Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          KZHX7Gt6RyxzHutLnSrsHyQN9k4Ej4X6lXX1kaoh1Eg=
Subject key identifier:   B0:DA:BF:B2:2E:FD:3C:72:D6:C4:4B:74:E9:0E:2D:FD:7E:E2:AA:77
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       01968B136459FCF66B237D33356AB190D96A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          1517
Signing time:             Thu 01 May 2025 09:00:25 +0000
Manifest this update:     Thu 01 May 2025 09:00:25 +0000
Manifest next update:     Fri 02 May 2025 09:00:25 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: n/VkPppQTL4XAyiSrONN+qMonL2tIeH/bVkhFpIlIXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:13:64:59:fc:f6:6b:23:7d:33:35:6a:b1:90:d9:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: May  1 09:00:25 2025 GMT
            Not After : May  2 09:00:25 2025 GMT
        Subject: CN=b0dabfb22efd3c72d6c44b74e90e2dfd7ee2aa77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:82:0b:ba:8a:a4:79:1d:1c:31:9e:80:42:99:
                    ed:5f:f7:c0:c8:60:9b:1b:51:ef:5d:d0:d5:43:ee:
                    11:ba:ed:c4:a1:db:5c:63:21:79:ba:fe:e5:8b:d4:
                    10:30:6f:98:47:68:3a:c7:72:16:c0:9c:a7:f4:18:
                    a8:60:55:ff:a0:83:a3:eb:81:f4:b6:d4:1a:35:9a:
                    30:7b:95:f4:6a:78:d2:fd:e8:6e:63:e9:32:e3:b7:
                    11:69:1d:a2:79:91:22:56:ad:fd:a2:71:67:15:8e:
                    9b:18:51:5a:92:a8:29:42:74:75:b3:51:c3:c4:30:
                    d3:a2:77:22:05:77:2c:95:b3:bf:c9:ee:f2:ff:c7:
                    c4:23:3c:bc:f6:4a:dc:8a:a2:d0:14:e1:8e:9e:c3:
                    dd:8d:70:02:15:7e:d6:9c:06:6c:3e:2e:75:21:a0:
                    b1:b8:3d:fb:12:7e:70:a6:08:66:f8:1a:08:1e:24:
                    94:52:ab:8a:3a:a8:a0:c3:10:22:76:d6:c3:40:22:
                    f4:da:94:bc:5c:f2:ea:44:72:a6:68:b4:ee:fc:30:
                    c6:af:80:8e:c2:cd:9b:2d:11:fb:06:df:17:5f:c8:
                    f0:a5:62:29:f5:cb:94:0e:45:4d:73:0f:37:bf:d8:
                    18:60:14:6f:52:54:88:c0:dd:11:ec:80:ee:27:bf:
                    be:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:DA:BF:B2:2E:FD:3C:72:D6:C4:4B:74:E9:0E:2D:FD:7E:E2:AA:77
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:af:04:69:14:5f:42:ff:03:1b:cf:13:8f:4e:a8:b3:85:1b:
         76:b4:dc:5c:d9:8d:67:79:ea:57:0d:a0:6c:72:08:4b:3d:05:
         d7:db:9e:c8:7b:e8:1f:bf:ea:06:32:2f:05:89:63:fd:f7:41:
         70:a3:19:ea:20:0d:ec:b2:07:25:a7:a6:9f:bb:b1:46:f2:50:
         45:3d:52:4f:a3:e6:b1:5f:15:0b:22:f7:56:82:3a:99:1a:46:
         3b:57:7d:8d:a7:81:26:f0:30:62:68:c5:21:2c:36:17:4d:28:
         38:5a:25:78:c1:0d:3d:90:0e:e0:52:ae:ac:24:58:64:14:6f:
         16:5c:05:02:36:f4:4d:2e:36:14:42:ef:eb:e9:bf:64:4d:1d:
         52:3b:00:e4:22:7d:eb:cc:68:af:f8:07:0d:a9:36:b6:d4:fa:
         09:42:4a:21:ca:2a:ec:77:ab:fd:34:64:d8:69:cf:f0:e7:c9:
         23:ea:36:c0:9f:4b:b8:a4:18:ed:20:a8:01:47:0c:30:62:34:
         8a:cb:1a:ab:ca:e9:33:3a:78:f7:7f:54:1c:ff:c4:5f:a8:64:
         c3:9f:e3:ce:a8:cb:66:3d:e3:31:d1:c8:5b:6f:9d:dd:21:a8:
         bc:d7:ee:b4:ef:90:2f:d6:ea:35:c0:07:32:ec:23:aa:66:f4:
         cc:b1:9f:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaLE2RZ/PZrI30zNWqxkNlqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjUwNTAxMDkwMDI1WhcNMjUwNTAyMDkwMDI1WjAzMTEwLwYDVQQD
EyhiMGRhYmZiMjJlZmQzYzcyZDZjNDRiNzRlOTBlMmRmZDdlZTJhYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYILuoqkeR0cMZ6AQpntX/fAyGCb
G1HvXdDVQ+4Ruu3EodtcYyF5uv7li9QQMG+YR2g6x3IWwJyn9BioYFX/oIOj64H0
ttQaNZowe5X0anjS/ehuY+ky47cRaR2ieZEiVq39onFnFY6bGFFakqgpQnR1s1HD
xDDTonciBXcslbO/ye7y/8fEIzy89krciqLQFOGOnsPdjXACFX7WnAZsPi51IaCx
uD37En5wpghm+BoIHiSUUquKOqigwxAidtbDQCL02pS8XPLqRHKmaLTu/DDGr4CO
ws2bLRH7Bt8XX8jwpWIp9cuUDkVNcw83v9gYYBRvUlSIwN0R7IDuJ7++nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDav7Iu/Txy1sRLdOkOLf1+4qp3MB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAia8EaRRf
Qv8DG88Tj06os4UbdrTcXNmNZ3nqVw2gbHIISz0F19ueyHvoH7/qBjIvBYlj/fdB
cKMZ6iAN7LIHJaemn7uxRvJQRT1ST6PmsV8VCyL3VoI6mRpGO1d9jaeBJvAwYmjF
ISw2F00oOFoleMENPZAO4FKurCRYZBRvFlwFAjb0TS42FELv6+m/ZE0dUjsA5CJ9
68xor/gHDak2ttT6CUJKIcoq7Her/TRk2GnP8OfJI+o2wJ9LuKQY7SCoAUcMMGI0
issaq8rpMzp4939UHP/EX6hkw5/jzqjLZj3jMdHIW2+d3SGovNfutO+QL9bqNcAH
Muwjqmb0zLGf1Q==
-----END CERTIFICATE-----