Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          x5zuVe+6orcYL76L9kof8La7riGId5ZlXthcf9e7xnc=
Subject key identifier:   F0:B4:AB:4F:68:76:63:ED:E0:2A:EA:E0:80:36:EE:C6:36:A5:95:4B
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       0196A6F85841F5B3D06DCF484D439D32257F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          0DCF
Signing time:             Tue 06 May 2025 19:00:15 +0000
Manifest this update:     Tue 06 May 2025 19:00:15 +0000
Manifest next update:     Wed 07 May 2025 19:00:15 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: Jb3ylqJizPKIhlPeGSxKY0gNFLR0/JjX0scG8bS80u4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 16:14:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a6:f8:58:41:f5:b3:d0:6d:cf:48:4d:43:9d:32:25:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: May  6 19:00:15 2025 GMT
            Not After : May  7 19:00:15 2025 GMT
        Subject: CN=f0b4ab4f687663ede02aeae08036eec636a5954b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:82:32:4a:94:56:1c:3e:80:7a:cf:31:7d:04:
                    b1:8d:b4:3e:32:08:3c:b9:8b:14:3e:eb:a3:10:c3:
                    47:d3:9b:55:77:df:d7:ab:5a:86:9d:e4:32:62:20:
                    86:8e:2c:ac:e7:8f:a4:40:18:4d:03:c7:86:a9:79:
                    1b:96:62:6e:7d:74:46:55:ea:55:75:49:f4:94:33:
                    ff:25:24:59:b2:19:0d:67:87:7a:86:5d:84:67:a8:
                    f4:2c:e8:c6:1c:5e:0c:a7:8b:9a:f3:3f:21:9c:a4:
                    76:63:d6:a6:67:cf:46:45:c6:c4:ba:d0:14:2c:40:
                    54:fb:f9:fe:22:9f:e9:31:ae:e3:d1:1a:eb:f8:d4:
                    89:95:ef:78:ce:c9:24:74:62:29:09:cd:52:16:18:
                    1d:9c:61:0f:e0:1b:fa:fa:a8:88:58:94:ea:5c:98:
                    b2:dc:2a:3c:45:d1:e6:ce:b9:66:32:8a:fc:07:ea:
                    c3:50:2d:0f:dd:81:71:c6:d3:92:c7:2d:f3:9b:f5:
                    ef:54:c4:b4:2d:13:ed:a6:50:2f:69:e2:dc:53:cb:
                    43:a7:00:cc:65:99:13:f9:f4:c3:d4:2c:4e:72:23:
                    29:41:bd:8e:e0:0d:61:de:4f:fe:5a:6e:9d:9a:5d:
                    fe:85:a4:13:c4:ae:81:cc:84:ee:ad:c2:84:65:85:
                    66:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B4:AB:4F:68:76:63:ED:E0:2A:EA:E0:80:36:EE:C6:36:A5:95:4B
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:e8:dc:19:80:7b:b6:3f:ae:2e:db:75:7d:f9:2f:06:15:f5:
         3c:0b:4c:3b:11:da:8f:59:de:a4:ac:5b:6c:b3:d0:15:64:14:
         f0:8a:a6:7d:c4:d5:e6:8f:c0:d6:37:ca:15:23:5c:fb:6e:1f:
         dd:0c:ee:db:ad:91:fe:5c:a0:d1:b2:e9:6e:44:9e:d3:fa:b6:
         86:70:62:73:5a:06:85:d9:83:95:d7:79:05:60:6c:f3:1a:48:
         c5:b2:14:78:f4:64:26:6d:3a:31:07:8c:4e:37:9e:04:f1:7b:
         5e:09:6d:22:71:36:59:4a:05:6e:01:64:e1:2c:09:4f:7d:e1:
         81:f2:b2:a8:9b:17:7c:16:5c:2f:9c:08:4e:b2:d6:9f:e9:e1:
         58:e9:58:40:44:54:5e:d6:32:70:3b:37:d7:30:b4:0c:71:9e:
         ff:81:51:f8:58:42:1b:d0:4f:21:31:d7:e8:b3:91:a4:ce:8a:
         81:04:48:89:dc:4a:90:ac:7b:d4:4f:62:77:12:c3:d3:2b:cb:
         a7:fd:1b:a3:5a:f3:2e:76:88:01:19:e2:80:04:a6:41:5d:cf:
         9b:e1:24:5f:a8:c7:00:ce:0a:8e:44:f6:37:2b:bc:66:ff:b7:
         63:bd:49:d9:2a:61:96:f0:f3:f7:12:bc:d9:b9:fa:40:80:2b:
         79:14:d5:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZam+FhB9bPQbc9ITUOdMiV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUwNTA2MTkwMDE1WhcNMjUwNTA3MTkwMDE1WjAzMTEwLwYDVQQD
EyhmMGI0YWI0ZjY4NzY2M2VkZTAyYWVhZTA4MDM2ZWVjNjM2YTU5NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYIySpRWHD6Aes8xfQSxjbQ+Mgg8
uYsUPuujEMNH05tVd9/Xq1qGneQyYiCGjiys54+kQBhNA8eGqXkblmJufXRGVepV
dUn0lDP/JSRZshkNZ4d6hl2EZ6j0LOjGHF4Mp4ua8z8hnKR2Y9amZ89GRcbEutAU
LEBU+/n+Ip/pMa7j0Rrr+NSJle94zskkdGIpCc1SFhgdnGEP4Bv6+qiIWJTqXJiy
3Co8RdHmzrlmMor8B+rDUC0P3YFxxtOSxy3zm/XvVMS0LRPtplAvaeLcU8tDpwDM
ZZkT+fTD1CxOciMpQb2O4A1h3k/+Wm6dml3+haQTxK6BzITurcKEZYVmkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPC0q09odmPt4Crq4IA27sY2pZVLMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARujcGYB7
tj+uLtt1ffkvBhX1PAtMOxHaj1nepKxbbLPQFWQU8IqmfcTV5o/A1jfKFSNc+24f
3Qzu262R/lyg0bLpbkSe0/q2hnBic1oGhdmDldd5BWBs8xpIxbIUePRkJm06MQeM
TjeeBPF7XgltInE2WUoFbgFk4SwJT33hgfKyqJsXfBZcL5wITrLWn+nhWOlYQERU
XtYycDs31zC0DHGe/4FR+FhCG9BPITHX6LORpM6KgQRIidxKkKx71E9idxLD0yvL
p/0bo1rzLnaIARnigASmQV3Pm+EkX6jHAM4KjkT2Nyu8Zv+3Y71J2SphlvDz9xK8
2bn6QIAreRTVhg==
-----END CERTIFICATE-----