Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          2loTX4el/qtxP3rNHYjjDeXA4yjHvXIFTuyukZxaKRI=
Subject key identifier:   EE:29:00:5B:20:4A:7F:48:BB:9F:9B:5E:BD:40:97:6B:7D:BC:DB:1F
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019768BBC45AC3F1331BA39C18D434A7A890
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          099C
Signing time:             Fri 13 Jun 2025 10:00:25 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:25 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:25 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: x6bY7g/q1o7z1+Ii7CqM1Boy9cmtNk/+eXKWgJ7oYd8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:c4:5a:c3:f1:33:1b:a3:9c:18:d4:34:a7:a8:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Jun 13 10:00:25 2025 GMT
            Not After : Jun 14 10:00:25 2025 GMT
        Subject: CN=ee29005b204a7f48bb9f9b5ebd40976b7dbcdb1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d7:dd:2e:30:7a:5c:71:25:87:34:ab:25:b6:
                    d5:81:d6:9d:41:74:6e:7c:6e:9b:f5:2e:68:d6:9a:
                    4d:29:34:aa:35:ce:e9:aa:27:ed:40:c4:2a:6a:ab:
                    b4:bd:3e:c0:bb:bb:84:38:cc:65:da:e6:d7:6f:0d:
                    35:11:46:bb:30:27:b5:e0:c8:86:f5:88:d3:14:a0:
                    92:ff:33:38:24:fc:b0:2c:2a:57:7c:4d:dc:31:d0:
                    62:7e:05:ff:af:1a:06:e8:a5:fb:33:65:10:52:67:
                    26:22:72:c7:14:25:9b:f1:d6:8c:ef:20:fc:8f:e6:
                    69:01:f1:ef:0b:17:10:89:62:59:3b:d0:8e:b7:68:
                    f6:1b:53:95:6d:78:12:5f:d9:42:0e:48:cc:76:18:
                    56:f4:e8:82:dd:06:c1:c4:2e:b0:8f:be:94:45:1b:
                    a4:c1:b1:20:23:a0:f2:61:6d:9f:95:86:15:4a:7a:
                    02:c1:4e:1b:8b:92:80:2e:7d:d6:16:f4:16:ae:1b:
                    27:a4:75:27:a1:82:ae:df:d8:12:11:3d:7c:ab:e0:
                    e8:89:29:ac:d4:4d:98:da:ba:b0:5e:1c:c6:8d:b1:
                    f9:d2:45:ce:ac:6b:e4:a5:33:52:f6:77:96:89:3e:
                    41:36:7a:de:bd:07:6b:93:9b:26:ad:1f:15:cd:c2:
                    11:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:29:00:5B:20:4A:7F:48:BB:9F:9B:5E:BD:40:97:6B:7D:BC:DB:1F
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:d0:63:21:90:68:48:c1:ee:a8:f6:89:0e:a3:06:fc:d3:9d:
         ac:a3:c7:38:57:50:da:fc:02:33:7d:d8:92:2d:94:1e:67:bd:
         a8:e6:2d:10:57:5f:d0:36:73:52:a9:71:08:3a:c5:29:4a:3d:
         b4:6a:33:7c:00:fb:a1:e3:88:83:a1:fc:d7:8b:52:8d:a8:11:
         5f:4e:24:0f:f0:ee:2f:af:f4:68:f6:c8:49:99:35:04:96:a7:
         dc:d9:e1:89:5a:21:ce:0b:45:a8:ee:56:f7:8a:ec:e1:b6:38:
         94:6a:e0:a7:d0:4c:d7:ef:a1:ee:ad:5e:9e:77:3a:eb:63:aa:
         e5:21:9b:e4:3d:c6:1d:c8:0d:4a:88:f4:ec:6e:06:33:a1:3e:
         a8:87:7d:f2:c8:91:00:99:03:c7:85:73:b6:cc:ff:32:21:57:
         e1:76:c5:13:6b:ba:34:cc:a2:63:ec:36:2f:75:47:b2:25:4a:
         65:fb:4a:67:20:9d:cf:ce:0e:4f:77:dd:d3:01:ba:d3:2e:5d:
         3a:92:f1:bf:fd:31:cc:f5:f4:b5:61:ca:58:ea:fd:78:45:09:
         28:b0:31:48:aa:5b:95:0a:94:22:05:3d:4c:95:54:21:f1:04:
         6a:cb:a5:e4:5d:26:87:cb:ae:45:c0:75:a8:4b:aa:a7:65:b9:
         09:b9:74:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou8Raw/EzG6OcGNQ0p6iQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwNjEzMTAwMDI1WhcNMjUwNjE0MTAwMDI1WjAzMTEwLwYDVQQD
EyhlZTI5MDA1YjIwNGE3ZjQ4YmI5ZjliNWViZDQwOTc2YjdkYmNkYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dfdLjB6XHElhzSrJbbVgdadQXRu
fG6b9S5o1ppNKTSqNc7pqiftQMQqaqu0vT7Au7uEOMxl2ubXbw01EUa7MCe14MiG
9YjTFKCS/zM4JPywLCpXfE3cMdBifgX/rxoG6KX7M2UQUmcmInLHFCWb8daM7yD8
j+ZpAfHvCxcQiWJZO9COt2j2G1OVbXgSX9lCDkjMdhhW9OiC3QbBxC6wj76URRuk
wbEgI6DyYW2flYYVSnoCwU4bi5KALn3WFvQWrhsnpHUnoYKu39gSET18q+DoiSms
1E2Y2rqwXhzGjbH50kXOrGvkpTNS9neWiT5BNnrevQdrk5smrR8VzcIRDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO4pAFsgSn9Iu5+bXr1Al2t9vNsfMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEdBjIZBo
SMHuqPaJDqMG/NOdrKPHOFdQ2vwCM33Yki2UHme9qOYtEFdf0DZzUqlxCDrFKUo9
tGozfAD7oeOIg6H814tSjagRX04kD/DuL6/0aPbISZk1BJan3NnhiVohzgtFqO5W
94rs4bY4lGrgp9BM1++h7q1ennc662Oq5SGb5D3GHcgNSoj07G4GM6E+qId98siR
AJkDx4Vztsz/MiFX4XbFE2u6NMyiY+w2L3VHsiVKZftKZyCdz84OT3fd0wG60y5d
OpLxv/0xzPX0tWHKWOr9eEUJKLAxSKpblQqUIgU9TJVUIfEEasul5F0mh8uuRcB1
qEuqp2W5Cbl0lA==
-----END CERTIFICATE-----