Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          3roKqdCK4RokSkGoTV8bsEN7bGvzcrtHd1vWknC8w74=
Subject key identifier:   12:15:40:31:1C:CF:9D:60:2A:97:93:14:35:50:BA:04:27:EA:5F:A9
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0196760CB018AC19CDAE8CE2402CF4530A53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1208
Signing time:             Sun 27 Apr 2025 07:01:04 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:04 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:04 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: iHrkNiaDdelijRbvmG8Z8+nvcqljF5FDz6gCbnXL6M4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:b0:18:ac:19:cd:ae:8c:e2:40:2c:f4:53:0a:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Apr 27 07:01:04 2025 GMT
            Not After : Apr 28 07:01:04 2025 GMT
        Subject: CN=121540311ccf9d602a9793143550ba0427ea5fa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:79:29:25:d6:5e:6a:f9:a1:15:08:7a:5a:6c:
                    48:ec:7b:c5:87:37:97:74:7e:30:3b:9d:73:2b:0e:
                    41:c3:e0:e1:3a:61:b4:8c:ab:8f:a9:64:45:9e:90:
                    5e:87:9b:1f:b6:f1:4d:50:68:c4:be:94:9f:8d:04:
                    65:a4:67:71:2c:71:17:c9:41:b5:07:cb:ca:75:e1:
                    78:53:01:2d:8f:f8:bd:8d:7c:ce:bc:5f:bf:71:d1:
                    9f:b7:a0:52:0d:5f:4d:48:e4:ef:65:da:cf:a8:35:
                    f5:c9:3c:f0:f9:e9:08:5b:07:55:e4:06:15:f0:ee:
                    1e:37:b8:b5:6f:2e:d3:86:73:f6:c5:1d:f5:92:5d:
                    60:bd:65:2f:f2:11:57:27:fb:3b:6a:a4:28:6d:e3:
                    29:26:ea:12:e9:d0:29:7c:0c:07:99:84:66:4d:bb:
                    49:c0:1b:94:d1:15:cc:9b:cd:d1:42:d9:69:94:33:
                    37:be:4e:20:98:68:1a:6a:e9:57:8f:5f:bb:2f:b8:
                    58:04:08:a5:bd:90:56:0f:d4:83:a9:30:b5:83:30:
                    db:31:64:b5:a4:7d:9c:f9:6f:56:a3:67:9f:67:ff:
                    12:ba:c9:05:a0:a4:d8:21:e5:60:8d:b9:aa:cf:26:
                    50:4e:80:5b:62:cf:be:a2:3a:13:b9:fc:03:01:8f:
                    19:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:15:40:31:1C:CF:9D:60:2A:97:93:14:35:50:BA:04:27:EA:5F:A9
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:07:54:89:47:15:a4:87:f4:aa:07:28:55:e5:a5:2c:c9:11:
         91:0d:ea:00:82:61:99:ba:89:b7:af:2a:36:51:2f:62:3d:58:
         a5:42:c2:cd:15:43:2e:bf:13:e8:b0:c0:1d:03:bd:5d:dd:c7:
         f9:9c:1d:51:99:4a:dd:ba:f8:14:d1:48:58:62:78:f0:f5:89:
         b4:7e:f7:23:27:ac:a5:a2:2e:61:59:12:39:b5:56:0e:26:8d:
         0b:0a:1e:70:99:ee:1b:a6:71:3b:62:58:d1:df:35:ad:93:a9:
         0a:6f:6f:05:d6:dc:7a:52:f8:04:83:38:8f:ea:ca:71:4c:e6:
         b1:17:a9:86:e0:79:e4:f2:b4:14:02:c4:52:98:1f:1b:d0:59:
         23:e7:90:cf:96:67:a7:fb:59:58:de:64:3f:6e:a5:94:10:81:
         42:c2:83:65:ef:70:74:6a:57:b8:19:ca:7f:54:97:02:d4:37:
         aa:9e:00:07:71:56:df:31:5c:5f:be:0f:ca:58:e4:9a:32:b4:
         96:d8:c1:33:1f:37:50:77:53:af:fe:66:c2:67:54:91:eb:7c:
         80:9f:f6:e4:12:7a:d0:ee:87:76:bf:30:75:8d:d6:9c:fa:f9:
         d0:4a:50:ff:91:da:56:8f:12:a5:ae:0c:50:1d:db:8c:3a:f5:
         78:89:dd:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DLAYrBnNroziQCz0UwpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwNDI3MDcwMTA0WhcNMjUwNDI4MDcwMTA0WjAzMTEwLwYDVQQD
EygxMjE1NDAzMTFjY2Y5ZDYwMmE5NzkzMTQzNTUwYmEwNDI3ZWE1ZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXkpJdZeavmhFQh6WmxI7HvFhzeX
dH4wO51zKw5Bw+DhOmG0jKuPqWRFnpBeh5sftvFNUGjEvpSfjQRlpGdxLHEXyUG1
B8vKdeF4UwEtj/i9jXzOvF+/cdGft6BSDV9NSOTvZdrPqDX1yTzw+ekIWwdV5AYV
8O4eN7i1by7ThnP2xR31kl1gvWUv8hFXJ/s7aqQobeMpJuoS6dApfAwHmYRmTbtJ
wBuU0RXMm83RQtlplDM3vk4gmGgaaulXj1+7L7hYBAilvZBWD9SDqTC1gzDbMWS1
pH2c+W9Wo2efZ/8SuskFoKTYIeVgjbmqzyZQToBbYs++ojoTufwDAY8ZzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIVQDEcz51gKpeTFDVQugQn6l+pMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARAdUiUcV
pIf0qgcoVeWlLMkRkQ3qAIJhmbqJt68qNlEvYj1YpULCzRVDLr8T6LDAHQO9Xd3H
+ZwdUZlK3br4FNFIWGJ48PWJtH73IyespaIuYVkSObVWDiaNCwoecJnuG6ZxO2JY
0d81rZOpCm9vBdbcelL4BIM4j+rKcUzmsRephuB55PK0FALEUpgfG9BZI+eQz5Zn
p/tZWN5kP26llBCBQsKDZe9wdGpXuBnKf1SXAtQ3qp4AB3FW3zFcX74PyljkmjK0
ltjBMx83UHdTr/5mwmdUket8gJ/25BJ60O6Hdr8wdY3WnPr50EpQ/5HaVo8Spa4M
UB3bjDr1eIndnw==
-----END CERTIFICATE-----