Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          nTAKVBp/QjbEjiSrBs9YImYwifT/SY/cjuTIUjUb1U8=
Subject key identifier:   7F:CA:22:CD:9D:12:C1:53:6F:AC:D2:55:F6:3E:35:B5:D8:59:56:3D
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       01969D87CD83FCB550F13A45356CF0742AA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0420
Signing time:             Sun 04 May 2025 23:00:44 +0000
Manifest this update:     Sun 04 May 2025 23:00:44 +0000
Manifest next update:     Mon 05 May 2025 23:00:44 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: jVc1kdNoe6AvbDPftrCkmMIQZRIqX8bDcTh9uqi9PDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:87:cd:83:fc:b5:50:f1:3a:45:35:6c:f0:74:2a:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: May  4 23:00:44 2025 GMT
            Not After : May  5 23:00:44 2025 GMT
        Subject: CN=7fca22cd9d12c1536facd255f63e35b5d859563d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:7d:23:74:56:70:a4:2e:93:5b:45:2a:f0:18:
                    1a:3a:75:34:96:bf:d4:31:54:d3:62:62:65:b3:79:
                    48:68:80:02:0f:2f:0d:ed:11:fa:64:9b:42:b9:23:
                    ec:04:79:3b:27:fb:2a:51:ab:05:22:a5:c4:d9:d4:
                    20:7c:0b:f1:34:be:69:6e:87:4b:e9:96:4b:c7:8c:
                    9e:c6:78:d9:f0:a8:08:7c:a5:5d:60:de:04:62:0a:
                    ca:e7:3d:ad:42:ef:e7:ba:96:0f:5d:66:49:0a:d7:
                    08:38:87:64:f9:4e:86:1a:54:99:8c:a7:53:42:ae:
                    f5:37:37:2e:95:d1:99:c7:dd:34:b5:bd:1e:76:8e:
                    a6:90:c5:a8:21:46:17:11:c0:e9:f4:7c:03:1c:53:
                    05:ef:a4:52:d1:e4:16:5d:8c:6c:5d:08:34:3f:70:
                    8f:5e:46:16:02:d9:6f:e2:3c:cc:ee:2a:60:3f:30:
                    53:d3:54:8e:9e:d8:0f:2a:ae:ef:75:18:3b:13:d8:
                    26:89:bb:2a:07:dc:ae:b4:0b:69:8a:12:77:67:ee:
                    63:b6:45:18:be:22:52:ec:85:b1:76:59:72:03:97:
                    e7:76:1e:6a:9d:42:07:4a:4f:43:34:17:4b:58:9e:
                    e5:01:37:ad:39:ec:20:a2:ec:61:14:21:ab:da:02:
                    6f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:CA:22:CD:9D:12:C1:53:6F:AC:D2:55:F6:3E:35:B5:D8:59:56:3D
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:6e:29:e9:8a:1d:9d:67:d3:be:96:30:d8:16:9e:10:8d:60:
         8c:9b:a2:54:32:a9:b0:67:6c:23:0c:7d:2c:81:61:4c:31:45:
         fd:86:c5:7c:74:27:b5:64:4b:c9:0d:b6:e1:f5:15:c8:55:1e:
         8b:79:1d:8c:53:bf:5c:bb:3d:f6:6a:a9:8e:72:d6:c3:96:83:
         16:87:52:a9:78:1f:95:9f:7f:24:4d:ab:40:4a:a3:3c:c0:16:
         48:b3:fd:7e:33:c4:c1:8d:1a:36:98:da:7b:1d:4b:75:69:43:
         4f:c4:70:89:e9:ba:8e:15:a4:bd:3c:6c:c1:d9:83:1d:df:bb:
         d8:47:1d:c8:92:b7:73:b9:5f:21:73:83:33:fa:e0:7e:7c:c3:
         b7:2d:b4:31:15:f0:f0:1f:3a:1f:3f:17:13:67:8e:4c:44:b6:
         76:ff:5e:7d:5c:bb:fd:a3:87:84:09:75:7b:8f:d3:e3:c7:7c:
         56:9d:27:28:2f:2f:5c:12:e4:5a:1b:1c:06:a9:5a:95:b8:c7:
         f5:c2:ff:d0:e2:c8:96:3e:cf:7e:61:cf:8b:0e:26:97:df:8f:
         d0:a3:a7:8c:69:2b:19:a3:b0:c8:a0:09:08:72:da:af:f3:47:
         11:65:d4:c2:4e:ab:de:4c:e4:a3:76:15:7b:81:a6:a0:06:c7:
         a9:94:db:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadh82D/LVQ8TpFNWzwdCqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwNTA0MjMwMDQ0WhcNMjUwNTA1MjMwMDQ0WjAzMTEwLwYDVQQD
Eyg3ZmNhMjJjZDlkMTJjMTUzNmZhY2QyNTVmNjNlMzViNWQ4NTk1NjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n0jdFZwpC6TW0Uq8BgaOnU0lr/U
MVTTYmJls3lIaIACDy8N7RH6ZJtCuSPsBHk7J/sqUasFIqXE2dQgfAvxNL5pbodL
6ZZLx4yexnjZ8KgIfKVdYN4EYgrK5z2tQu/nupYPXWZJCtcIOIdk+U6GGlSZjKdT
Qq71NzculdGZx900tb0edo6mkMWoIUYXEcDp9HwDHFMF76RS0eQWXYxsXQg0P3CP
XkYWAtlv4jzM7ipgPzBT01SOntgPKq7vdRg7E9gmibsqB9yutAtpihJ3Z+5jtkUY
viJS7IWxdllyA5fndh5qnUIHSk9DNBdLWJ7lATetOewgouxhFCGr2gJvHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/KIs2dEsFTb6zSVfY+NbXYWVY9MB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ24p6Yod
nWfTvpYw2BaeEI1gjJuiVDKpsGdsIwx9LIFhTDFF/YbFfHQntWRLyQ224fUVyFUe
i3kdjFO/XLs99mqpjnLWw5aDFodSqXgflZ9/JE2rQEqjPMAWSLP9fjPEwY0aNpja
ex1LdWlDT8Rwiem6jhWkvTxswdmDHd+72EcdyJK3c7lfIXODM/rgfnzDty20MRXw
8B86Hz8XE2eOTES2dv9efVy7/aOHhAl1e4/T48d8Vp0nKC8vXBLkWhscBqlalbjH
9cL/0OLIlj7PfmHPiw4ml9+P0KOnjGkrGaOwyKAJCHLar/NHEWXUwk6r3kzko3YV
e4GmoAbHqZTbcw==
-----END CERTIFICATE-----