Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
File:                     OUjkpbK65iNUmZE9y-wE38pTHpA.mft (raw, json)
Hash identifier:          RuCQPOjQhqJkRfCHR/pXUuBufmVGuRf6ehUZXuz3mCI=
Subject key identifier:   BD:EB:13:1B:E9:FC:AB:05:17:3C:8F:CD:4E:F3:CD:36:0F:41:74:AE
Authority key identifier: 39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90
Certificate issuer:       /CN=3948e4a5b2bae6235499913dcbec04dfca531e90
Certificate serial:       0196CF869BFD0340435ABE69BC01A1B45158
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
Manifest number:          140F
Signing time:             Wed 14 May 2025 16:00:27 +0000
Manifest this update:     Wed 14 May 2025 16:00:27 +0000
Manifest next update:     Thu 15 May 2025 16:00:27 +0000
Files and hashes:         1: OUjkpbK65iNUmZE9y-wE38pTHpA.crl (hash: XpLSeu75qa3W5FhZgXWHBXT5cwlbrrjXzLfwrLUYU+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 14:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cf:86:9b:fd:03:40:43:5a:be:69:bc:01:a1:b4:51:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3948e4a5b2bae6235499913dcbec04dfca531e90
        Validity
            Not Before: May 14 16:00:27 2025 GMT
            Not After : May 15 16:00:27 2025 GMT
        Subject: CN=bdeb131be9fcab05173c8fcd4ef3cd360f4174ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:88:b7:49:89:7a:5f:a5:6e:4e:bb:d8:5e:1c:
                    fa:24:6d:6d:f1:58:d3:95:ce:91:21:92:aa:78:8a:
                    e1:f0:28:28:a8:63:2c:6f:70:aa:82:1e:be:0f:f0:
                    e7:d1:6f:5d:1a:4a:ca:05:62:d3:b5:22:e6:8f:23:
                    6c:45:4f:f9:50:17:55:f2:c2:cd:fa:2f:ca:be:6c:
                    6f:c6:70:62:55:60:fe:3b:3e:f1:85:9f:33:a5:93:
                    57:81:7e:f0:23:91:14:48:53:8c:4e:cc:61:3c:4a:
                    c1:f4:79:42:cb:66:e4:3b:e5:02:d5:34:4c:9a:c2:
                    ea:13:d5:36:21:14:44:d1:28:0b:41:a9:30:98:de:
                    2e:39:bc:b6:32:80:0b:1b:58:64:f2:38:80:ec:38:
                    75:89:66:ef:da:2d:08:d4:df:36:44:56:2c:97:c7:
                    7d:03:fe:56:1f:ad:97:4a:0d:bf:ba:2e:de:c3:19:
                    7c:6f:8a:57:63:70:9b:c8:2d:0e:94:d0:94:4d:28:
                    6a:1b:fe:ba:b9:24:14:d9:56:f1:97:c2:76:ee:bc:
                    8b:d2:50:9e:fb:94:71:35:25:dd:8c:90:62:82:1d:
                    6d:34:51:27:78:7a:b2:10:24:72:5d:39:d1:05:79:
                    13:c3:ba:92:e8:9f:62:dc:24:0e:53:49:ec:3a:82:
                    e5:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:EB:13:1B:E9:FC:AB:05:17:3C:8F:CD:4E:F3:CD:36:0F:41:74:AE
            X509v3 Authority Key Identifier:
                keyid:39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:77:22:37:64:5f:4d:7a:c0:14:99:9d:be:5e:4e:85:43:e2:
         2e:d6:dd:23:54:cd:ec:20:95:2a:ab:c7:78:31:92:53:e6:82:
         04:c2:fa:dc:23:c8:8e:70:e0:f8:a7:7e:e0:e4:7f:15:e8:da:
         10:5f:87:23:9f:a8:d3:7c:8b:c8:fc:7b:2f:ce:87:fa:c5:7b:
         7f:77:47:fa:df:a1:f5:b1:fd:39:d5:b4:db:f0:33:83:92:a7:
         1f:34:07:c1:68:32:9f:09:87:a6:7e:69:e9:2e:56:e1:53:a8:
         63:fe:26:a1:96:f4:cd:07:d8:80:eb:04:d5:a4:e1:25:d5:9e:
         2a:04:5b:1f:74:08:94:14:90:d4:52:2b:fc:f4:d5:cd:ff:b8:
         31:a1:19:04:a1:df:6f:19:b1:d3:b3:c6:d3:0d:e2:52:9c:e3:
         cf:58:9b:1c:a3:b4:65:8c:10:5b:2c:16:69:d4:01:8a:85:7e:
         f1:df:56:0c:36:07:89:ae:c4:28:36:b3:b3:81:ad:ca:a9:3a:
         2e:fb:fd:bf:0b:0e:bc:e9:32:4a:bd:a9:e0:92:a9:b3:1e:4e:
         b5:05:ff:7b:e9:b2:17:52:1b:4b:ae:43:ec:43:ea:b9:70:f2:
         e2:aa:66:30:b4:cd:c1:a3:48:38:6c:f8:74:a7:b7:c8:73:44:
         92:db:c4:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbPhpv9A0BDWr5pvAGhtFFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDhlNGE1YjJiYWU2MjM1NDk5OTEzZGNiZWMwNGRmY2E1
MzFlOTAwHhcNMjUwNTE0MTYwMDI3WhcNMjUwNTE1MTYwMDI3WjAzMTEwLwYDVQQD
EyhiZGViMTMxYmU5ZmNhYjA1MTczYzhmY2Q0ZWYzY2QzNjBmNDE3NGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoi3SYl6X6VuTrvYXhz6JG1t8VjT
lc6RIZKqeIrh8CgoqGMsb3Cqgh6+D/Dn0W9dGkrKBWLTtSLmjyNsRU/5UBdV8sLN
+i/KvmxvxnBiVWD+Oz7xhZ8zpZNXgX7wI5EUSFOMTsxhPErB9HlCy2bkO+UC1TRM
msLqE9U2IRRE0SgLQakwmN4uOby2MoALG1hk8jiA7Dh1iWbv2i0I1N82RFYsl8d9
A/5WH62XSg2/ui7ewxl8b4pXY3CbyC0OlNCUTShqG/66uSQU2Vbxl8J27ryL0lCe
+5RxNSXdjJBigh1tNFEneHqyECRyXTnRBXkTw7qS6J9i3CQOU0nsOoLlgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3rExvp/KsFFzyPzU7zzTYPQXSuMB8GA1UdIwQY
MBaAFDlI5KWyuuYjVJmRPcvsBN/KUx6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUt
ZjY1MGU1MDdhNzZkLzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUtZjY1MGU1MDdhNzZk
LzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnciN2Rf
TXrAFJmdvl5OhUPiLtbdI1TN7CCVKqvHeDGSU+aCBML63CPIjnDg+Kd+4OR/Feja
EF+HI5+o03yLyPx7L86H+sV7f3dH+t+h9bH9OdW02/Azg5KnHzQHwWgynwmHpn5p
6S5W4VOoY/4moZb0zQfYgOsE1aThJdWeKgRbH3QIlBSQ1FIr/PTVzf+4MaEZBKHf
bxmx07PG0w3iUpzjz1ibHKO0ZYwQWywWadQBioV+8d9WDDYHia7EKDazs4Gtyqk6
Lvv9vwsOvOkySr2p4JKpsx5OtQX/e+myF1IbS65D7EPquXDy4qpmMLTNwaNIOGz4
dKe3yHNEktvECA==
-----END CERTIFICATE-----