Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
File:                     oLNzv45HcndefI_F-9Mpze5Eoyw.mft (raw, json)
Hash identifier:          boP8VHKGL6yNaiu/KKuTl+dOLoHXxI9JFGoA9ZXANZs=
Subject key identifier:   D8:84:A3:03:99:F5:46:12:8A:B9:B2:E0:ED:08:99:2F:A8:EC:37:D1
Authority key identifier: A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C
Certificate issuer:       /CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
Certificate serial:       01968DDDD1769578A35D803FF15A5EFCD117
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
Manifest number:          1518
Signing time:             Thu 01 May 2025 22:00:46 +0000
Manifest this update:     Thu 01 May 2025 22:00:46 +0000
Manifest next update:     Fri 02 May 2025 22:00:46 +0000
Files and hashes:         1: oLNzv45HcndefI_F-9Mpze5Eoyw.crl (hash: jd22xZm67ix5IBzN7Fw9Auns66MEtbMJlOkjlaiadc0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:dd:d1:76:95:78:a3:5d:80:3f:f1:5a:5e:fc:d1:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
        Validity
            Not Before: May  1 22:00:46 2025 GMT
            Not After : May  2 22:00:46 2025 GMT
        Subject: CN=d884a30399f546128ab9b2e0ed08992fa8ec37d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e2:ed:3e:2d:f6:f7:4f:83:a1:73:ed:12:d4:
                    a6:79:e1:33:d1:2d:6f:90:0d:12:6c:a5:d0:30:51:
                    1f:c0:cf:19:a7:ff:ff:6c:03:40:c1:a6:2c:73:c5:
                    ad:bb:0a:fd:31:ba:34:79:f7:70:2f:6f:df:7b:b5:
                    62:83:4c:fe:c6:11:33:a7:51:c8:72:6d:52:a9:c6:
                    99:f8:0a:77:a3:a2:8f:e2:30:2a:ac:80:0d:0d:be:
                    0e:63:36:ee:3e:05:86:e6:76:d8:c0:df:5c:85:eb:
                    26:5c:2c:a1:c2:26:1e:e1:49:74:f6:77:c1:23:e3:
                    ff:e3:5e:ab:56:f1:21:05:6b:f4:fa:9d:cb:6a:21:
                    00:de:3a:a6:0b:72:db:0d:7e:96:4b:68:c8:ac:91:
                    97:7a:82:22:41:ba:f4:f8:f0:31:2a:4e:fc:5b:25:
                    cf:c6:0a:e0:6f:0a:81:d7:52:ad:b5:4e:cd:01:a1:
                    17:a9:30:17:6d:07:d4:f2:ea:c9:4d:6b:b7:76:2b:
                    55:23:8e:bd:ed:dd:72:03:ac:5f:49:a5:ab:6f:a1:
                    20:69:c6:c6:80:79:34:33:d4:71:98:b1:af:fa:84:
                    8a:62:14:c7:14:97:9a:d9:7c:da:0e:cb:9b:30:a5:
                    e7:20:8d:20:bf:88:29:68:bf:cb:31:5b:b1:8d:b7:
                    3a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:84:A3:03:99:F5:46:12:8A:B9:B2:E0:ED:08:99:2F:A8:EC:37:D1
            X509v3 Authority Key Identifier:
                keyid:A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:f4:b0:97:e6:fa:92:7e:90:2e:34:7c:76:f6:b1:c4:51:26:
         1e:bf:82:0a:69:00:c7:45:7c:c4:cf:c8:1c:95:fa:1a:b7:db:
         66:c0:e7:7c:76:c5:eb:91:94:5d:a3:88:82:53:eb:34:17:49:
         b7:38:26:1f:97:68:34:5a:cc:23:a1:59:8f:91:c6:65:ba:10:
         73:0f:14:68:5e:a1:46:a0:ad:42:bf:df:a2:8c:cf:9a:8a:f6:
         6b:2b:21:d4:ab:6e:12:3b:51:bc:64:94:80:bb:a3:54:a7:8d:
         de:4e:c8:ee:bb:d7:fd:63:5e:c0:d9:44:bf:19:18:92:e1:79:
         a3:f7:83:e2:7f:90:43:4c:df:07:d7:8c:8b:d0:ff:13:d2:18:
         28:03:a7:b5:a0:25:a2:27:cf:a8:2b:7e:b5:f6:0b:dc:03:3a:
         65:05:84:8b:04:53:1e:4a:a5:13:44:f0:69:bf:af:b3:6a:ec:
         de:10:87:dd:4b:ed:e9:cb:14:8c:f3:0e:61:67:b5:2e:9a:e4:
         67:5e:80:30:66:4b:e1:aa:12:a2:69:61:c5:b5:5b:8c:bd:6d:
         c7:12:32:63:1c:40:c9:90:a6:ce:75:11:cf:5a:0c:32:72:a3:
         b1:f7:27:a1:0f:08:8a:e8:06:ea:6f:a7:ee:78:3f:05:74:66:
         23:e9:6e:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaN3dF2lXijXYA/8Vpe/NEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjM3M2JmOGU0NzcyNzc1ZTdjOGZjNWZiZDMyOWNkZWU0
NGEzMmMwHhcNMjUwNTAxMjIwMDQ2WhcNMjUwNTAyMjIwMDQ2WjAzMTEwLwYDVQQD
EyhkODg0YTMwMzk5ZjU0NjEyOGFiOWIyZTBlZDA4OTkyZmE4ZWMzN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOLtPi3290+DoXPtEtSmeeEz0S1v
kA0SbKXQMFEfwM8Zp///bANAwaYsc8Wtuwr9Mbo0efdwL2/fe7Vig0z+xhEzp1HI
cm1SqcaZ+Ap3o6KP4jAqrIANDb4OYzbuPgWG5nbYwN9chesmXCyhwiYe4Ul09nfB
I+P/416rVvEhBWv0+p3LaiEA3jqmC3LbDX6WS2jIrJGXeoIiQbr0+PAxKk78WyXP
xgrgbwqB11KttU7NAaEXqTAXbQfU8urJTWu3ditVI4697d1yA6xfSaWrb6EgacbG
gHk0M9RxmLGv+oSKYhTHFJea2XzaDsubMKXnII0gv4gpaL/LMVuxjbc6UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiEowOZ9UYSirmy4O0ImS+o7DfRMB8GA1UdIwQY
MBaAFKCzc7+OR3J3XnyPxfvTKc3uRKMsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMt
ZWU1NTg1YWUxM2I3LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMtZWU1NTg1YWUxM2I3
LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn/Swl+b6
kn6QLjR8dvaxxFEmHr+CCmkAx0V8xM/IHJX6GrfbZsDnfHbF65GUXaOIglPrNBdJ
tzgmH5doNFrMI6FZj5HGZboQcw8UaF6hRqCtQr/foozPmor2aysh1KtuEjtRvGSU
gLujVKeN3k7I7rvX/WNewNlEvxkYkuF5o/eD4n+QQ0zfB9eMi9D/E9IYKAOntaAl
oifPqCt+tfYL3AM6ZQWEiwRTHkqlE0Twab+vs2rs3hCH3Uvt6csUjPMOYWe1Lprk
Z16AMGZL4aoSomlhxbVbjL1txxIyYxxAyZCmznURz1oMMnKjsfcnoQ8IiugG6m+n
7ng/BXRmI+luSQ==
-----END CERTIFICATE-----