Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
File:                     owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json)
Hash identifier:          B/fo2HSU2mbNZDPRt6Bo8ja4M6LG5mmZcIy3tWRKZVQ=
Subject key identifier:   AF:9F:87:91:34:77:86:46:72:68:C5:B5:48:E0:63:45:64:25:2E:DD
Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E
Certificate issuer:       /CN=a3055f07bd47a86478c3bf47392573acd53d636e
Certificate serial:       0196767A986E4520B731E2E3D63B17F125C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 09:01:07 +0000
Manifest this update:     Sun 27 Apr 2025 09:01:07 +0000
Manifest next update:     Mon 28 Apr 2025 09:01:07 +0000
Files and hashes:         1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: /U1lOZ95sXwgaR0Bm8BlVqCXpm3SCK/53mjUpF2BBZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:98:6e:45:20:b7:31:e2:e3:d6:3b:17:f1:25:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e
        Validity
            Not Before: Apr 27 09:01:07 2025 GMT
            Not After : Apr 28 09:01:07 2025 GMT
        Subject: CN=af9f8791347786467268c5b548e0634564252edd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8a:75:38:37:37:0a:e2:9c:ad:a7:f3:96:9a:
                    fc:b7:b4:86:f3:d8:a3:e8:a5:d2:39:5d:62:a2:bd:
                    a9:9c:72:20:d5:30:e5:a2:cb:8f:31:99:fa:aa:30:
                    fc:50:c6:13:e7:72:82:ee:1f:fd:03:70:1b:b5:29:
                    ec:6b:82:15:3d:ca:07:ed:7f:f5:62:41:2f:b9:f5:
                    59:a3:b2:b5:d8:4a:be:35:0c:ea:1c:ed:26:77:01:
                    e3:e5:d2:5b:bc:a7:15:2e:76:8d:c0:79:28:10:6b:
                    f8:5c:2c:79:1d:d6:e8:bc:12:32:33:e4:b9:10:33:
                    4f:ea:fd:ca:d6:68:93:81:a6:f9:22:b6:63:36:2a:
                    17:3d:80:68:b8:7c:df:f1:70:2d:67:88:e9:38:b4:
                    e9:36:30:e6:35:0e:c4:ad:43:d2:82:03:d5:ee:a1:
                    de:12:3d:60:43:57:51:34:57:33:3a:0d:2b:bb:2d:
                    39:38:03:76:66:f2:a6:0d:61:78:61:26:37:64:a4:
                    3a:20:71:52:d4:18:bc:42:17:a6:18:9d:cb:95:43:
                    1b:e3:5e:71:1f:62:10:9b:07:78:32:99:73:0b:f8:
                    e1:96:ca:18:72:b4:9f:38:32:bf:ef:2b:73:f1:30:
                    19:9a:39:63:3e:b3:0a:a6:c1:60:ef:4f:af:87:eb:
                    79:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:9F:87:91:34:77:86:46:72:68:C5:B5:48:E0:63:45:64:25:2E:DD
            X509v3 Authority Key Identifier:
                keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:66:5e:3e:43:2d:29:0b:0d:3e:c9:7e:ea:62:1c:53:42:d2:
         f2:cd:ea:68:40:28:9e:95:80:68:48:60:89:5e:f3:5b:8f:4d:
         da:a5:fb:e7:94:cd:fa:9e:a9:53:c9:1f:9d:f6:40:0c:de:db:
         90:73:2b:42:9c:fa:f6:a5:42:a6:8b:78:fe:bf:2d:db:b3:12:
         2f:34:6e:2e:8d:97:00:14:49:7b:f8:68:ed:32:17:62:fc:76:
         34:29:7b:b7:74:ac:4d:76:0f:82:d3:15:bb:e8:2b:69:81:53:
         8e:9a:85:6e:99:31:56:22:8d:f0:88:8b:12:d3:19:a7:3b:9e:
         e7:f9:94:43:9d:6e:d3:1e:3a:43:3f:76:a9:67:cd:d6:95:bf:
         c2:52:5b:b4:c8:f0:1f:3f:d2:49:9e:96:66:6c:40:08:90:94:
         91:9d:c6:76:14:f7:7b:fb:4a:44:82:6a:48:ab:72:31:6b:32:
         16:6a:29:e4:ce:12:20:15:cc:7e:e9:61:62:31:bb:07:fc:ad:
         73:61:54:65:39:70:93:8b:c1:b7:8b:a1:27:73:62:7d:a5:7c:
         25:8c:48:c0:f8:83:dd:7c:6e:cf:97:cc:5f:94:30:44:38:5b:
         f3:72:f2:25:67:97:4d:48:ee:13:67:70:32:07:05:fc:5f:68:
         75:2d:77:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2ephuRSC3MeLj1jsX8SXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz
ZDYzNmUwHhcNMjUwNDI3MDkwMTA3WhcNMjUwNDI4MDkwMTA3WjAzMTEwLwYDVQQD
EyhhZjlmODc5MTM0Nzc4NjQ2NzI2OGM1YjU0OGUwNjM0NTY0MjUyZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsop1ODc3CuKcrafzlpr8t7SG89ij
6KXSOV1ior2pnHIg1TDlosuPMZn6qjD8UMYT53KC7h/9A3AbtSnsa4IVPcoH7X/1
YkEvufVZo7K12Eq+NQzqHO0mdwHj5dJbvKcVLnaNwHkoEGv4XCx5HdbovBIyM+S5
EDNP6v3K1miTgab5IrZjNioXPYBouHzf8XAtZ4jpOLTpNjDmNQ7ErUPSggPV7qHe
Ej1gQ1dRNFczOg0ruy05OAN2ZvKmDWF4YSY3ZKQ6IHFS1Bi8QhemGJ3LlUMb415x
H2IQmwd4MplzC/jhlsoYcrSfODK/7ytz8TAZmjljPrMKpsFg70+vh+t5TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+fh5E0d4ZGcmjFtUjgY0VkJS7dMB8GA1UdIwQY
MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt
YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0
LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2ZePkMt
KQsNPsl+6mIcU0LS8s3qaEAonpWAaEhgiV7zW49N2qX755TN+p6pU8kfnfZADN7b
kHMrQpz69qVCpot4/r8t27MSLzRuLo2XABRJe/ho7TIXYvx2NCl7t3SsTXYPgtMV
u+graYFTjpqFbpkxViKN8IiLEtMZpzue5/mUQ51u0x46Qz92qWfN1pW/wlJbtMjw
Hz/SSZ6WZmxACJCUkZ3GdhT3e/tKRIJqSKtyMWsyFmop5M4SIBXMfulhYjG7B/yt
c2FUZTlwk4vBt4uhJ3NifaV8JYxIwPiD3Xxuz5fMX5QwRDhb83LyJWeXTUjuE2dw
MgcF/F9odS136A==
-----END CERTIFICATE-----