Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          xOK43m++2Nx1L10cqwS2zdZaEIgTuSpYlQaMipl5zzk=
Subject key identifier:   02:FA:F1:02:0E:F8:CE:39:B4:FD:F1:09:0F:95:A5:D4:22:BD:85:14
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       0197B745AE61E6BF780A8AB77FAD31CACB00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 16:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:26 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: 9ePEnuYzh9gHrXQi3DvlQhxkvJ6VeHSTYhPXz629HrQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:ae:61:e6:bf:78:0a:8a:b7:7f:ad:31:ca:cb:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Jun 28 16:01:26 2025 GMT
            Not After : Jun 29 16:01:26 2025 GMT
        Subject: CN=02faf1020ef8ce39b4fdf1090f95a5d422bd8514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:08:7e:31:5f:cd:ea:7a:e0:44:8c:54:48:67:
                    05:02:8e:0b:52:9d:8f:fa:c9:3a:50:5d:68:95:be:
                    7b:be:e2:d8:70:37:dd:de:ca:bd:0f:f9:91:f5:07:
                    96:c0:d9:e1:76:99:a5:67:00:79:e1:34:87:f7:05:
                    b8:ad:0b:17:3d:40:b7:9a:2c:6f:74:3b:62:3f:71:
                    e5:68:03:60:89:cb:85:a7:2c:9b:22:69:34:a9:26:
                    25:2c:b0:76:5b:66:71:c8:92:9e:73:68:45:0e:95:
                    3c:5f:5d:53:91:00:60:2a:90:88:60:be:1d:cf:43:
                    c1:d3:8e:1d:39:74:c9:fb:d7:d3:b2:d0:95:22:9b:
                    53:28:71:9d:60:20:f3:46:dc:35:7e:5e:25:4d:6d:
                    e8:7c:42:35:48:90:16:07:40:de:b2:f5:84:ed:2c:
                    f9:7a:6a:c8:e9:53:70:00:06:7d:41:fe:c6:af:05:
                    63:b0:28:35:ce:b1:e9:73:06:32:b7:29:9e:35:25:
                    ee:9e:fa:5c:62:dc:6a:d1:7b:6b:a2:42:90:61:64:
                    fa:44:81:05:b1:ee:d2:17:29:42:f2:84:97:d8:4d:
                    e9:80:4e:1d:c5:a5:f7:bd:c8:be:3d:3c:f0:da:46:
                    ac:45:16:1b:e7:33:fc:7f:1d:37:f3:31:69:07:1f:
                    3d:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:FA:F1:02:0E:F8:CE:39:B4:FD:F1:09:0F:95:A5:D4:22:BD:85:14
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:45:21:7e:c4:d9:fc:46:2b:e2:23:52:9f:8c:8a:70:bb:60:
         d6:99:93:af:c7:09:52:b4:eb:da:75:fd:41:da:28:65:61:90:
         f4:06:df:63:98:d4:64:4e:ae:24:2f:ce:da:e2:e6:b4:2a:60:
         cc:d6:eb:06:44:b5:00:1a:4d:9c:9b:cc:c1:89:ec:d5:14:22:
         b9:aa:34:c3:ae:a7:47:b8:55:e2:c3:3e:3d:46:22:89:51:a1:
         ca:03:b5:87:24:41:9b:c4:cd:74:8e:25:fb:66:ef:48:8a:d1:
         6b:96:fb:45:ee:8c:30:a2:38:f1:6d:2f:da:78:b8:48:e1:d7:
         c0:b2:93:6f:b0:20:28:2e:7b:cd:f7:f4:c9:a1:fd:ff:62:2a:
         0b:dd:0f:f5:e0:64:9d:84:1f:27:5a:f6:fd:2c:71:44:05:3a:
         95:e7:1f:1e:c6:1f:e4:74:06:76:e4:45:02:18:08:f6:4e:83:
         52:8b:d2:2e:d3:d7:58:b0:c8:0e:49:f9:b7:3f:74:48:c3:4a:
         a7:f6:2a:be:38:b0:26:f0:22:02:54:d4:aa:28:42:1b:0b:af:
         a6:35:61:08:93:c6:29:96:a6:3c:58:88:cb:07:74:7f:99:3e:
         ba:52:46:24:9b:96:51:ee:ce:97:41:fc:4a:c2:34:22:ff:00:
         06:67:eb:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Ra5h5r94Coq3f60xyssAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjUwNjI4MTYwMTI2WhcNMjUwNjI5MTYwMTI2WjAzMTEwLwYDVQQD
EygwMmZhZjEwMjBlZjhjZTM5YjRmZGYxMDkwZjk1YTVkNDIyYmQ4NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Qh+MV/N6nrgRIxUSGcFAo4LUp2P
+sk6UF1olb57vuLYcDfd3sq9D/mR9QeWwNnhdpmlZwB54TSH9wW4rQsXPUC3mixv
dDtiP3HlaANgicuFpyybImk0qSYlLLB2W2ZxyJKec2hFDpU8X11TkQBgKpCIYL4d
z0PB044dOXTJ+9fTstCVIptTKHGdYCDzRtw1fl4lTW3ofEI1SJAWB0DesvWE7Sz5
emrI6VNwAAZ9Qf7GrwVjsCg1zrHpcwYytymeNSXunvpcYtxq0XtrokKQYWT6RIEF
se7SFylC8oSX2E3pgE4dxaX3vci+PTzw2kasRRYb5zP8fx038zFpBx89qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAL68QIO+M45tP3xCQ+VpdQivYUUMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABUUhfsTZ
/EYr4iNSn4yKcLtg1pmTr8cJUrTr2nX9QdooZWGQ9AbfY5jUZE6uJC/O2uLmtCpg
zNbrBkS1ABpNnJvMwYns1RQiuao0w66nR7hV4sM+PUYiiVGhygO1hyRBm8TNdI4l
+2bvSIrRa5b7Re6MMKI48W0v2ni4SOHXwLKTb7AgKC57zff0yaH9/2IqC90P9eBk
nYQfJ1r2/SxxRAU6lecfHsYf5HQGduRFAhgI9k6DUovSLtPXWLDIDkn5tz90SMNK
p/YqvjiwJvAiAlTUqihCGwuvpjVhCJPGKZamPFiIywd0f5k+ulJGJJuWUe7Ol0H8
SsI0Iv8ABmfr2g==
-----END CERTIFICATE-----