Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          Px2zZ0xjKCpVu+Rddfsh+xve7lPLWlm5FkKv7S0jkLw=
Subject key identifier:   9E:50:94:8F:C5:BB:DF:54:D2:76:9E:DD:5A:29:98:DC:B7:C6:DF:57
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       01969CAC3D91340B5FF3B1039CF3D65D8DB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          0DC7
Signing time:             Sun 04 May 2025 19:00:55 +0000
Manifest this update:     Sun 04 May 2025 19:00:55 +0000
Manifest next update:     Mon 05 May 2025 19:00:55 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: 5TBlym6TMKFu+DghcaxlmHoPBY7QFnhLFrlA8D/gGm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 19:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9c:ac:3d:91:34:0b:5f:f3:b1:03:9c:f3:d6:5d:8d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: May  4 19:00:55 2025 GMT
            Not After : May  5 19:00:55 2025 GMT
        Subject: CN=9e50948fc5bbdf54d2769edd5a2998dcb7c6df57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:fd:da:70:b4:40:b9:13:b9:56:87:12:92:85:
                    65:2c:b7:74:7f:4a:d3:be:6c:d1:8a:86:02:cf:e0:
                    a4:39:cf:dc:09:65:b6:61:99:2e:09:56:f1:e0:aa:
                    62:13:0d:c0:80:7d:77:67:74:4b:0f:68:11:e5:4f:
                    a7:86:4e:5e:f5:18:78:5d:c9:94:fc:9a:67:d8:4d:
                    2c:46:98:d8:49:40:47:19:64:5e:e1:b1:04:fb:25:
                    ca:aa:99:18:62:ed:16:5a:99:db:5b:d2:ab:89:bb:
                    1e:f6:b7:c3:11:16:d6:37:85:d9:f7:2d:40:e2:34:
                    06:13:b0:90:90:93:8d:46:fa:12:81:64:98:04:18:
                    47:81:4c:c9:77:a5:d7:a3:dc:44:db:02:05:6e:17:
                    7a:88:0d:db:b0:11:6d:31:52:cd:0f:bd:22:f9:3c:
                    f3:fc:b9:71:61:3a:24:2a:9f:aa:3e:9e:d5:5a:b2:
                    5e:fb:68:a5:7c:14:0b:7d:dd:73:34:12:ad:5d:04:
                    bd:19:ef:fa:73:c8:df:bf:dc:4d:3b:4c:ea:fc:92:
                    1a:83:d1:a8:54:88:07:b5:0b:14:a6:83:c7:d5:38:
                    74:58:67:3d:e5:4b:b6:71:ff:78:09:03:a7:82:6a:
                    b9:6f:7f:45:83:50:52:f9:46:a3:a6:c3:18:af:8d:
                    9e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:50:94:8F:C5:BB:DF:54:D2:76:9E:DD:5A:29:98:DC:B7:C6:DF:57
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:17:9e:4c:9b:56:46:a8:c9:34:73:79:2d:d4:a6:93:d2:2f:
         45:62:b7:9f:50:da:f4:8c:4e:0e:54:18:c1:95:86:5e:8f:de:
         a8:a8:9d:c0:33:e2:41:85:cb:a1:d9:8f:69:15:70:1f:4a:d4:
         ff:1a:b2:e8:28:66:2b:35:1a:e4:f9:83:56:98:69:df:8d:3d:
         f5:4a:04:55:a2:15:25:c0:ea:ff:72:ab:43:b1:0b:27:2c:98:
         48:1a:94:3a:97:1f:72:0b:7b:4f:88:31:41:68:50:3e:42:d4:
         19:19:9d:34:3c:4b:10:d4:6a:8c:d9:09:21:eb:2d:c2:d0:a7:
         28:ee:00:69:89:86:c2:fc:2d:a7:e8:0e:0b:a0:bf:ee:85:9c:
         bd:83:80:78:f6:85:8f:06:a3:4d:d2:aa:47:2a:bf:7f:9f:50:
         98:dc:34:a6:7f:dc:5d:52:98:db:60:ff:7d:cf:75:79:89:b8:
         93:de:fc:ce:4e:f8:b4:2b:20:3c:c3:bf:12:d4:f1:f5:f3:83:
         26:8c:6a:db:19:a4:fc:78:2d:60:27:4c:cb:db:70:24:34:86:
         ae:c1:27:4c:9c:0b:68:6d:16:21:d0:d6:1e:3a:70:42:f5:66:
         fb:56:10:d4:67:cf:1a:8c:4a:48:6d:88:0b:46:41:0f:d3:e7:
         b2:eb:7f:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZacrD2RNAtf87EDnPPWXY2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjUwNTA0MTkwMDU1WhcNMjUwNTA1MTkwMDU1WjAzMTEwLwYDVQQD
Eyg5ZTUwOTQ4ZmM1YmJkZjU0ZDI3NjllZGQ1YTI5OThkY2I3YzZkZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP3acLRAuRO5VocSkoVlLLd0f0rT
vmzRioYCz+CkOc/cCWW2YZkuCVbx4KpiEw3AgH13Z3RLD2gR5U+nhk5e9Rh4XcmU
/Jpn2E0sRpjYSUBHGWRe4bEE+yXKqpkYYu0WWpnbW9Kribse9rfDERbWN4XZ9y1A
4jQGE7CQkJONRvoSgWSYBBhHgUzJd6XXo9xE2wIFbhd6iA3bsBFtMVLND70i+Tzz
/LlxYTokKp+qPp7VWrJe+2ilfBQLfd1zNBKtXQS9Ge/6c8jfv9xNO0zq/JIag9Go
VIgHtQsUpoPH1Th0WGc95Uu2cf94CQOngmq5b39Fg1BS+UajpsMYr42exQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5QlI/Fu99U0nae3VopmNy3xt9XMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABxeeTJtW
RqjJNHN5LdSmk9IvRWK3n1Da9IxODlQYwZWGXo/eqKidwDPiQYXLodmPaRVwH0rU
/xqy6ChmKzUa5PmDVphp34099UoEVaIVJcDq/3KrQ7ELJyyYSBqUOpcfcgt7T4gx
QWhQPkLUGRmdNDxLENRqjNkJIestwtCnKO4AaYmGwvwtp+gOC6C/7oWcvYOAePaF
jwajTdKqRyq/f59QmNw0pn/cXVKY22D/fc91eYm4k978zk74tCsgPMO/EtTx9fOD
Joxq2xmk/HgtYCdMy9twJDSGrsEnTJwLaG0WIdDWHjpwQvVm+1YQ1GfPGoxKSG2I
C0ZBD9Pnsut/6w==
-----END CERTIFICATE-----