Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          0KScEUMbgG8kUzq9P5uyccRYOyfmftOO+N/bWjOODps=
Subject key identifier:   71:E2:F7:80:F0:82:2E:1F:6D:34:1A:B9:BA:9C:EC:84:DD:47:5E:00
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       01977075B676E44396FFDC91F9AFEA3D261C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          09E2
Signing time:             Sat 14 Jun 2025 22:00:51 +0000
Manifest this update:     Sat 14 Jun 2025 22:00:51 +0000
Manifest next update:     Sun 15 Jun 2025 22:00:51 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: dXvHCyxPy3lmgICJEaHqtDULL/tfVydj3xspXGt3kPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:75:b6:76:e4:43:96:ff:dc:91:f9:af:ea:3d:26:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Jun 14 22:00:51 2025 GMT
            Not After : Jun 15 22:00:51 2025 GMT
        Subject: CN=71e2f780f0822e1f6d341ab9ba9cec84dd475e00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bc:a7:c7:93:e9:c8:5b:e8:da:14:99:fd:ab:
                    14:26:68:50:9e:2a:99:e6:06:28:49:79:d7:fb:d1:
                    72:db:6d:b2:38:6b:7c:c6:cd:2a:6c:c6:b1:c0:6e:
                    df:af:37:10:0a:15:03:c8:35:b5:11:bd:a0:03:a3:
                    6e:46:06:46:cb:97:50:5c:be:b0:b3:08:7f:db:6a:
                    7e:d4:bf:f3:11:dd:e2:69:4a:1e:04:3f:81:38:85:
                    71:c4:49:49:fd:64:98:cd:5b:59:ab:7c:76:07:03:
                    75:c7:01:0e:6e:05:f5:17:e8:3a:01:04:cb:d5:1a:
                    54:c1:4f:82:0b:1b:69:dd:9d:ff:2e:a8:ed:23:d0:
                    6d:22:d3:ca:d7:a7:51:4b:78:3b:f1:03:70:99:7e:
                    93:4b:c3:ac:2c:c8:ca:c1:47:ce:1a:b8:ea:41:c9:
                    8d:fb:46:49:e8:21:bf:42:b3:5b:c3:3f:41:bb:96:
                    50:55:90:8a:4a:e4:ca:53:18:8d:4d:7e:b0:0e:79:
                    80:2e:55:f5:dc:d8:12:f4:6b:3d:32:c1:63:8b:43:
                    12:b2:bb:dc:b3:51:7c:80:98:9a:07:fd:e7:e7:41:
                    ac:50:ea:b9:b6:dc:41:5b:90:0d:b6:94:3f:c5:56:
                    93:ad:cf:1b:a1:40:28:78:1e:26:2b:6d:d9:d4:71:
                    39:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:E2:F7:80:F0:82:2E:1F:6D:34:1A:B9:BA:9C:EC:84:DD:47:5E:00
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:1f:36:3c:43:9b:7d:db:df:01:13:4a:a7:9e:16:38:82:a4:
         b2:27:60:21:2c:cc:06:85:77:6c:ce:b4:40:88:59:95:b7:d1:
         22:b4:b1:83:e2:4c:e6:42:a7:94:4e:4b:39:28:0c:0f:4b:37:
         b4:42:b7:92:24:f2:4f:23:1b:02:24:60:0b:a1:e5:2e:fb:18:
         c1:ce:df:2e:4c:91:b6:e7:cd:d3:5e:1d:42:f9:42:9e:06:93:
         7c:3b:b1:4b:58:d6:5f:ad:89:46:09:f0:78:99:b3:fb:c8:f2:
         84:10:4a:e7:41:3b:11:2f:2b:ee:46:6f:f8:bf:f5:be:2c:ea:
         a7:0b:97:5e:6c:37:52:de:80:0e:cd:b7:46:62:47:f5:7f:47:
         7e:7f:b0:74:6e:7e:4b:22:a4:2e:14:9b:3d:f5:72:f9:f3:f7:
         e0:e3:fa:c2:87:43:78:4a:5e:ff:6d:f3:98:56:69:2a:3d:66:
         ff:e7:ff:62:57:ec:02:33:bb:d8:f7:0e:5f:f5:45:d3:b7:2f:
         a8:03:a3:e2:ba:f6:cb:f0:bb:21:48:e6:91:e4:1c:c7:05:53:
         87:03:9d:97:67:50:f9:fb:04:a2:63:58:f4:0f:bb:eb:27:9f:
         42:c6:35:04:40:ba:b6:7f:e3:ce:79:55:dc:04:a9:de:f0:10:
         79:9f:79:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwdbZ25EOW/9yR+a/qPSYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwNjE0MjIwMDUxWhcNMjUwNjE1MjIwMDUxWjAzMTEwLwYDVQQD
Eyg3MWUyZjc4MGYwODIyZTFmNmQzNDFhYjliYTljZWM4NGRkNDc1ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbynx5PpyFvo2hSZ/asUJmhQniqZ
5gYoSXnX+9Fy222yOGt8xs0qbMaxwG7frzcQChUDyDW1Eb2gA6NuRgZGy5dQXL6w
swh/22p+1L/zEd3iaUoeBD+BOIVxxElJ/WSYzVtZq3x2BwN1xwEObgX1F+g6AQTL
1RpUwU+CCxtp3Z3/LqjtI9BtItPK16dRS3g78QNwmX6TS8OsLMjKwUfOGrjqQcmN
+0ZJ6CG/QrNbwz9Bu5ZQVZCKSuTKUxiNTX6wDnmALlX13NgS9Gs9MsFji0MSsrvc
s1F8gJiaB/3n50GsUOq5ttxBW5ANtpQ/xVaTrc8boUAoeB4mK23Z1HE5dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHi94Dwgi4fbTQaubqc7ITdR14AMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAex82PEOb
fdvfARNKp54WOIKksidgISzMBoV3bM60QIhZlbfRIrSxg+JM5kKnlE5LOSgMD0s3
tEK3kiTyTyMbAiRgC6HlLvsYwc7fLkyRtufN014dQvlCngaTfDuxS1jWX62JRgnw
eJmz+8jyhBBK50E7ES8r7kZv+L/1vizqpwuXXmw3Ut6ADs23RmJH9X9Hfn+wdG5+
SyKkLhSbPfVy+fP34OP6wodDeEpe/23zmFZpKj1m/+f/YlfsAjO72PcOX/VF07cv
qAOj4rr2y/C7IUjmkeQcxwVThwOdl2dQ+fsEomNY9A+76yefQsY1BEC6tn/jznlV
3ASp3vAQeZ95ew==
-----END CERTIFICATE-----