Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
File:                     Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft (raw, json)
Hash identifier:          ZkI6UhPAdmVvSs955H+91048OifKJ0/bKNDFo+QE7W4=
Subject key identifier:   24:95:2B:68:91:C4:8E:FA:B3:97:8E:F4:25:FD:07:C0:2A:A7:31:40
Authority key identifier: 39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8
Certificate issuer:       /CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
Certificate serial:       0197711AC12F1CC8E7EC248856DEF0EE4931
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
Manifest number:          158E
Signing time:             Sun 15 Jun 2025 01:01:08 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:08 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:08 +0000
Files and hashes:         1: Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl (hash: TkupIE9CX/i3WyW33rpm2awofp8xW9vD4i5N2rxF5Sg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:c1:2f:1c:c8:e7:ec:24:88:56:de:f0:ee:49:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
        Validity
            Not Before: Jun 15 01:01:08 2025 GMT
            Not After : Jun 16 01:01:08 2025 GMT
        Subject: CN=24952b6891c48efab3978ef425fd07c02aa73140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:f2:e0:36:5a:3d:d8:1c:72:c8:02:9a:fb:3e:
                    93:40:d0:ef:28:b1:93:f9:e7:57:ab:56:f0:f1:a1:
                    5f:f1:78:0e:09:bd:3e:1e:f8:86:95:68:5e:7a:06:
                    b7:75:a2:86:fe:53:48:35:c9:5e:d9:8d:25:6b:11:
                    ec:51:f4:65:c9:21:13:4b:db:58:92:8a:1f:5b:50:
                    41:a3:31:ca:9b:ca:f2:5f:9c:38:a3:65:37:c2:34:
                    45:e4:33:d7:f9:4f:d6:eb:68:07:e8:1a:f3:ff:57:
                    7a:34:b9:77:16:ce:9f:cb:ce:2e:31:74:f7:87:a5:
                    c3:02:ad:69:49:2d:e6:46:32:7f:2a:c7:d7:19:ee:
                    b6:3b:44:d9:5c:30:bc:00:64:14:bc:f2:62:1f:84:
                    b8:36:62:b7:fe:72:d4:af:24:dc:af:4a:84:39:19:
                    59:80:26:85:19:4b:87:c1:ce:db:2b:01:b8:00:c0:
                    57:8e:71:f6:35:df:9b:87:e0:25:a4:89:be:0a:70:
                    29:0c:b3:a2:6d:95:1a:42:90:32:ca:d1:64:fa:60:
                    c4:1a:0c:76:00:c8:08:a8:00:14:d8:c4:ab:a0:c0:
                    5e:f5:60:f7:39:71:b4:77:73:33:07:52:d0:53:2c:
                    7e:a5:6e:65:60:93:55:cd:a8:34:28:a1:ec:4a:9f:
                    f5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:95:2B:68:91:C4:8E:FA:B3:97:8E:F4:25:FD:07:C0:2A:A7:31:40
            X509v3 Authority Key Identifier:
                keyid:39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:b8:36:e9:72:99:b9:58:48:41:be:a3:b8:05:89:21:20:77:
         f7:e3:06:19:7d:c8:f1:64:d0:60:a1:96:b0:aa:03:53:f6:e0:
         c7:57:cd:1d:ab:4c:63:da:88:3a:4d:f6:7a:3b:10:33:bc:77:
         47:1d:43:e4:7c:44:60:7d:11:0f:33:25:41:5b:5c:b0:52:4d:
         f6:84:5d:96:62:8d:f2:55:b1:3e:0b:fe:b0:36:89:a3:40:b0:
         77:d6:53:13:e5:f8:80:3b:ec:ab:a6:56:0e:72:92:f2:bc:f1:
         90:14:cf:89:01:13:54:e8:8a:a5:d2:f2:e1:de:d3:f2:9c:7d:
         18:cd:6d:a5:b0:18:51:4e:26:f6:f2:2d:fc:18:37:3a:bc:1f:
         ae:fb:ab:31:e5:93:7f:c0:a7:ed:0b:fb:01:b8:df:43:fc:a1:
         6f:15:bb:63:11:cf:47:6d:f4:31:5a:ed:b9:99:90:9e:98:b5:
         de:69:5f:1c:12:31:c7:74:e8:75:44:ab:58:f1:e7:19:d6:ff:
         88:c5:cb:9e:5e:f8:12:bb:37:5e:7f:06:bc:c8:4f:99:c1:85:
         8e:6d:c5:a4:62:07:c1:ee:4c:18:8d:d6:fc:39:3c:d5:2e:f5:
         fa:9c:05:09:8c:e9:bf:99:87:03:15:56:b1:98:d2:42:30:e6:
         ba:64:c3:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGsEvHMjn7CSIVt7w7kkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2QxZDViYjg4OTU4YzY5Y2JkZGU5MGE5ZTA1NmI0OGM0
ZmFiZjgwHhcNMjUwNjE1MDEwMTA4WhcNMjUwNjE2MDEwMTA4WjAzMTEwLwYDVQQD
EygyNDk1MmI2ODkxYzQ4ZWZhYjM5NzhlZjQyNWZkMDdjMDJhYTczMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+PLgNlo92BxyyAKa+z6TQNDvKLGT
+edXq1bw8aFf8XgOCb0+HviGlWheega3daKG/lNINcle2Y0laxHsUfRlySETS9tY
koofW1BBozHKm8ryX5w4o2U3wjRF5DPX+U/W62gH6Brz/1d6NLl3Fs6fy84uMXT3
h6XDAq1pSS3mRjJ/KsfXGe62O0TZXDC8AGQUvPJiH4S4NmK3/nLUryTcr0qEORlZ
gCaFGUuHwc7bKwG4AMBXjnH2Nd+bh+AlpIm+CnApDLOibZUaQpAyytFk+mDEGgx2
AMgIqAAU2MSroMBe9WD3OXG0d3MzB1LQUyx+pW5lYJNVzag0KKHsSp/1BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSVK2iRxI76s5eO9CX9B8AqpzFAMB8GA1UdIwQY
MBaAFDnNHVu4iVjGnL3ekKngVrSMT6v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMt
NDZhODVhMjhlNzQ5LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMtNDZhODVhMjhlNzQ5
LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT7g26XKZ
uVhIQb6juAWJISB39+MGGX3I8WTQYKGWsKoDU/bgx1fNHatMY9qIOk32ejsQM7x3
Rx1D5HxEYH0RDzMlQVtcsFJN9oRdlmKN8lWxPgv+sDaJo0Cwd9ZTE+X4gDvsq6ZW
DnKS8rzxkBTPiQETVOiKpdLy4d7T8px9GM1tpbAYUU4m9vIt/Bg3OrwfrvurMeWT
f8Cn7Qv7AbjfQ/yhbxW7YxHPR230MVrtuZmQnpi13mlfHBIxx3TodUSrWPHnGdb/
iMXLnl74Ers3Xn8GvMhPmcGFjm3FpGIHwe5MGI3W/Dk81S71+pwFCYzpv5mHAxVW
sZjSQjDmumTDjA==
-----END CERTIFICATE-----