Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
File:                     _OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft (raw, json)
Hash identifier:          Z/wlnMkrhd73j6DuWQ5YNKCK0cZKLjBhhMe/wvidfCo=
Subject key identifier:   5E:12:52:3B:87:DE:E7:A6:FB:6E:9D:F7:2C:AE:94:B8:18:A0:00:C4
Authority key identifier: FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1
Certificate issuer:       /CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
Certificate serial:       01967FB45D625A23A43FE1A4BC645BAEBA12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
Manifest number:          0E8E
Signing time:             Tue 29 Apr 2025 04:00:48 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:48 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:48 +0000
Files and hashes:         1: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl (hash: 55Pw+IjR64OuS/Fic9ykeM6cT15moSmvevqjuFbJiA4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:5d:62:5a:23:a4:3f:e1:a4:bc:64:5b:ae:ba:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
        Validity
            Not Before: Apr 29 04:00:48 2025 GMT
            Not After : Apr 30 04:00:48 2025 GMT
        Subject: CN=5e12523b87dee7a6fb6e9df72cae94b818a000c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b1:b6:32:37:a9:4a:ae:b1:b5:6c:bb:38:25:
                    80:16:93:fc:e2:4a:46:a7:5d:22:25:65:a1:bb:1c:
                    52:6b:28:80:c1:29:a6:e0:12:20:32:3f:fe:16:27:
                    2c:51:35:96:63:1d:d6:0b:31:93:74:52:c2:f1:b6:
                    94:97:28:1d:a0:28:d6:e5:3f:10:f7:c4:dd:b7:f5:
                    b0:1b:7f:b9:6d:57:49:dd:29:de:76:ac:8d:27:5c:
                    e9:8c:b3:9e:8d:92:5f:4e:9b:89:30:93:22:a5:ea:
                    26:56:b6:b5:94:31:77:e5:34:80:5d:88:11:9e:ee:
                    df:50:52:6c:80:29:d8:b4:3c:80:a8:0c:78:f9:97:
                    0d:32:21:44:ed:18:d3:29:d3:75:56:f3:ca:29:fc:
                    6e:b7:b1:b1:dd:03:65:78:53:73:0e:22:c2:da:96:
                    9a:31:95:e1:c3:d4:e6:bd:df:47:a6:1e:8d:9d:65:
                    be:53:4d:9e:bc:2f:79:83:9b:be:9b:48:4a:5b:37:
                    da:f2:5c:4b:c3:90:40:51:f1:c2:ec:c0:30:4a:ba:
                    bc:a1:76:88:d2:59:c0:86:46:05:b4:dc:db:d1:45:
                    7c:48:7a:f5:e5:bc:4a:cb:06:85:81:7d:f0:b1:1a:
                    b0:6c:e1:2b:57:a7:02:7f:31:34:4c:01:ea:d6:0f:
                    43:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:12:52:3B:87:DE:E7:A6:FB:6E:9D:F7:2C:AE:94:B8:18:A0:00:C4
            X509v3 Authority Key Identifier:
                keyid:FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:03:c9:3e:a1:e0:22:86:42:d9:61:f5:cb:b9:6e:6b:0d:23:
         d2:6d:c0:d6:08:4c:95:82:6a:d5:c3:68:08:8a:2d:de:fa:a5:
         19:2f:75:63:c4:fb:9b:6a:66:3f:1c:7d:b6:a1:42:53:5c:67:
         e8:5c:62:f9:c9:52:13:53:34:ac:6c:82:6e:ce:9c:90:a5:92:
         4e:37:44:3e:73:d0:6d:1e:ae:0b:13:ff:d1:46:68:b3:a3:2a:
         54:98:a6:1a:3b:d3:c8:73:e5:d4:be:8c:f5:7c:3a:42:ed:55:
         52:f3:91:cb:99:93:4f:f6:2b:dc:01:df:18:4e:c9:6b:7c:90:
         e3:3f:9a:9b:a1:3f:56:7a:d8:f9:82:35:9a:9d:57:b2:7e:8b:
         95:1b:0c:f4:c0:5c:4c:72:6d:0a:6f:6a:d5:e8:2d:22:47:1b:
         4c:9b:6f:74:d4:d9:49:69:df:de:86:8b:f7:b6:62:17:ee:c6:
         e3:bc:84:7a:99:c9:f6:c2:b0:b0:b0:10:bb:d6:18:79:47:b5:
         41:09:88:0d:b1:69:21:bc:a5:f0:92:66:0f:0b:54:6e:82:8d:
         2c:32:9a:ea:56:e8:10:08:4b:60:db:95:6c:1f:a9:d2:ea:e6:
         42:12:f2:d5:ba:cc:58:40:53:2b:11:d8:49:4c:24:4e:58:97:
         0e:d1:18:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tF1iWiOkP+GkvGRbrroSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTI3ZDY0YTRjZTk1ZTA4MzExYWZhZmY0M2U2NmQwNzNm
YjIxZDEwHhcNMjUwNDI5MDQwMDQ4WhcNMjUwNDMwMDQwMDQ4WjAzMTEwLwYDVQQD
Eyg1ZTEyNTIzYjg3ZGVlN2E2ZmI2ZTlkZjcyY2FlOTRiODE4YTAwMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rG2MjepSq6xtWy7OCWAFpP84kpG
p10iJWWhuxxSayiAwSmm4BIgMj/+FicsUTWWYx3WCzGTdFLC8baUlygdoCjW5T8Q
98Tdt/WwG3+5bVdJ3SnedqyNJ1zpjLOejZJfTpuJMJMipeomVra1lDF35TSAXYgR
nu7fUFJsgCnYtDyAqAx4+ZcNMiFE7RjTKdN1VvPKKfxut7Gx3QNleFNzDiLC2paa
MZXhw9Tmvd9Hph6NnWW+U02evC95g5u+m0hKWzfa8lxLw5BAUfHC7MAwSrq8oXaI
0lnAhkYFtNzb0UV8SHr15bxKywaFgX3wsRqwbOErV6cCfzE0TAHq1g9DnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4SUjuH3uem+26d9yyulLgYoADEMB8GA1UdIwQY
MBaAFPzifWSkzpXggxGvr/Q+ZtBz+yHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEt
MDAxNGJjODU1YmY0LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEtMDAxNGJjODU1YmY0
LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATwPJPqHg
IoZC2WH1y7luaw0j0m3A1ghMlYJq1cNoCIot3vqlGS91Y8T7m2pmPxx9tqFCU1xn
6Fxi+clSE1M0rGyCbs6ckKWSTjdEPnPQbR6uCxP/0UZos6MqVJimGjvTyHPl1L6M
9Xw6Qu1VUvORy5mTT/Yr3AHfGE7Ja3yQ4z+am6E/VnrY+YI1mp1Xsn6LlRsM9MBc
THJtCm9q1egtIkcbTJtvdNTZSWnf3oaL97ZiF+7G47yEepnJ9sKwsLAQu9YYeUe1
QQmIDbFpIbyl8JJmDwtUboKNLDKa6lboEAhLYNuVbB+p0urmQhLy1brMWEBTKxHY
SUwkTliXDtEYtA==
-----END CERTIFICATE-----