Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          OjdT0sXmatwtoOqXLSEN49Rvni1C3YBO7wEwOca46oc=
Subject key identifier:   01:C7:11:17:3E:E0:F6:04:4D:C4:EF:84:1B:C3:74:58:80:CC:A5:7D
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       0196BC3723E633984591277245CC4D4BFB7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          017D
Signing time:             Sat 10 May 2025 22:00:52 +0000
Manifest this update:     Sat 10 May 2025 22:00:52 +0000
Manifest next update:     Sun 11 May 2025 22:00:52 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: YdTovAOvLKm2Yxs1nrT9pJgk3uTq2vQ7FGkCxWPF+Xk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:37:23:e6:33:98:45:91:27:72:45:cc:4d:4b:fb:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: May 10 22:00:52 2025 GMT
            Not After : May 11 22:00:52 2025 GMT
        Subject: CN=01c711173ee0f6044dc4ef841bc3745880cca57d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3e:77:cd:a8:71:84:dd:92:f9:1a:cf:37:48:
                    e7:1b:1c:b1:1d:ea:12:59:df:22:ee:9e:7c:af:0b:
                    96:a4:f6:c0:36:80:a2:20:a0:bb:36:3b:14:eb:0d:
                    4d:a0:02:18:0f:52:49:b2:87:2e:72:b2:0e:df:bc:
                    80:c6:26:3e:e8:8e:be:25:c8:55:59:5b:de:d8:fc:
                    a1:39:95:54:f2:3a:15:bf:ad:7c:35:8e:8e:90:b6:
                    b6:fc:3d:3e:02:32:d4:2d:4b:35:00:a0:97:62:e9:
                    30:4a:14:32:28:ea:8c:25:9c:a0:3e:f3:e5:55:49:
                    3b:32:2b:60:1e:08:e3:eb:f6:8e:51:0a:1e:4a:88:
                    e7:b1:eb:80:b3:69:db:87:cf:2c:a5:ea:ed:ad:0e:
                    29:51:2d:1e:86:f6:3c:6f:4b:12:9b:ef:7e:43:e1:
                    2e:9c:bb:c4:48:8b:d6:51:3a:51:b1:2f:45:71:aa:
                    a7:14:dc:0e:53:82:61:cb:3c:24:4d:7d:d0:29:c2:
                    43:02:76:c0:03:6b:51:34:c8:f1:80:db:44:b0:3a:
                    2a:b0:cb:ce:44:19:49:81:9c:75:78:1d:ff:85:1a:
                    40:5a:4e:16:57:1d:93:a1:73:6f:54:1b:78:0a:28:
                    d9:e0:87:28:8e:c2:f2:ed:c2:ef:68:22:c7:c2:80:
                    23:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:C7:11:17:3E:E0:F6:04:4D:C4:EF:84:1B:C3:74:58:80:CC:A5:7D
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:0d:fa:14:70:77:bc:dd:dd:09:b4:51:10:9b:50:2a:4c:48:
         39:9d:10:9a:fa:d4:f3:43:de:33:c3:2d:91:d4:7f:56:ff:5a:
         aa:65:cc:68:04:9a:3e:a4:c1:7b:82:4d:f2:85:f2:6c:57:8d:
         3e:38:34:ce:f2:ac:bb:c6:0a:49:5f:75:00:e6:00:79:b7:c3:
         32:13:e9:75:24:90:e9:e0:ee:cd:29:02:f1:42:7a:88:f9:42:
         32:e1:9d:8c:70:38:b7:3f:76:4c:f6:2e:94:da:ef:f7:f9:de:
         65:ea:80:ca:e3:fb:c1:f9:b3:07:d3:e9:04:9b:d2:15:d2:2a:
         a0:50:8b:a2:cc:40:c6:29:15:61:3d:7a:4a:3a:ab:10:49:5c:
         b3:9f:6d:ea:3e:d8:d9:0d:5d:57:1e:8e:9b:1b:b4:3c:80:f8:
         d6:2f:4a:45:a9:4b:8c:cc:32:98:8e:1a:76:ea:5f:5c:86:cf:
         63:e8:4c:5e:03:1b:b8:99:08:13:bc:1d:f0:e2:87:50:15:ea:
         97:a7:b4:1d:c8:85:c9:06:79:79:7c:6c:57:00:96:a3:df:9e:
         a3:0c:22:0d:62:ef:ba:ae:d4:8a:32:24:d8:18:c2:1c:56:01:
         a5:64:9d:1f:be:1a:9c:0f:01:cc:e3:0b:7a:ca:de:eb:ae:a1:
         b7:aa:8b:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8NyPmM5hFkSdyRcxNS/t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUwNTEwMjIwMDUyWhcNMjUwNTExMjIwMDUyWjAzMTEwLwYDVQQD
EygwMWM3MTExNzNlZTBmNjA0NGRjNGVmODQxYmMzNzQ1ODgwY2NhNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT53zahxhN2S+RrPN0jnGxyxHeoS
Wd8i7p58rwuWpPbANoCiIKC7NjsU6w1NoAIYD1JJsocucrIO37yAxiY+6I6+JchV
WVve2PyhOZVU8joVv618NY6OkLa2/D0+AjLULUs1AKCXYukwShQyKOqMJZygPvPl
VUk7MitgHgjj6/aOUQoeSojnseuAs2nbh88spertrQ4pUS0ehvY8b0sSm+9+Q+Eu
nLvESIvWUTpRsS9FcaqnFNwOU4JhyzwkTX3QKcJDAnbAA2tRNMjxgNtEsDoqsMvO
RBlJgZx1eB3/hRpAWk4WVx2ToXNvVBt4CijZ4IcojsLy7cLvaCLHwoAjnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHHERc+4PYETcTvhBvDdFiAzKV9MB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvg36FHB3
vN3dCbRREJtQKkxIOZ0QmvrU80PeM8MtkdR/Vv9aqmXMaASaPqTBe4JN8oXybFeN
Pjg0zvKsu8YKSV91AOYAebfDMhPpdSSQ6eDuzSkC8UJ6iPlCMuGdjHA4tz92TPYu
lNrv9/neZeqAyuP7wfmzB9PpBJvSFdIqoFCLosxAxikVYT16SjqrEElcs59t6j7Y
2Q1dVx6Omxu0PID41i9KRalLjMwymI4adupfXIbPY+hMXgMbuJkIE7wd8OKHUBXq
l6e0HciFyQZ5eXxsVwCWo9+eowwiDWLvuq7UijIk2BjCHFYBpWSdH74anA8BzOML
esre666ht6qLgA==
-----END CERTIFICATE-----