Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          1yR8hiekFwzGtvnFle2sGCsmZVcMRMP6ZfCsoBDcMJU=
Subject key identifier:   E2:B9:53:F1:19:D2:C0:CF:AB:FC:D0:C2:7F:5E:63:B1:7F:52:41:FA
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       019679EA2A05B2AC932E26D3C45EF30CE76C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          046D
Signing time:             Mon 28 Apr 2025 01:01:51 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:51 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:51 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: sDfykTRAUjrNz8AI4Jkt1yXbsb9edDIdwSE7GJAVZOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:ea:2a:05:b2:ac:93:2e:26:d3:c4:5e:f3:0c:e7:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Apr 28 01:01:51 2025 GMT
            Not After : Apr 29 01:01:51 2025 GMT
        Subject: CN=e2b953f119d2c0cfabfcd0c27f5e63b17f5241fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7d:6d:dc:37:d5:8a:12:fd:27:c8:1d:f2:53:
                    5f:4c:0c:b8:68:5f:7c:6a:e8:8d:52:aa:1f:b0:cb:
                    22:40:b9:a3:b3:65:f4:bd:68:9d:50:2c:e6:30:e6:
                    e0:62:bf:4d:f8:b5:36:89:03:bc:4f:d4:e5:5a:b4:
                    7f:58:01:dc:e8:92:e3:49:ef:76:db:d9:da:59:52:
                    c8:51:70:0a:ce:1a:88:9c:b4:9b:dd:ce:32:85:80:
                    47:26:51:50:2e:c3:3f:ab:66:a7:e7:e0:ab:ff:9b:
                    72:a8:af:ae:37:68:3d:dd:f7:c6:2e:2e:7e:5d:53:
                    aa:55:80:ab:9a:1e:c7:38:a6:e2:70:4c:89:8b:95:
                    34:04:d8:df:69:7c:ba:18:a7:ca:f0:12:7e:b6:8f:
                    10:98:27:f9:41:fc:91:97:d2:cb:57:6c:5f:e5:5a:
                    cc:fc:2f:01:bf:40:ee:7e:b8:77:e1:8f:44:57:1b:
                    75:d2:ad:98:c2:f1:c5:3a:58:f0:1c:ae:c2:c7:54:
                    16:6d:9f:c8:5f:84:5c:e8:d3:9c:e7:9a:cc:04:8c:
                    df:e9:a1:31:3a:20:28:e5:90:e3:3b:53:a4:3a:3a:
                    98:26:a7:e5:4c:50:81:ff:bd:25:9e:db:f2:44:02:
                    af:0c:e9:63:04:66:1b:d4:75:03:3c:69:64:a3:e8:
                    2c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:B9:53:F1:19:D2:C0:CF:AB:FC:D0:C2:7F:5E:63:B1:7F:52:41:FA
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:c8:08:a4:94:71:bc:96:fa:7c:45:82:61:fd:65:0a:b2:68:
         4a:f0:3f:de:e0:38:c2:7a:1d:c7:f8:1c:cc:e9:b8:bd:52:ac:
         aa:0f:7e:7b:a4:c3:45:fd:d2:59:9d:cb:61:f0:fb:88:14:8f:
         23:b5:11:8c:a1:92:eb:15:ac:e9:82:5c:e8:f8:65:92:63:f3:
         60:0f:ba:90:08:90:64:4d:3a:8a:34:d2:44:73:e7:d7:b9:ef:
         e6:82:12:c6:97:50:aa:a8:bb:62:ac:a5:31:22:6a:22:ca:2c:
         7d:3d:a6:9a:a1:54:d8:bb:55:c7:85:30:6e:24:ba:9a:21:8a:
         7b:8d:66:de:02:cc:d1:76:f8:31:f8:0f:cc:ad:76:ca:a3:13:
         5f:71:61:45:96:30:b7:45:56:94:a3:41:cf:56:15:6e:d4:18:
         5b:ae:d4:9a:8e:78:73:70:e1:e3:d7:d5:c6:c7:cc:2f:81:fb:
         c7:4f:92:df:2e:be:8d:f6:4d:28:5e:8b:52:e1:3b:26:91:5f:
         6c:f4:03:43:b3:30:02:5b:87:3a:54:74:6f:eb:3c:91:5b:35:
         70:ea:bf:b5:83:f7:6b:5c:03:c9:ec:eb:cc:f3:0e:e2:4b:af:
         3f:55:b4:9d:b3:59:9e:5b:60:33:47:f4:b9:49:ad:d4:fb:4c:
         7c:f8:3d:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56ioFsqyTLibTxF7zDOdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUwNDI4MDEwMTUxWhcNMjUwNDI5MDEwMTUxWjAzMTEwLwYDVQQD
EyhlMmI5NTNmMTE5ZDJjMGNmYWJmY2QwYzI3ZjVlNjNiMTdmNTI0MWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH1t3DfVihL9J8gd8lNfTAy4aF98
auiNUqofsMsiQLmjs2X0vWidUCzmMObgYr9N+LU2iQO8T9TlWrR/WAHc6JLjSe92
29naWVLIUXAKzhqInLSb3c4yhYBHJlFQLsM/q2an5+Cr/5tyqK+uN2g93ffGLi5+
XVOqVYCrmh7HOKbicEyJi5U0BNjfaXy6GKfK8BJ+to8QmCf5QfyRl9LLV2xf5VrM
/C8Bv0Dufrh34Y9EVxt10q2YwvHFOljwHK7Cx1QWbZ/IX4Rc6NOc55rMBIzf6aEx
OiAo5ZDjO1OkOjqYJqflTFCB/70lntvyRAKvDOljBGYb1HUDPGlko+gs4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOK5U/EZ0sDPq/zQwn9eY7F/UkH6MB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAusgIpJRx
vJb6fEWCYf1lCrJoSvA/3uA4wnodx/gczOm4vVKsqg9+e6TDRf3SWZ3LYfD7iBSP
I7URjKGS6xWs6YJc6PhlkmPzYA+6kAiQZE06ijTSRHPn17nv5oISxpdQqqi7Yqyl
MSJqIsosfT2mmqFU2LtVx4UwbiS6miGKe41m3gLM0Xb4MfgPzK12yqMTX3FhRZYw
t0VWlKNBz1YVbtQYW67Umo54c3Dh49fVxsfML4H7x0+S3y6+jfZNKF6LUuE7JpFf
bPQDQ7MwAluHOlR0b+s8kVs1cOq/tYP3a1wDyezrzPMO4kuvP1W0nbNZnltgM0f0
uUmt1PtMfPg9Tg==
-----END CERTIFICATE-----