Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          ajOHRSUYGPYLiJvoYxoxS6KJUAWzD6sPax9eyTn98oA=
Subject key identifier:   AD:9F:80:75:B7:32:41:7E:BC:B8:C9:F1:08:AF:5E:05:2D:B7:E0:58
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       0196BB926AF85C6C15F0A7444A97FC7F466F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          0486
Signing time:             Sat 10 May 2025 19:00:57 +0000
Manifest this update:     Sat 10 May 2025 19:00:57 +0000
Manifest next update:     Sun 11 May 2025 19:00:57 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: fPbKNR+fCG9+wI1Ztmu3Ewxc6CqJQwYklfh8HG/QinA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:6a:f8:5c:6c:15:f0:a7:44:4a:97:fc:7f:46:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: May 10 19:00:57 2025 GMT
            Not After : May 11 19:00:57 2025 GMT
        Subject: CN=ad9f8075b732417ebcb8c9f108af5e052db7e058
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:eb:50:fa:24:b0:91:9c:7a:3a:50:c9:83:40:
                    e6:f5:e7:1e:f1:3a:93:05:b7:35:59:3f:6b:6d:ef:
                    89:ee:df:00:dc:5e:39:de:b4:00:63:3d:8b:50:b5:
                    ef:8e:8b:63:e5:f7:6c:a6:da:8b:ca:9d:a9:78:57:
                    95:e2:14:81:95:d7:0c:71:cf:f5:fe:dd:16:a1:d9:
                    6a:a4:0c:75:8a:1e:9a:85:1f:25:0d:81:f1:4a:f6:
                    6d:23:f8:df:b3:3b:71:7b:1d:83:35:1d:03:df:28:
                    8f:b2:14:7f:5c:ec:e8:13:6e:11:40:6d:8e:60:1a:
                    62:68:88:0b:18:f2:f9:37:6b:6c:ca:88:6c:c5:08:
                    78:a6:8b:55:fb:59:e2:7e:40:af:29:93:3a:5a:8c:
                    ad:ce:8c:e3:a2:1d:f0:28:c9:dd:8d:29:93:ee:f3:
                    a1:18:28:6a:00:71:c1:6b:b9:90:04:19:a9:a4:60:
                    0a:07:d1:cc:3b:28:95:3f:a2:d3:6e:4a:92:45:67:
                    7c:9a:b9:54:c9:b1:81:7b:21:70:ee:47:42:5b:af:
                    e2:4b:2c:fa:28:7c:ec:1b:8c:53:f6:ba:bb:3d:ba:
                    b4:3f:c5:f6:e4:1c:cf:c8:a9:9a:3b:2f:7b:b5:86:
                    97:40:cc:a4:b2:44:65:74:72:8a:15:e8:55:d2:5a:
                    c1:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:9F:80:75:B7:32:41:7E:BC:B8:C9:F1:08:AF:5E:05:2D:B7:E0:58
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:38:0e:7c:1a:8d:7a:d3:19:93:6f:e9:50:6f:0d:cc:d2:56:
         bf:a3:00:28:b9:b7:b7:81:e8:b9:a3:8f:01:47:61:8f:11:e7:
         f4:d0:55:cf:e7:e1:1b:a8:f6:f9:51:5b:88:cb:5e:c8:f6:7a:
         5b:f9:cf:17:a4:dc:1b:e2:d7:2d:8d:a5:58:08:2a:58:fe:56:
         7c:86:67:de:73:2d:cc:1a:e7:c6:4f:39:f0:2b:2e:c6:6e:6b:
         48:fa:8c:40:cb:0c:82:6a:7f:ba:a6:9b:38:2d:ed:c6:ca:3f:
         9d:c0:19:e7:3e:d7:08:54:bf:77:34:77:44:72:bb:3f:06:83:
         48:c7:10:78:da:f9:4b:5d:b8:61:95:9a:fa:94:5f:32:5b:75:
         f7:51:31:07:2f:63:cc:5d:7f:55:33:b8:f0:fe:ac:00:20:e0:
         6b:51:43:d9:6f:fc:c2:13:e7:2e:7d:b1:6c:7c:58:cf:65:a8:
         e8:b2:27:a1:25:77:a2:7f:e2:72:de:9b:74:90:8d:d8:2d:f1:
         4a:25:1b:9d:2f:14:92:9f:99:d6:0b:27:d3:1e:4d:f1:81:e7:
         bf:a4:f4:5e:ee:c9:5a:97:2a:fd:93:80:38:a5:85:09:37:de:
         e0:35:a7:06:81:ad:5e:63:67:37:e3:d5:cd:29:7a:a6:52:a7:
         bb:38:69:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kmr4XGwV8KdESpf8f0ZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwNTEwMTkwMDU3WhcNMjUwNTExMTkwMDU3WjAzMTEwLwYDVQQD
EyhhZDlmODA3NWI3MzI0MTdlYmNiOGM5ZjEwOGFmNWUwNTJkYjdlMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+tQ+iSwkZx6OlDJg0Dm9ece8TqT
Bbc1WT9rbe+J7t8A3F453rQAYz2LULXvjotj5fdsptqLyp2peFeV4hSBldcMcc/1
/t0WodlqpAx1ih6ahR8lDYHxSvZtI/jfsztxex2DNR0D3yiPshR/XOzoE24RQG2O
YBpiaIgLGPL5N2tsyohsxQh4potV+1nifkCvKZM6Woytzozjoh3wKMndjSmT7vOh
GChqAHHBa7mQBBmppGAKB9HMOyiVP6LTbkqSRWd8mrlUybGBeyFw7kdCW6/iSyz6
KHzsG4xT9rq7Pbq0P8X25BzPyKmaOy97tYaXQMykskRldHKKFehV0lrBmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2fgHW3MkF+vLjJ8QivXgUtt+BYMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjgOfBqN
etMZk2/pUG8NzNJWv6MAKLm3t4HouaOPAUdhjxHn9NBVz+fhG6j2+VFbiMteyPZ6
W/nPF6TcG+LXLY2lWAgqWP5WfIZn3nMtzBrnxk858Csuxm5rSPqMQMsMgmp/uqab
OC3txso/ncAZ5z7XCFS/dzR3RHK7PwaDSMcQeNr5S124YZWa+pRfMlt191ExBy9j
zF1/VTO48P6sACDga1FD2W/8whPnLn2xbHxYz2Wo6LInoSV3on/ict6bdJCN2C3x
SiUbnS8Ukp+Z1gsn0x5N8YHnv6T0Xu7JWpcq/ZOAOKWFCTfe4DWnBoGtXmNnN+PV
zSl6plKnuzhpwA==
-----END CERTIFICATE-----