Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File:                     OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier:          FonvrFfZQk21rxVh26S8dPoD9fB6RdfYXdJIQ62iJNE=
Subject key identifier:   07:A8:00:8D:16:DD:EB:EA:BC:11:19:E8:4D:7C:BB:17:9C:F0:CA:DA
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer:       /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial:       019680FE008EB2222D1735E4CF8B7DDE87DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number:          F5
Signing time:             Tue 29 Apr 2025 10:00:51 +0000
Manifest this update:     Tue 29 Apr 2025 10:00:51 +0000
Manifest next update:     Wed 30 Apr 2025 10:00:51 +0000
Files and hashes:         1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: 5Ohb3QnTGJJ+y0d5VgUV4IeSSRRQ1EuX+u17DmSuObQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:fe:00:8e:b2:22:2d:17:35:e4:cf:8b:7d:de:87:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
        Validity
            Not Before: Apr 29 10:00:51 2025 GMT
            Not After : Apr 30 10:00:51 2025 GMT
        Subject: CN=07a8008d16ddebeabc1119e84d7cbb179cf0cada
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:76:c5:bb:82:6d:af:cf:28:e7:c9:08:97:66:
                    b9:c7:5b:03:83:90:cb:50:6c:c1:7f:2c:e0:3f:fd:
                    8e:20:a1:98:ea:4b:f2:2d:6b:63:c1:bc:64:2e:1c:
                    29:14:13:10:7e:8a:1c:76:e2:9b:ab:45:da:96:b1:
                    57:d2:9b:6d:86:b4:08:cf:95:e8:52:6c:a7:b9:22:
                    2e:84:82:88:b7:12:dc:f0:aa:e8:1a:3f:4a:e6:f8:
                    4b:1a:70:8e:1d:b3:3e:ef:8f:5f:49:76:c3:33:aa:
                    fa:79:cc:3d:14:f8:e3:6f:dc:93:f1:fd:65:7b:09:
                    c2:81:1c:ac:22:3b:41:fb:86:fb:0e:fb:53:59:80:
                    b0:f9:49:2d:d8:a9:4e:b8:73:77:51:34:af:c6:5e:
                    be:0d:19:9d:9d:4c:39:56:d2:90:4a:54:c4:3f:5c:
                    9c:8e:b1:fd:e1:be:13:b1:da:b7:18:d1:56:df:bc:
                    7c:2e:d4:52:ea:a1:6f:7d:3b:8e:31:88:91:03:b7:
                    69:c2:a6:43:ba:ca:d4:dc:5a:34:74:51:2d:00:f9:
                    9a:3d:34:0e:3d:79:89:c6:0d:dc:3b:3a:c6:4e:db:
                    94:b5:05:96:7c:43:84:ac:2e:af:5d:56:c8:d1:92:
                    34:55:7b:a9:cd:4b:25:c1:44:1f:13:3b:73:c9:24:
                    0f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A8:00:8D:16:DD:EB:EA:BC:11:19:E8:4D:7C:BB:17:9C:F0:CA:DA
            X509v3 Authority Key Identifier:
                keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:af:a1:a6:7d:cf:e9:70:40:c9:f1:5b:74:af:e9:88:ac:2c:
         ff:c5:24:87:3c:07:00:be:b5:e5:41:8f:09:03:75:35:00:f3:
         b1:a3:73:60:ad:99:b3:9a:e1:a4:9e:b2:ec:93:d4:5e:19:e7:
         9f:4f:34:bc:f5:10:e3:84:88:50:f7:0d:10:5a:3b:3f:5e:e5:
         95:08:95:b1:4c:be:94:2d:ab:a0:23:43:4f:cd:d1:94:09:17:
         5b:62:3e:44:b9:df:27:a6:48:2a:4a:dd:a3:73:99:aa:4d:e4:
         c1:a1:14:12:42:ed:b6:07:ea:ba:4b:35:89:d7:af:b5:44:c6:
         a2:37:3d:26:92:6c:99:ed:39:2d:2c:f3:97:0d:78:f8:1d:2f:
         a7:61:34:1e:49:89:f1:5d:54:f0:ec:e8:30:c7:45:0f:1b:a9:
         77:f3:72:e3:46:e7:90:dc:a1:b0:a9:55:74:51:d0:e5:c1:0c:
         eb:11:14:c5:4a:0d:50:ce:9c:0c:e3:15:1e:aa:6f:e4:53:9d:
         f9:58:12:a7:cd:04:b1:9c:58:d7:9b:03:4f:e3:44:77:6a:b2:
         26:21:cb:9a:4d:af:c2:80:5c:8a:61:d1:bd:a8:3a:62:0a:e2:
         32:84:c4:44:a0:dd:92:46:16:36:0c:20:e5:a7:d3:96:8d:06:
         40:d0:03:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaA/gCOsiItFzXkz4t93ofaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjUwNDI5MTAwMDUxWhcNMjUwNDMwMTAwMDUxWjAzMTEwLwYDVQQD
EygwN2E4MDA4ZDE2ZGRlYmVhYmMxMTE5ZTg0ZDdjYmIxNzljZjBjYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnbFu4Jtr88o58kIl2a5x1sDg5DL
UGzBfyzgP/2OIKGY6kvyLWtjwbxkLhwpFBMQfoocduKbq0XalrFX0ptthrQIz5Xo
UmynuSIuhIKItxLc8KroGj9K5vhLGnCOHbM+749fSXbDM6r6ecw9FPjjb9yT8f1l
ewnCgRysIjtB+4b7DvtTWYCw+Ukt2KlOuHN3UTSvxl6+DRmdnUw5VtKQSlTEP1yc
jrH94b4Tsdq3GNFW37x8LtRS6qFvfTuOMYiRA7dpwqZDusrU3Fo0dFEtAPmaPTQO
PXmJxg3cOzrGTtuUtQWWfEOErC6vXVbI0ZI0VXupzUslwUQfEztzySQPSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAeoAI0W3evqvBEZ6E18uxec8MraMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc6+hpn3P
6XBAyfFbdK/piKws/8UkhzwHAL615UGPCQN1NQDzsaNzYK2Zs5rhpJ6y7JPUXhnn
n080vPUQ44SIUPcNEFo7P17llQiVsUy+lC2roCNDT83RlAkXW2I+RLnfJ6ZIKkrd
o3OZqk3kwaEUEkLttgfquks1idevtUTGojc9JpJsme05LSzzlw14+B0vp2E0HkmJ
8V1U8OzoMMdFDxupd/Ny40bnkNyhsKlVdFHQ5cEM6xEUxUoNUM6cDOMVHqpv5FOd
+VgSp80EsZxY15sDT+NEd2qyJiHLmk2vwoBcimHRvag6YgriMoTERKDdkkYWNgwg
5afTlo0GQNADwg==
-----END CERTIFICATE-----