Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          czsTKk3pmjACFV62A3+Oye8JhJZZFBWFKzbrnNSlQm8=
Subject key identifier:   9A:CB:8D:A4:B5:3F:0F:04:19:91:07:98:00:66:30:DB:F4:FD:42:E2
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       01976D3E7F6F2DFC5038EA7570F52530B02D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0CE9
Signing time:             Sat 14 Jun 2025 07:01:41 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:41 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:41 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: OC2LTMfuL9poJsO+GEN1cNGKGKrAyrzRwHk3N0CmSCY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:7f:6f:2d:fc:50:38:ea:75:70:f5:25:30:b0:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Jun 14 07:01:41 2025 GMT
            Not After : Jun 15 07:01:41 2025 GMT
        Subject: CN=9acb8da4b53f0f0419910798006630dbf4fd42e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0a:cc:d0:77:c2:10:f3:5f:1f:4b:a3:06:5c:
                    06:5a:fa:b2:62:f8:13:98:7d:d2:e6:d2:38:d2:03:
                    a0:67:06:7b:1d:e3:52:c0:e3:6e:7c:d8:01:70:24:
                    50:13:e2:c5:c1:cd:c8:c7:9d:b9:57:b5:8c:9c:7f:
                    68:be:82:c4:6e:7d:7a:bf:c2:ae:7b:83:3f:42:06:
                    4a:3c:86:be:74:bb:6c:23:af:d8:21:0f:9a:68:bf:
                    9e:39:0f:c1:b9:9e:00:c8:8e:32:1f:ff:91:30:45:
                    39:09:20:16:36:d9:19:0c:0e:ad:73:e7:3d:06:cc:
                    96:21:94:5d:0a:10:82:be:1b:d5:b5:bd:e5:8f:a0:
                    a6:bb:67:ec:f7:b7:77:33:58:aa:6c:cc:ec:12:e6:
                    f6:17:34:fb:0e:38:4c:7b:01:ce:63:12:c4:93:fc:
                    6b:f2:3d:92:bc:68:15:20:59:d3:7b:07:12:a8:34:
                    2d:c5:62:c9:76:e7:16:7c:a0:08:e5:c4:39:3d:23:
                    dd:2a:6a:9f:ad:3e:97:3e:35:d1:4f:e0:31:83:05:
                    83:af:6a:3b:8f:6f:29:4f:a2:28:60:20:c9:04:8f:
                    66:1d:00:e4:1d:ae:1b:0b:29:71:67:52:55:b8:ee:
                    42:5e:e8:df:5e:f5:ac:8d:d7:a8:2c:98:50:4a:62:
                    86:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:CB:8D:A4:B5:3F:0F:04:19:91:07:98:00:66:30:DB:F4:FD:42:E2
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e1:e9:23:d8:3e:71:12:06:c3:df:ce:fd:8e:f6:7b:84:a7:
         9b:33:53:15:83:14:ff:eb:57:d8:30:83:3f:97:da:ef:a9:e8:
         ff:08:e2:c5:41:6e:20:83:04:21:04:87:cd:bf:b1:aa:12:5e:
         01:30:ba:0c:45:b6:6c:76:a6:11:12:17:31:0a:e0:d6:54:a7:
         9d:95:ff:74:fe:2d:7b:2b:3e:5a:2c:8b:a8:a5:77:92:32:81:
         66:e8:5d:e4:dd:ee:83:b0:1e:b6:96:4e:44:32:bb:89:72:78:
         65:6d:c3:aa:89:c5:15:d9:a8:df:de:d2:6f:50:c9:28:24:cd:
         46:5f:2b:6d:53:ea:34:13:d8:b4:aa:98:26:14:e4:c4:02:67:
         57:0b:89:b2:f8:36:38:96:72:55:d8:83:9f:a0:e9:c1:49:12:
         4b:3b:a6:ba:e1:ba:c3:c4:38:10:c2:d1:d7:34:6d:cf:f6:ce:
         ce:c4:94:f7:ff:75:eb:fd:b9:45:3a:8e:a9:e4:73:cc:23:c4:
         34:79:b3:2f:53:72:29:2b:90:12:b1:a2:1c:36:b5:b8:4d:c0:
         eb:36:c9:b0:52:3d:f1:97:5a:e9:62:c1:68:f6:d8:aa:6b:f7:
         0c:45:f7:b1:fa:28:16:02:89:e3:a3:60:ea:ce:5a:d9:90:a1:
         14:6d:d4:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPn9vLfxQOOp1cPUlMLAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjUwNjE0MDcwMTQxWhcNMjUwNjE1MDcwMTQxWjAzMTEwLwYDVQQD
Eyg5YWNiOGRhNGI1M2YwZjA0MTk5MTA3OTgwMDY2MzBkYmY0ZmQ0MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwrM0HfCEPNfH0ujBlwGWvqyYvgT
mH3S5tI40gOgZwZ7HeNSwONufNgBcCRQE+LFwc3Ix525V7WMnH9ovoLEbn16v8Ku
e4M/QgZKPIa+dLtsI6/YIQ+aaL+eOQ/BuZ4AyI4yH/+RMEU5CSAWNtkZDA6tc+c9
BsyWIZRdChCCvhvVtb3lj6Cmu2fs97d3M1iqbMzsEub2FzT7DjhMewHOYxLEk/xr
8j2SvGgVIFnTewcSqDQtxWLJducWfKAI5cQ5PSPdKmqfrT6XPjXRT+AxgwWDr2o7
j28pT6IoYCDJBI9mHQDkHa4bCylxZ1JVuO5CXujfXvWsjdeoLJhQSmKGOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrLjaS1Pw8EGZEHmABmMNv0/ULiMB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeHpI9g+
cRIGw9/O/Y72e4SnmzNTFYMU/+tX2DCDP5fa76no/wjixUFuIIMEIQSHzb+xqhJe
ATC6DEW2bHamERIXMQrg1lSnnZX/dP4teys+WiyLqKV3kjKBZuhd5N3ug7AetpZO
RDK7iXJ4ZW3DqonFFdmo397Sb1DJKCTNRl8rbVPqNBPYtKqYJhTkxAJnVwuJsvg2
OJZyVdiDn6DpwUkSSzumuuG6w8Q4EMLR1zRtz/bOzsSU9/916/25RTqOqeRzzCPE
NHmzL1NyKSuQErGiHDa1uE3A6zbJsFI98Zda6WLBaPbYqmv3DEX3sfooFgKJ46Ng
6s5a2ZChFG3U7g==
-----END CERTIFICATE-----