Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          oP9hE63LqQVAm+6OWHQD7NGZtGzoxtxDhdX8DOCyI4s=
Subject key identifier:   27:81:66:1D:76:50:54:E1:FA:66:E8:8D:73:FF:A3:46:6F:95:87:47
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       019677FAE4BAC771B0ECE980D043EA6389D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          150F
Signing time:             Sun 27 Apr 2025 16:00:53 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:53 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:53 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: PPdVelZU7RvFZTkjFaFZsuCwZvQldwMFOZRrZcwmVwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:e4:ba:c7:71:b0:ec:e9:80:d0:43:ea:63:89:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Apr 27 16:00:53 2025 GMT
            Not After : Apr 28 16:00:53 2025 GMT
        Subject: CN=2781661d765054e1fa66e88d73ffa3466f958747
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8a:0c:fd:1b:8e:63:b1:48:cb:30:49:2a:d4:
                    8a:ec:f5:cf:76:f0:55:7d:a8:22:e8:3b:d1:06:87:
                    6f:6e:99:c9:8c:dc:41:31:f9:ea:99:76:8f:56:93:
                    6b:3d:f1:85:4e:ef:ff:99:21:27:47:bd:60:65:56:
                    5f:67:fa:30:0d:da:ac:3b:9f:46:c4:ea:03:c0:99:
                    97:bb:ac:40:a0:0a:fb:33:ba:4c:06:24:a0:ff:35:
                    0c:f8:b9:b1:42:a1:a1:3e:60:88:aa:69:5b:84:18:
                    8c:c8:fc:5a:d7:ba:af:3f:c0:74:6a:77:13:19:a8:
                    69:da:29:ed:db:fd:d0:d6:bc:c1:46:48:2d:92:c1:
                    4a:af:c4:e3:ad:4d:1b:38:b5:cc:18:6d:75:aa:eb:
                    ec:68:0f:e1:7b:12:d0:39:24:41:91:31:c1:4c:92:
                    b3:9b:dc:d5:9a:39:f0:87:6f:51:ca:31:2a:ca:45:
                    cf:6d:16:df:88:51:59:6f:1f:e4:88:f0:63:eb:99:
                    91:88:12:65:28:e4:46:40:37:fa:2e:6d:d6:72:a9:
                    07:d8:d1:5d:88:fb:60:83:66:40:39:14:1e:3a:49:
                    15:db:30:2b:98:25:9f:16:a7:79:a3:84:5b:63:5f:
                    4e:47:ce:24:cc:79:78:2b:01:c4:92:b9:4a:1f:ac:
                    86:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:81:66:1D:76:50:54:E1:FA:66:E8:8D:73:FF:A3:46:6F:95:87:47
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:6c:f2:8c:80:2d:5e:44:07:03:c2:ed:ed:fa:b4:81:71:5d:
         47:53:70:88:cd:c3:c0:c4:8d:1e:ff:d0:82:dd:01:ac:fb:c2:
         1a:01:eb:a1:80:1c:8d:03:29:d8:d7:f7:30:67:3e:37:65:17:
         76:77:dd:0b:95:1c:cd:63:98:10:46:63:14:2c:8c:33:68:94:
         39:41:56:e1:69:ba:bf:2c:69:0a:66:06:40:d3:ea:3a:99:a9:
         7c:e8:f9:18:9c:5a:64:a1:45:0d:8f:83:a2:80:72:b5:be:9a:
         e6:b4:f9:9d:52:e2:b8:9b:8c:b9:1b:9c:03:33:f7:5d:d3:8c:
         1e:e8:3a:86:5d:11:6f:f2:8d:25:9d:ee:be:00:08:4f:17:4d:
         74:36:7e:93:98:36:9d:96:90:b5:d1:fc:83:93:60:45:21:32:
         49:6f:b3:31:d7:3d:dc:1d:1e:26:b1:d1:3b:94:ff:6f:11:79:
         2a:ba:7e:de:0b:a2:da:72:e0:ec:c5:dc:6d:b3:ff:5c:67:93:
         45:12:49:67:98:c5:e8:7a:0a:c3:6c:17:f4:65:2d:ab:ec:ea:
         8b:0a:02:e0:c9:e5:65:42:fa:9e:b4:5c:8c:96:72:9b:2a:35:
         f1:7c:0a:cf:12:47:15:e8:44:ee:14:50:0c:d3:ad:8c:55:2b:
         ab:67:0c:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+uS6x3Gw7OmA0EPqY4nTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjUwNDI3MTYwMDUzWhcNMjUwNDI4MTYwMDUzWjAzMTEwLwYDVQQD
EygyNzgxNjYxZDc2NTA1NGUxZmE2NmU4OGQ3M2ZmYTM0NjZmOTU4NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArooM/RuOY7FIyzBJKtSK7PXPdvBV
fagi6DvRBodvbpnJjNxBMfnqmXaPVpNrPfGFTu//mSEnR71gZVZfZ/owDdqsO59G
xOoDwJmXu6xAoAr7M7pMBiSg/zUM+LmxQqGhPmCIqmlbhBiMyPxa17qvP8B0ancT
Gahp2int2/3Q1rzBRkgtksFKr8TjrU0bOLXMGG11quvsaA/hexLQOSRBkTHBTJKz
m9zVmjnwh29RyjEqykXPbRbfiFFZbx/kiPBj65mRiBJlKORGQDf6Lm3WcqkH2NFd
iPtgg2ZAORQeOkkV2zArmCWfFqd5o4RbY19OR84kzHl4KwHEkrlKH6yG5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeBZh12UFTh+mbojXP/o0ZvlYdHMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHWzyjIAt
XkQHA8Lt7fq0gXFdR1NwiM3DwMSNHv/Qgt0BrPvCGgHroYAcjQMp2Nf3MGc+N2UX
dnfdC5UczWOYEEZjFCyMM2iUOUFW4Wm6vyxpCmYGQNPqOpmpfOj5GJxaZKFFDY+D
ooBytb6a5rT5nVLiuJuMuRucAzP3XdOMHug6hl0Rb/KNJZ3uvgAITxdNdDZ+k5g2
nZaQtdH8g5NgRSEySW+zMdc93B0eJrHRO5T/bxF5Krp+3gui2nLg7MXcbbP/XGeT
RRJJZ5jF6HoKw2wX9GUtq+zqiwoC4MnlZUL6nrRcjJZymyo18XwKzxJHFehE7hRQ
DNOtjFUrq2cMdQ==
-----END CERTIFICATE-----