Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          qPlTNixW3UZvuhjOw/wyrBS7c7EgMytWL6PkkGacs5w=
Subject key identifier:   37:82:A1:9C:AA:67:CB:41:7B:B7:86:19:68:9B:24:64:F4:49:49:3C
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       01976C98C0AA5B3C4E1C3C06976CA31890E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 04:00:39 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:39 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:39 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: AOiQoyh1zyINT8Df+t92c52+fEU6R2XhQCcoF/MFNvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:c0:aa:5b:3c:4e:1c:3c:06:97:6c:a3:18:90:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Jun 14 04:00:39 2025 GMT
            Not After : Jun 15 04:00:39 2025 GMT
        Subject: CN=3782a19caa67cb417bb78619689b2464f449493c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c8:eb:5f:67:1b:20:0d:af:26:56:b3:db:d2:
                    ad:8a:5d:d6:58:ed:06:c3:a1:6f:20:72:b9:ff:43:
                    8a:f4:da:7b:89:b8:c3:36:85:f1:6b:3b:62:b1:e8:
                    04:26:4e:29:44:93:e7:b8:68:96:7c:2d:3e:88:ab:
                    b9:d8:97:a4:d5:25:d2:cf:02:c3:a5:bb:f4:99:ba:
                    60:a5:3e:21:8e:d8:59:2d:23:2e:7e:56:ec:57:44:
                    3a:5d:b7:0e:bf:1a:8e:6e:d0:76:cf:0f:88:6d:aa:
                    a7:3b:80:70:1a:7e:88:4c:30:f1:a5:eb:4a:a7:23:
                    a1:85:c2:61:f0:3d:9d:3a:29:d0:b9:13:b9:c5:67:
                    a7:17:0a:40:26:92:4d:10:65:e8:11:3c:dd:66:5f:
                    38:fe:2b:8d:89:8f:85:56:dd:8d:70:f8:dc:70:fc:
                    a2:33:c6:d8:5f:7c:c5:58:f6:88:d4:e7:42:81:99:
                    c5:28:94:91:f2:fe:a2:f6:33:68:30:e5:69:bd:86:
                    5b:c5:b7:32:3e:4f:5b:00:c4:e4:59:25:57:0c:42:
                    89:d0:a5:98:87:0e:6e:ed:57:2a:90:6a:4c:6f:4b:
                    24:c8:f9:33:74:87:10:a7:60:43:b3:9a:7b:9f:c5:
                    9f:2e:b5:c5:bf:9e:16:27:bb:3c:d5:8b:f1:cb:9a:
                    8c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:82:A1:9C:AA:67:CB:41:7B:B7:86:19:68:9B:24:64:F4:49:49:3C
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:59:25:af:c1:29:b8:0c:d0:57:4d:be:f7:52:0a:9b:28:4d:
         a3:46:64:57:50:91:a6:d5:25:58:1c:78:8f:67:93:c4:c0:db:
         0e:5d:e7:fa:b6:5c:9e:b2:67:68:9c:8e:1f:49:91:f3:44:8b:
         f1:4b:76:1b:31:3f:36:1b:ff:7c:b5:44:e3:ec:e9:89:f1:3f:
         aa:17:64:ca:93:bd:b8:10:f4:ad:00:bd:53:08:c6:a1:01:6f:
         d2:ac:55:34:4a:63:19:ea:87:b4:f1:02:26:96:66:8e:54:44:
         10:0f:0f:e5:92:30:db:1c:8a:fc:d0:da:eb:b0:62:76:0a:5f:
         bc:8f:66:72:21:2f:e4:50:35:f2:61:31:4f:b7:7f:d5:21:89:
         75:6d:3b:79:40:53:46:22:83:e3:07:c5:fc:7e:33:9f:40:34:
         20:ff:20:55:e8:db:db:65:ae:28:a8:8e:d0:46:9a:07:a2:55:
         ba:ad:4c:98:3c:5d:7f:18:9b:24:34:2e:eb:97:02:7d:7d:b6:
         38:cb:d4:15:d9:a8:3d:66:9d:f8:74:2b:25:04:61:48:34:97:
         06:03:9c:ca:24:ea:ba:fa:71:3a:e9:0f:75:0c:bf:98:f0:e8:
         06:d3:63:2f:a0:63:a5:bb:96:c4:ec:57:66:80:6b:a7:98:6e:
         7e:3b:51:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmMCqWzxOHDwGl2yjGJDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjUwNjE0MDQwMDM5WhcNMjUwNjE1MDQwMDM5WjAzMTEwLwYDVQQD
EygzNzgyYTE5Y2FhNjdjYjQxN2JiNzg2MTk2ODliMjQ2NGY0NDk0OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusjrX2cbIA2vJlaz29Ktil3WWO0G
w6FvIHK5/0OK9Np7ibjDNoXxaztisegEJk4pRJPnuGiWfC0+iKu52Jek1SXSzwLD
pbv0mbpgpT4hjthZLSMuflbsV0Q6XbcOvxqObtB2zw+IbaqnO4BwGn6ITDDxpetK
pyOhhcJh8D2dOinQuRO5xWenFwpAJpJNEGXoETzdZl84/iuNiY+FVt2NcPjccPyi
M8bYX3zFWPaI1OdCgZnFKJSR8v6i9jNoMOVpvYZbxbcyPk9bAMTkWSVXDEKJ0KWY
hw5u7VcqkGpMb0skyPkzdIcQp2BDs5p7n8WfLrXFv54WJ7s81Yvxy5qMZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDeCoZyqZ8tBe7eGGWibJGT0SUk8MB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFklr8Ep
uAzQV02+91IKmyhNo0ZkV1CRptUlWBx4j2eTxMDbDl3n+rZcnrJnaJyOH0mR80SL
8Ut2GzE/Nhv/fLVE4+zpifE/qhdkypO9uBD0rQC9UwjGoQFv0qxVNEpjGeqHtPEC
JpZmjlREEA8P5ZIw2xyK/NDa67BidgpfvI9mciEv5FA18mExT7d/1SGJdW07eUBT
RiKD4wfF/H4zn0A0IP8gVejb22WuKKiO0EaaB6JVuq1MmDxdfxibJDQu65cCfX22
OMvUFdmoPWad+HQrJQRhSDSXBgOcyiTquvpxOukPdQy/mPDoBtNjL6BjpbuWxOxX
ZoBrp5hufjtRBQ==
-----END CERTIFICATE-----