Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
File:                     x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft (raw, json)
Hash identifier:          UyouovgA9vNs5i7fkhr2KkrS8mlMGKPacPGoTPabbO4=
Subject key identifier:   2D:F5:25:3C:D9:FE:7E:69:E4:F4:1D:0A:4C:7F:44:16:F1:03:74:3F
Authority key identifier: C7:71:FB:42:49:FC:51:88:A9:8B:62:B0:D4:0B:BA:9B:F7:E3:39:23
Certificate issuer:       /CN=c771fb4249fc5188a98b62b0d40bba9bf7e33923
Certificate serial:       01976C2B521BDDD4D0C7EB770A2F7E10F099
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
Manifest number:          02E5
Signing time:             Sat 14 Jun 2025 02:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 02:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 02:01:07 +0000
Files and hashes:         1: x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl (hash: RB2KMquevZRd133GnG/BTCO/hx3lho+0lunX945UqE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:52:1b:dd:d4:d0:c7:eb:77:0a:2f:7e:10:f0:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c771fb4249fc5188a98b62b0d40bba9bf7e33923
        Validity
            Not Before: Jun 14 02:01:07 2025 GMT
            Not After : Jun 15 02:01:07 2025 GMT
        Subject: CN=2df5253cd9fe7e69e4f41d0a4c7f4416f103743f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:cb:88:c9:f7:ec:57:28:14:fb:d9:f1:d5:cb:
                    9b:77:2b:d5:40:7c:5a:50:ec:16:ab:66:81:9b:1e:
                    c3:50:5a:1c:85:4a:52:6e:13:d1:a7:49:c8:ba:db:
                    4c:ab:06:33:bb:2c:bb:8f:fc:a5:b4:6f:e8:5e:dc:
                    b4:04:a8:75:9e:b9:26:34:da:e2:4e:90:c5:f7:b1:
                    1a:8e:0d:b2:fd:f1:b4:91:84:d9:72:56:8c:62:96:
                    68:86:8a:26:30:1c:30:79:b6:3c:58:5f:c0:80:ab:
                    83:77:d8:c9:3b:97:19:f7:33:1a:6b:76:30:25:21:
                    68:ab:61:3e:7f:6d:28:cd:eb:6d:18:f9:42:7e:92:
                    ca:a6:9e:00:f2:b2:9c:c2:c4:5e:f1:9b:58:bc:7d:
                    f2:b3:5c:d3:78:ba:43:af:e7:b5:d2:01:25:d7:3f:
                    46:dd:06:09:ce:43:e0:f8:e6:bb:8c:22:b7:78:39:
                    f4:0b:f7:61:5f:ab:3d:80:5a:bb:1f:6c:e5:13:d6:
                    fc:96:48:ee:87:d4:38:b9:49:e3:c3:b4:26:a2:8a:
                    80:03:9b:cc:ec:f6:a4:d9:e7:c5:60:ad:de:d4:17:
                    4e:5e:07:9c:c9:29:72:7a:e3:49:31:97:5a:0c:39:
                    d1:c3:66:e3:ff:7f:a2:e6:c2:d2:04:7c:3f:7a:74:
                    ba:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:F5:25:3C:D9:FE:7E:69:E4:F4:1D:0A:4C:7F:44:16:F1:03:74:3F
