Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
File:                     x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft (raw, json)
Hash identifier:          qgfnPziZIT8ov4CV+TjLPw2wW5W2++OIVJEY+u6ilUQ=
Subject key identifier:   02:DD:C6:A8:4F:ED:E0:85:91:C6:76:AC:09:15:F2:46:50:AC:EA:FF
Authority key identifier: C7:71:FB:42:49:FC:51:88:A9:8B:62:B0:D4:0B:BA:9B:F7:E3:39:23
Certificate issuer:       /CN=c771fb4249fc5188a98b62b0d40bba9bf7e33923
Certificate serial:       019678D656A9E00423390890C8089DA6FB6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
Manifest number:          0267
Signing time:             Sun 27 Apr 2025 20:00:34 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:34 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:34 +0000
Files and hashes:         1: x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl (hash: lfq5XsiADgYp45NUS/mDrxM9HFMtK1GErBTKt9VdTWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:56:a9:e0:04:23:39:08:90:c8:08:9d:a6:fb:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c771fb4249fc5188a98b62b0d40bba9bf7e33923
        Validity
            Not Before: Apr 27 20:00:34 2025 GMT
            Not After : Apr 28 20:00:34 2025 GMT
        Subject: CN=02ddc6a84fede08591c676ac0915f24650aceaff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ba:d2:0b:c6:2c:a8:f7:4c:cf:08:e3:e8:a5:
                    47:48:87:29:99:2f:b7:9c:ef:16:2d:2a:5e:37:82:
                    3c:b7:6d:86:b9:06:3e:78:fc:f0:a2:17:fc:15:f8:
                    d9:33:4f:fb:e9:8d:84:f7:7f:2c:dc:06:83:19:bd:
                    f4:50:a1:c5:96:b2:0e:ee:89:a3:7b:4e:f7:f2:50:
                    b9:1b:a9:83:d5:5c:46:86:51:59:20:2c:8a:cf:95:
                    8b:34:82:5d:bc:12:c7:f9:95:fd:21:5a:0d:da:eb:
                    70:35:e3:a7:99:14:4a:ec:d1:e8:ba:52:5e:16:65:
                    0b:84:7d:0f:f9:b2:43:b8:a2:c7:2e:a9:37:62:5b:
                    f0:e8:39:b8:8a:40:bd:52:59:8d:60:0d:02:9e:ef:
                    b6:fe:cd:56:45:37:70:63:09:e3:d1:46:42:6a:d0:
                    97:e1:50:97:53:a5:66:92:bb:64:ce:80:a9:e4:f4:
                    2b:36:48:e9:a3:68:80:2c:3a:68:0a:e6:b1:8e:19:
                    1b:07:5a:29:d2:7a:a7:50:41:8c:12:87:74:62:4e:
                    86:35:0d:f4:60:e3:02:e2:30:d3:23:4e:9e:cd:93:
                    89:48:55:70:97:85:c6:37:dc:38:61:74:18:e5:4c:
                    93:9b:02:9e:32:22:11:47:05:c2:df:2d:ab:de:33:
                    b9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:DD:C6:A8:4F:ED:E0:85:91:C6:76:AC:09:15:F2:46:50:AC:EA:FF
            X509v3 Authority Key Identifier:
                keyid:C7:71:FB:42:49:FC:51:88:A9:8B:62:B0:D4:0B:BA:9B:F7:E3:39:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:ed:79:1d:0d:03:8a:c5:86:54:9f:17:67:fc:db:65:2c:0a:
         56:19:95:bb:df:fe:17:c8:c0:80:73:20:d8:dd:a2:50:a9:23:
         54:77:fb:a8:11:df:31:e3:93:e4:28:55:a3:60:8b:e5:40:2e:
         1b:7e:58:da:ee:61:ef:1d:e6:11:de:af:b0:b7:d0:fe:70:52:
         a9:86:bd:23:43:42:cc:e9:3b:0f:67:92:7a:47:22:2d:72:b0:
         24:d9:11:01:8c:da:1d:a9:f7:da:ce:11:28:22:32:8f:5d:aa:
         d5:28:40:51:06:bf:df:a5:84:51:47:11:c9:97:10:ff:4b:f2:
         44:6b:d7:93:68:8b:c2:d1:97:16:0f:9a:63:76:ae:76:bc:0f:
         cd:33:95:76:13:2b:ae:8a:56:60:a9:75:09:2d:e0:9c:d4:71:
         de:f0:ac:7f:5e:2e:c8:4c:6c:88:82:f7:d2:2e:96:32:27:22:
         26:09:7a:66:0f:90:54:80:b6:1a:5a:82:48:87:cb:b1:a7:b0:
         0c:70:0e:c2:56:15:4e:0e:ed:74:a2:a4:e0:fe:85:ec:eb:af:
         09:07:da:27:b1:bd:a4:18:f6:06:c1:85:53:ee:ba:a3:de:d8:
         94:38:a6:cc:c3:0a:9e:14:4e:c5:ec:b2:99:b5:ec:b9:b8:40:
         74:95:40:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41lap4AQjOQiQyAidpvtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzFmYjQyNDlmYzUxODhhOThiNjJiMGQ0MGJiYTliZjdl
MzM5MjMwHhcNMjUwNDI3MjAwMDM0WhcNMjUwNDI4MjAwMDM0WjAzMTEwLwYDVQQD
EygwMmRkYzZhODRmZWRlMDg1OTFjNjc2YWMwOTE1ZjI0NjUwYWNlYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrrSC8YsqPdMzwjj6KVHSIcpmS+3
nO8WLSpeN4I8t22GuQY+ePzwohf8FfjZM0/76Y2E938s3AaDGb30UKHFlrIO7omj
e0738lC5G6mD1VxGhlFZICyKz5WLNIJdvBLH+ZX9IVoN2utwNeOnmRRK7NHoulJe
FmULhH0P+bJDuKLHLqk3Ylvw6Dm4ikC9UlmNYA0Cnu+2/s1WRTdwYwnj0UZCatCX
4VCXU6VmkrtkzoCp5PQrNkjpo2iALDpoCuaxjhkbB1op0nqnUEGMEod0Yk6GNQ30
YOMC4jDTI06ezZOJSFVwl4XGN9w4YXQY5UyTmwKeMiIRRwXC3y2r3jO5DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALdxqhP7eCFkcZ2rAkV8kZQrOr/MB8GA1UdIwQY
MBaAFMdx+0JJ/FGIqYtisNQLupv34zkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODc4YWUtZTk3Ny00NWIwLTkyM2Mt
YzkwZmEzNDVjNjZlLzEveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODc4YWUtZTk3Ny00NWIwLTkyM2MtYzkwZmEzNDVjNjZl
LzEveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkO15HQ0D
isWGVJ8XZ/zbZSwKVhmVu9/+F8jAgHMg2N2iUKkjVHf7qBHfMeOT5ChVo2CL5UAu
G35Y2u5h7x3mEd6vsLfQ/nBSqYa9I0NCzOk7D2eSekciLXKwJNkRAYzaHan32s4R
KCIyj12q1ShAUQa/36WEUUcRyZcQ/0vyRGvXk2iLwtGXFg+aY3audrwPzTOVdhMr
ropWYKl1CS3gnNRx3vCsf14uyExsiIL30i6WMiciJgl6Zg+QVIC2GlqCSIfLsaew
DHAOwlYVTg7tdKKk4P6F7OuvCQfaJ7G9pBj2BsGFU+66o97YlDimzMMKnhROxeyy
mbXsubhAdJVAQA==
-----END CERTIFICATE-----