Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
File:                     o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json)
Hash identifier:          MHhQ8DpUEjghTu9cCldRwsLTJXE1KMorHZA2QCNCLYM=
Subject key identifier:   9C:02:95:94:2B:40:F1:8E:54:10:B9:F9:17:C3:D7:D6:00:8A:66:3A
Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
Certificate issuer:       /CN=a3feb410e07d088fb651b913749b81257e3b9952
Certificate serial:       0196741E3D5C3857AA7560BC29EDA28D8EB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
Manifest number:          0F58
Signing time:             Sat 26 Apr 2025 22:01:00 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:00 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:00 +0000
Files and hashes:         1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: WL26e+IGasL1eb6NkIpxtfa5d/K8tNZ7u8HOWiRhL/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:3d:5c:38:57:aa:75:60:bc:29:ed:a2:8d:8e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952
        Validity
            Not Before: Apr 26 22:01:00 2025 GMT
            Not After : Apr 27 22:01:00 2025 GMT
        Subject: CN=9c0295942b40f18e5410b9f917c3d7d6008a663a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7d:59:9b:2f:da:3b:ae:3b:dd:64:f0:d7:7a:
                    96:93:99:ab:83:47:aa:eb:dc:25:ef:69:f5:8b:f9:
                    c8:97:9a:87:05:22:89:8c:c9:15:df:74:d4:7d:e0:
                    2c:f1:34:7d:b0:6b:5d:c1:30:ad:57:6b:ba:a6:20:
                    9f:3e:8a:a8:40:41:a8:68:a4:28:f7:05:20:a0:21:
                    59:ca:c1:e4:f2:da:cc:95:79:67:0a:94:65:ab:15:
                    1e:18:83:b5:68:e6:d3:12:f1:c1:33:ef:08:77:77:
                    61:a9:eb:e7:59:f0:8e:51:08:f5:bd:5c:0c:5f:c9:
                    0a:04:af:23:e0:87:7b:1d:d3:62:17:ff:c7:af:0d:
                    56:83:ea:fe:53:5b:c2:68:0c:02:79:3a:78:ff:30:
                    84:77:1c:04:e0:7e:cb:50:bf:5b:18:83:c8:d4:9a:
                    f4:41:53:5a:ee:de:7e:a0:89:21:a1:f8:04:8d:f3:
                    52:e6:86:49:1e:06:8f:ac:59:09:93:25:09:b1:b8:
                    6e:a6:b7:fe:8a:7c:8b:32:a6:93:4c:cf:9a:cd:27:
                    1d:23:33:7d:61:65:84:e6:f1:a8:52:c7:59:dd:d5:
                    40:f8:95:ed:6a:ec:00:cd:b2:af:ce:18:a9:35:30:
                    cd:d1:fd:ea:5c:50:c2:7a:c1:b9:22:ef:05:31:8c:
                    2e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:02:95:94:2B:40:F1:8E:54:10:B9:F9:17:C3:D7:D6:00:8A:66:3A
            X509v3 Authority Key Identifier:
                keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:39:88:fb:1d:4a:15:12:61:2d:f1:ea:51:b0:ac:87:09:af:
         3d:6a:e9:fd:34:f6:b3:63:eb:96:c2:79:6e:ac:bf:e5:e6:42:
         ab:f8:f7:ee:ca:ef:13:e5:d1:3b:a0:09:db:9a:c8:94:b9:e5:
         f1:35:71:e6:79:d1:84:0b:70:9f:85:89:53:2a:dd:06:cf:c9:
         fe:22:a9:13:13:d3:92:d2:5e:8a:58:84:92:8c:8a:9d:c1:86:
         58:c8:83:5d:5e:67:2f:e6:98:52:71:40:9e:bf:ab:c0:c9:60:
         73:83:dc:d1:45:04:f2:6b:68:15:b3:96:ed:6a:98:af:79:e5:
         d9:8b:b5:04:5f:28:f0:63:bc:52:5c:a3:1d:3d:18:f6:43:cd:
         a9:a6:2c:6f:5e:d8:0f:b5:9f:10:9f:b2:9b:fd:e2:2d:43:2c:
         3f:2d:65:55:6b:a7:d5:b4:ec:2f:f3:dc:96:24:28:97:82:a9:
         35:9c:a9:cd:34:9e:86:7d:7f:d9:7b:ad:3b:c0:40:56:4b:36:
         c8:e1:13:da:0f:2c:36:a7:85:3e:5d:8d:5a:51:be:d4:49:60:
         29:74:e9:f0:a9:09:28:63:29:a2:5e:b9:e8:81:d7:dd:0c:ff:
         9c:74:1c:2f:a6:41:55:91:76:7d:f4:72:94:f7:89:79:d9:5e:
         3c:f9:e0:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0Hj1cOFeqdWC8Ke2ijY65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz
Yjk5NTIwHhcNMjUwNDI2MjIwMTAwWhcNMjUwNDI3MjIwMTAwWjAzMTEwLwYDVQQD
Eyg5YzAyOTU5NDJiNDBmMThlNTQxMGI5ZjkxN2MzZDdkNjAwOGE2NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx31Zmy/aO6473WTw13qWk5mrg0eq
69wl72n1i/nIl5qHBSKJjMkV33TUfeAs8TR9sGtdwTCtV2u6piCfPoqoQEGoaKQo
9wUgoCFZysHk8trMlXlnCpRlqxUeGIO1aObTEvHBM+8Id3dhqevnWfCOUQj1vVwM
X8kKBK8j4Id7HdNiF//Hrw1Wg+r+U1vCaAwCeTp4/zCEdxwE4H7LUL9bGIPI1Jr0
QVNa7t5+oIkhofgEjfNS5oZJHgaPrFkJkyUJsbhuprf+inyLMqaTTM+azScdIzN9
YWWE5vGoUsdZ3dVA+JXtauwAzbKvzhipNTDN0f3qXFDCesG5Iu8FMYwuHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwClZQrQPGOVBC5+RfD19YAimY6MB8GA1UdIwQY
MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt
MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl
LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALDmI+x1K
FRJhLfHqUbCshwmvPWrp/TT2s2PrlsJ5bqy/5eZCq/j37srvE+XRO6AJ25rIlLnl
8TVx5nnRhAtwn4WJUyrdBs/J/iKpExPTktJeiliEkoyKncGGWMiDXV5nL+aYUnFA
nr+rwMlgc4Pc0UUE8mtoFbOW7WqYr3nl2Yu1BF8o8GO8UlyjHT0Y9kPNqaYsb17Y
D7WfEJ+ym/3iLUMsPy1lVWun1bTsL/PcliQol4KpNZypzTSehn1/2XutO8BAVks2
yOET2g8sNqeFPl2NWlG+1ElgKXTp8KkJKGMpol656IHX3Qz/nHQcL6ZBVZF2ffRy
lPeJedlePPngZA==
-----END CERTIFICATE-----