Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          S4ExOQ6Oqh6mJ6Cjv/3/l4ttzyr7Uyvu99am7LMg9G0=
Subject key identifier:   BA:B5:28:64:49:54:84:9D:B5:8D:F6:29:8B:F9:95:68:25:79:31:51
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       0196918415BA504D53C2C6BADD793503A0BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          151A
Signing time:             Fri 02 May 2025 15:01:14 +0000
Manifest this update:     Fri 02 May 2025 15:01:14 +0000
Manifest next update:     Sat 03 May 2025 15:01:14 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: YMcunE+qjvam2axmj01r7TbMPFkPdcF3W4ypuT/A6rc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 14:24:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:84:15:ba:50:4d:53:c2:c6:ba:dd:79:35:03:a0:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: May  2 15:01:14 2025 GMT
            Not After : May  3 15:01:14 2025 GMT
        Subject: CN=bab528644954849db58df6298bf9956825793151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f0:f6:97:43:09:d9:f4:f6:ac:f0:df:05:1d:
                    2d:fa:c3:d5:c0:a4:5d:07:b7:01:c2:a9:a3:06:3a:
                    c4:ed:1b:90:97:ea:85:ac:1d:b8:7b:5a:e0:75:cf:
                    62:9f:d0:5e:6b:26:67:08:85:a3:6c:68:29:85:aa:
                    66:1a:78:a9:fe:0e:40:2c:d6:23:6e:32:46:0f:34:
                    6d:a1:fb:c3:43:83:5d:2e:7d:2c:6f:5d:7d:f1:19:
                    6a:59:13:ec:9f:95:f2:ce:13:3c:51:3a:ce:bf:22:
                    11:1d:61:9e:2d:99:7b:a5:f9:be:78:f9:47:c6:a9:
                    53:79:0d:2b:e1:fc:3d:70:7c:0f:7a:d0:c1:74:71:
                    f6:a2:1e:2c:a2:ec:2b:fb:0a:5c:01:6c:fa:38:4e:
                    8c:a5:dc:83:0e:46:90:0f:95:cc:2e:58:88:f6:66:
                    03:9a:ae:c2:29:d7:2b:f9:12:1f:8d:e7:e2:a2:aa:
                    92:d5:f0:b8:47:18:f4:38:86:91:30:fc:28:22:fa:
                    2a:7b:24:18:04:af:b6:29:0b:d4:59:af:bb:15:b9:
                    da:5a:3e:f1:1b:c6:12:cc:fd:25:e6:69:36:0d:b8:
                    c8:c1:8d:7a:9e:39:7d:e6:2b:1e:23:93:ce:e9:c3:
                    97:5f:0f:65:02:b7:15:f4:8c:17:7a:4d:15:21:f1:
                    28:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B5:28:64:49:54:84:9D:B5:8D:F6:29:8B:F9:95:68:25:79:31:51
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:dc:7e:1f:b1:69:63:d4:99:dd:58:6e:9b:52:f3:93:71:b9:
         81:96:14:b4:22:69:5a:c2:38:6f:db:cd:22:0d:3c:0d:a8:04:
         ed:d0:16:f0:5c:99:4b:e7:22:b5:3d:f9:a3:ee:76:03:1c:41:
         b9:62:b2:d6:a0:81:c6:80:64:45:31:7e:2f:d7:5f:25:ca:57:
         60:be:b8:b4:81:68:5e:b3:32:4d:aa:ae:e9:19:3b:89:1a:3d:
         ce:6a:38:93:d1:a7:bb:a4:35:be:54:dd:94:b2:52:4b:d6:15:
         61:47:03:72:c6:9a:85:3f:38:34:75:14:e6:49:70:02:12:30:
         8b:97:85:50:8c:4a:a7:69:cb:e1:03:85:ca:97:5f:95:46:c5:
         ad:ba:65:6a:a1:82:f0:63:08:29:c3:b2:71:e8:c8:39:57:9e:
         49:a8:a4:95:41:df:af:dd:01:1e:c4:37:69:90:95:df:2d:e9:
         dc:85:3f:40:13:93:e5:54:82:83:40:22:c8:e3:b0:3e:1d:f4:
         be:58:7a:de:5b:05:cc:72:a7:d1:a9:08:c7:aa:19:75:ca:03:
         30:ae:92:36:d4:a0:be:87:3b:69:20:e1:7c:54:3b:84:b3:73:
         98:bf:af:7a:8a:53:75:1c:0e:7e:fa:c5:1a:94:2f:22:8b:06:
         d7:2e:5e:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRhBW6UE1Twsa63Xk1A6C9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwNTAyMTUwMTE0WhcNMjUwNTAzMTUwMTE0WjAzMTEwLwYDVQQD
EyhiYWI1Mjg2NDQ5NTQ4NDlkYjU4ZGY2Mjk4YmY5OTU2ODI1NzkzMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/D2l0MJ2fT2rPDfBR0t+sPVwKRd
B7cBwqmjBjrE7RuQl+qFrB24e1rgdc9in9BeayZnCIWjbGgphapmGnip/g5ALNYj
bjJGDzRtofvDQ4NdLn0sb1198RlqWRPsn5XyzhM8UTrOvyIRHWGeLZl7pfm+ePlH
xqlTeQ0r4fw9cHwPetDBdHH2oh4souwr+wpcAWz6OE6MpdyDDkaQD5XMLliI9mYD
mq7CKdcr+RIfjefioqqS1fC4Rxj0OIaRMPwoIvoqeyQYBK+2KQvUWa+7FbnaWj7x
G8YSzP0l5mk2DbjIwY16njl95iseI5PO6cOXXw9lArcV9IwXek0VIfEojwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq1KGRJVISdtY32KYv5lWgleTFRMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9x+H7Fp
Y9SZ3Vhum1Lzk3G5gZYUtCJpWsI4b9vNIg08DagE7dAW8FyZS+citT35o+52AxxB
uWKy1qCBxoBkRTF+L9dfJcpXYL64tIFoXrMyTaqu6Rk7iRo9zmo4k9Gnu6Q1vlTd
lLJSS9YVYUcDcsaahT84NHUU5klwAhIwi5eFUIxKp2nL4QOFypdflUbFrbplaqGC
8GMIKcOycejIOVeeSaiklUHfr90BHsQ3aZCV3y3p3IU/QBOT5VSCg0AiyOOwPh30
vlh63lsFzHKn0akIx6oZdcoDMK6SNtSgvoc7aSDhfFQ7hLNzmL+veopTdRwOfvrF
GpQvIosG1y5eVg==
-----END CERTIFICATE-----