Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          spvz7bzwDXTsOVv/TUkn9baxbhtUtc76jpkRvQfxWyw=
Subject key identifier:   3E:12:06:69:77:05:1A:58:D9:51:AB:D0:AF:50:AF:4C:79:C0:77:8B
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       0197B7451AB7CD575E3EAE2B0329A64E6401
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          0E5C
Signing time:             Sat 28 Jun 2025 16:00:48 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:48 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:48 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: hlFeDvAor/ZeAZ0iR24aizPsNFirAN0OQUgsusA5/zc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:1a:b7:cd:57:5e:3e:ae:2b:03:29:a6:4e:64:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Jun 28 16:00:48 2025 GMT
            Not After : Jun 29 16:00:48 2025 GMT
        Subject: CN=3e12066977051a58d951abd0af50af4c79c0778b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:f1:fc:4a:ed:90:c3:57:0d:b4:34:33:fe:32:
                    9d:62:c5:f0:49:42:a3:9e:8d:eb:6a:91:29:72:c7:
                    47:e0:9f:4f:4a:57:04:81:33:c5:0b:9f:d3:d9:97:
                    44:bf:f9:48:25:1b:bc:03:a1:2c:a6:a3:00:2a:7d:
                    07:24:8e:07:91:59:bf:8a:66:74:db:9e:60:d5:02:
                    f2:ff:45:2b:a4:aa:06:06:0b:be:a8:5d:f0:e1:f6:
                    3f:80:f2:24:31:6c:6c:72:e2:b1:a6:06:f9:ff:43:
                    a1:b6:3f:01:98:2d:0a:cd:e0:05:66:92:70:af:75:
                    56:37:32:8e:d3:c7:36:86:6c:54:9a:28:52:f3:b8:
                    01:4f:c6:e6:70:22:13:7e:8a:5d:0d:e7:a4:27:22:
                    bc:3d:95:70:32:29:e7:57:8f:d3:41:b3:23:71:c0:
                    30:01:9d:93:4e:f0:ab:54:e3:0e:58:a9:22:8a:aa:
                    eb:ba:96:6c:18:61:6a:c4:dc:c2:c3:fe:63:0b:18:
                    b6:98:7f:2c:9b:da:9a:2f:8a:d9:82:51:a7:0d:4a:
                    b1:32:dc:df:ca:2d:ce:9a:f0:83:01:30:ae:9a:41:
                    97:74:4f:40:ab:ad:fd:b9:af:9f:32:22:85:53:e5:
                    47:72:e2:35:d9:ce:d0:08:d9:89:4b:df:0e:95:6e:
                    aa:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:12:06:69:77:05:1A:58:D9:51:AB:D0:AF:50:AF:4C:79:C0:77:8B
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:c5:d0:f8:cd:8c:bc:59:4b:98:32:02:b2:a9:e8:2f:e5:a5:
         7a:57:3c:98:60:e3:40:49:71:ce:59:8b:9b:33:14:e2:0d:9d:
         c4:1a:57:17:b0:82:60:34:d9:53:a7:d9:c0:e3:b2:dd:79:ea:
         d3:2d:fb:ec:7d:62:95:f0:da:36:b1:47:96:3f:a0:0e:54:6a:
         cc:ca:ae:c1:8a:72:e7:99:b5:e8:72:d6:0a:bf:3e:dc:fd:da:
         58:5c:9b:5b:35:f4:b9:bd:d6:6b:35:69:51:0a:16:69:21:ba:
         0c:27:37:5b:08:d9:0d:0b:f2:7d:f7:97:a5:7b:62:dc:cc:d8:
         6d:d7:4e:8d:4d:49:8a:e6:5c:77:4d:ad:9e:c9:be:13:dc:26:
         43:6b:57:8c:35:47:73:56:47:06:be:42:f7:5b:25:92:e2:bf:
         4d:f3:a1:bd:42:7d:1f:90:98:56:bf:82:12:5e:6d:24:ec:25:
         9d:63:53:d2:ac:e6:a1:15:6a:3a:52:8a:66:76:38:35:00:fe:
         f2:6d:eb:b2:8a:17:15:b2:4d:24:32:3b:b3:91:9d:f6:80:43:
         d8:26:71:1c:df:c5:49:59:fd:75:78:52:b4:13:11:ca:ee:91:
         11:4b:1c:75:09:af:a8:20:8e:92:fb:16:ec:83:ca:f5:70:eb:
         85:29:f0:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RRq3zVdePq4rAymmTmQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUwNjI4MTYwMDQ4WhcNMjUwNjI5MTYwMDQ4WjAzMTEwLwYDVQQD
EygzZTEyMDY2OTc3MDUxYTU4ZDk1MWFiZDBhZjUwYWY0Yzc5YzA3NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PH8Su2Qw1cNtDQz/jKdYsXwSUKj
no3rapEpcsdH4J9PSlcEgTPFC5/T2ZdEv/lIJRu8A6EspqMAKn0HJI4HkVm/imZ0
255g1QLy/0UrpKoGBgu+qF3w4fY/gPIkMWxscuKxpgb5/0Ohtj8BmC0KzeAFZpJw
r3VWNzKO08c2hmxUmihS87gBT8bmcCITfopdDeekJyK8PZVwMinnV4/TQbMjccAw
AZ2TTvCrVOMOWKkiiqrrupZsGGFqxNzCw/5jCxi2mH8sm9qaL4rZglGnDUqxMtzf
yi3OmvCDATCumkGXdE9Aq639ua+fMiKFU+VHcuI12c7QCNmJS98OlW6qBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4SBml3BRpY2VGr0K9Qr0x5wHeLMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbMXQ+M2M
vFlLmDICsqnoL+Wlelc8mGDjQElxzlmLmzMU4g2dxBpXF7CCYDTZU6fZwOOy3Xnq
0y377H1ilfDaNrFHlj+gDlRqzMquwYpy55m16HLWCr8+3P3aWFybWzX0ub3WazVp
UQoWaSG6DCc3WwjZDQvyffeXpXti3MzYbddOjU1JiuZcd02tnsm+E9wmQ2tXjDVH
c1ZHBr5C91slkuK/TfOhvUJ9H5CYVr+CEl5tJOwlnWNT0qzmoRVqOlKKZnY4NQD+
8m3rsooXFbJNJDI7s5Gd9oBD2CZxHN/FSVn9dXhStBMRyu6REUscdQmvqCCOkvsW
7IPK9XDrhSnwxQ==
-----END CERTIFICATE-----