae:26:8d:ec:3a:92:65:e9:37:a2:30:
                    16:5c:3b:51:d3:07:cb:43:48:ba:e0:dd:14:e0:c4:
                    68:52:a8:1a:47:d3:f5:1a:09:53:55:3d:d1:9e:70:
                    79:19:d1:b7:c1:af:64:33:e8:2b:6a:ff:8c:1c:25:
                    c1:9d:79:47:4e:6b:42:7d:15:30:b4:ba:ec:f1:aa:
                    aa:18:1b:c1:05:54:ed:59:93:02:e9:0c:0d:af:f0:
                    31:e7:8d:fd:a8:fb:fa:ad:95:7c:73:27:76:85:04:
                    6e:2e:4e:94:57:39:e1:d2:f2:5e:db:1b:4a:a8:44:
                    d6:b0:31:aa:8e:9d:01:20:35:be:d4:0d:db:89:b7:
                    f0:56:18:1c:12:ec:46:9a:a3:a9:35:aa:82:14:67:
                    a8:3e:f6:06:a6:0d:30:34:1f:a5:4d:7e:59:39:ee:
                    71:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:FA:B9:16:6D:C8:61:3B:5B:7D:17:57:B0:F0:B3:4C:47:2E:C0:A8
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ec:72:d6:8e:4e:4b:0b:82:c2:23:a8:9a:24:5e:84:8e:7d:
         e7:85:38:2a:37:59:cf:a4:a3:bd:05:8f:c2:5d:82:ee:2c:03:
         b4:99:45:d6:76:09:dd:f0:0b:a8:05:81:69:88:fc:f3:48:62:
         2a:71:0a:a8:b1:d6:f6:10:38:15:8f:b2:e2:b4:50:34:d1:0f:
         5f:74:73:81:4b:93:9d:e2:9b:9a:70:90:94:29:c2:3d:e3:98:
         d2:39:db:11:a3:09:90:f9:72:4a:c6:00:42:00:9d:47:75:68:
         20:ac:58:d5:17:5f:a9:e2:f1:ce:66:9e:1c:92:a0:a6:c7:aa:
         fa:0f:c7:4e:cd:6f:cf:db:ec:4c:ec:ae:01:21:fa:77:eb:27:
         ac:99:17:4b:ee:13:3b:ba:a2:6f:2d:55:c8:8b:59:5c:ba:d8:
         e4:1a:c2:01:f6:05:63:a7:dc:2e:49:1b:49:81:b3:4b:33:44:
         04:57:9d:f2:69:cc:72:7f:bf:69:e1:4c:03:01:f7:31:00:99:
         d9:ca:72:65:d9:e8:ce:9f:e0:ea:cd:29:5c:0b:c1:c3:0b:3a:
         7f:d9:1c:55:57:cb:16:f3:75:fa:1c:54:75:e8:15:61:e2:61:
         1a:63:e7:da:7f:f3:10:ee:02:9d:93:66:03:bd:bb:ae:6b:44:
         31:33:d8:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VXzYslyBn4U1oxeYE4y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwNDI3MTMwMDEzWhcNMjUwNDI4MTMwMDEzWjAzMTEwLwYDVQQD
Eyg3OGZhYjkxNjZkYzg2MTNiNWI3ZDE3NTdiMGYwYjM0YzQ3MmVjMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX0NDFiN7cnWLbM1+vFRJgfcTe3S
fam275oIGS4qk8mz++on45msh7dJBEU1+ZymhFMS6vwXY/oPJ4/ynLCitkPdl0Un
6me33Y80rFxMvFWDlfHB2KBVaktOQgGDriaN7DqSZek3ojAWXDtR0wfLQ0i64N0U
4MRoUqgaR9P1GglTVT3RnnB5GdG3wa9kM+grav+MHCXBnXlHTmtCfRUwtLrs8aqq
GBvBBVTtWZMC6QwNr/Ax5439qPv6rZV8cyd2hQRuLk6UVznh0vJe2xtKqETWsDGq
jp0BIDW+1A3bibfwVhgcEuxGmqOpNaqCFGeoPvYGpg0wNB+lTX5ZOe5xYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHj6uRZtyGE7W30XV7Dws0xHLsCoMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD+xy1o5O
SwuCwiOomiRehI5954U4KjdZz6SjvQWPwl2C7iwDtJlF1nYJ3fALqAWBaYj880hi
KnEKqLHW9hA4FY+y4rRQNNEPX3RzgUuTneKbmnCQlCnCPeOY0jnbEaMJkPlySsYA
QgCdR3VoIKxY1RdfqeLxzmaeHJKgpseq+g/HTs1vz9vsTOyuASH6d+snrJkXS+4T
O7qiby1VyItZXLrY5BrCAfYFY6fcLkkbSYGzSzNEBFed8mnMcn+/aeFMAwH3MQCZ
2cpyZdnozp/g6s0pXAvBwws6f9kcVVfLFvN1+hxUdegVYeJhGmPn2n/zEO4CnZNm
A727rmtEMTPYwQ==
-----END CERTIFICATE-----