            X509v3 Authority Key Identifier:
                keyid:C7:71:FB:42:49:FC:51:88:A9:8B:62:B0:D4:0B:BA:9B:F7:E3:39:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:35:43:09:f9:fa:58:f8:f4:72:c9:8a:12:c6:23:b6:0c:1c:
         63:a2:d5:9a:39:c8:a9:22:a4:a7:c6:00:e5:ff:db:04:6d:49:
         51:a1:e7:9b:37:ab:88:71:ef:7c:99:3f:41:3c:ad:a6:70:3d:
         b9:3c:c9:1e:98:32:f6:72:95:be:d5:86:69:31:0e:c0:9f:c7:
         75:e5:5f:58:01:9b:b9:4e:93:c1:69:36:5b:5d:56:1a:df:01:
         14:da:1e:60:50:23:89:66:fe:5f:78:21:63:f1:24:63:0a:03:
         3b:f9:4a:94:64:79:a6:fb:72:1b:44:b4:d9:9c:4f:50:aa:66:
         0d:ff:16:87:ec:64:ac:3d:b9:3b:ed:c0:3e:99:bc:9f:c0:f1:
         84:04:59:1b:78:11:17:50:05:e2:0c:a7:b4:39:90:06:65:7c:
         22:9d:a0:47:dc:96:1f:e6:bd:0e:2c:de:86:20:ef:a3:e6:43:
         8c:e1:23:2f:2e:00:d8:7c:fb:fd:7a:36:51:be:84:71:f0:37:
         2b:2f:24:65:ef:09:da:2b:63:32:b4:9a:d8:50:b4:f3:f9:f8:
         ca:78:61:47:d6:07:d0:58:34:01:7d:55:26:4d:1b:a7:3e:27:
         89:52:7e:f0:ca:1a:67:e3:04:65:b1:84:97:d5:4e:a4:ba:7b:
         68:d3:c6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK1Ib3dTQx+t3Ci9+EPCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzFmYjQyNDlmYzUxODhhOThiNjJiMGQ0MGJiYTliZjdl
MzM5MjMwHhcNMjUwNjE0MDIwMTA3WhcNMjUwNjE1MDIwMTA3WjAzMTEwLwYDVQQD
EygyZGY1MjUzY2Q5ZmU3ZTY5ZTRmNDFkMGE0YzdmNDQxNmYxMDM3NDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksuIyffsVygU+9nx1cubdyvVQHxa
UOwWq2aBmx7DUFochUpSbhPRp0nIuttMqwYzuyy7j/yltG/oXty0BKh1nrkmNNri
TpDF97Eajg2y/fG0kYTZclaMYpZohoomMBwwebY8WF/AgKuDd9jJO5cZ9zMaa3Yw
JSFoq2E+f20ozettGPlCfpLKpp4A8rKcwsRe8ZtYvH3ys1zTeLpDr+e10gEl1z9G
3QYJzkPg+Oa7jCK3eDn0C/dhX6s9gFq7H2zlE9b8lkjuh9Q4uUnjw7QmooqAA5vM
7Pak2efFYK3e1BdOXgecySlyeuNJMZdaDDnRw2bj/3+i5sLSBHw/enS6NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC31JTzZ/n5p5PQdCkx/RBbxA3Q/MB8GA1UdIwQY
MBaAFMdx+0JJ/FGIqYtisNQLupv34zkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODc4YWUtZTk3Ny00NWIwLTkyM2Mt
YzkwZmEzNDVjNjZlLzEveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODc4YWUtZTk3Ny00NWIwLTkyM2MtYzkwZmEzNDVjNjZl
LzEveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjVDCfn6
WPj0csmKEsYjtgwcY6LVmjnIqSKkp8YA5f/bBG1JUaHnmzeriHHvfJk/QTytpnA9
uTzJHpgy9nKVvtWGaTEOwJ/HdeVfWAGbuU6TwWk2W11WGt8BFNoeYFAjiWb+X3gh
Y/EkYwoDO/lKlGR5pvtyG0S02ZxPUKpmDf8Wh+xkrD25O+3APpm8n8DxhARZG3gR
F1AF4gyntDmQBmV8Ip2gR9yWH+a9DizehiDvo+ZDjOEjLy4A2Hz7/Xo2Ub6EcfA3
Ky8kZe8J2itjMrSa2FC08/n4ynhhR9YH0Fg0AX1VJk0bpz4niVJ+8MoaZ+MEZbGE
l9VOpLp7aNPG3Q==
-----END CERTIFICATE-----