Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          0O3M+wj8MZcsVJspkDNn8B48QhQtd/7yuR1PS6gUq8g=
Subject key identifier:   D8:D6:38:A8:1C:8C:A4:16:77:12:B6:DC:F3:38:FE:9E:98:42:EC:32
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       0196B7108DE717F5098A2D09077247939234
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0941
Signing time:             Fri 09 May 2025 22:00:37 +0000
Manifest this update:     Fri 09 May 2025 22:00:37 +0000
Manifest next update:     Sat 10 May 2025 22:00:37 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: p4u/Of4MNJRCd90F138xgIJKeabnnrrMqeeHrkHFunw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:10:8d:e7:17:f5:09:8a:2d:09:07:72:47:93:92:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: May  9 22:00:37 2025 GMT
            Not After : May 10 22:00:37 2025 GMT
        Subject: CN=d8d638a81c8ca4167712b6dcf338fe9e9842ec32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f3:5f:87:18:af:25:02:c3:6f:01:ce:0d:c1:
                    52:cd:52:e6:32:b4:b7:a0:2f:51:d3:e4:cf:eb:61:
                    36:7b:5c:7c:29:47:ac:0e:ff:94:fd:1c:8e:d4:d4:
                    20:e2:e9:4f:b5:0f:2f:48:bd:70:f0:1c:59:b2:1a:
                    9d:cc:b6:62:5c:2d:20:a0:bc:8b:03:ea:2a:b6:46:
                    78:e3:8c:57:06:c5:b3:f7:91:39:06:cf:f9:62:69:
                    79:45:a9:56:a7:63:9b:24:ba:ff:4c:ed:61:12:28:
                    a2:8b:65:94:1b:b4:23:de:e4:d1:b6:5a:91:93:89:
                    4c:3c:00:2b:7a:f8:cf:1e:92:a7:58:46:f3:06:84:
                    09:73:10:d7:b8:30:b2:6c:6b:56:ff:d3:e6:fe:dd:
                    53:a8:de:1d:12:e4:29:b7:da:e0:b5:21:82:1b:fb:
                    19:11:cb:01:e8:45:22:af:b7:01:25:a2:27:8e:69:
                    cb:85:7b:c7:d1:89:3a:0a:50:94:33:8f:33:c9:0e:
                    a3:3d:09:81:28:ab:dc:cf:68:3f:13:6d:aa:ba:dc:
                    75:31:8d:81:08:02:48:af:64:e6:bf:c1:ed:8d:9f:
                    3c:cf:bf:6c:3c:e5:b6:54:44:e1:c8:d7:33:f1:53:
                    6f:7e:5a:80:63:ee:f2:af:d2:5b:10:68:f2:aa:b8:
                    93:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:D6:38:A8:1C:8C:A4:16:77:12:B6:DC:F3:38:FE:9E:98:42:EC:32
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:c1:50:a5:f4:02:4c:3b:78:61:77:66:c4:8a:c6:41:2e:f0:
         57:08:18:80:67:ae:30:b5:ac:9c:14:e6:79:28:34:47:f0:e3:
         0b:09:7d:a1:d7:5d:f9:02:74:3a:ce:ef:92:60:54:57:fc:e3:
         cd:89:e6:99:d3:46:0b:97:b6:01:0a:81:39:b8:12:73:e7:7c:
         7d:b2:9d:43:95:ab:c5:3c:88:d3:43:a9:bf:33:45:2f:c8:14:
         4a:79:31:0b:43:35:bc:a9:ee:ca:e0:b5:dc:41:e2:5b:ac:bc:
         ea:bc:33:fd:02:e1:2a:45:57:3b:58:6c:23:60:e5:26:11:e2:
         7d:bd:cc:bc:1d:8c:2e:20:11:c8:f8:72:c4:ce:fe:9a:a7:02:
         f2:3b:83:cd:0b:33:3b:97:44:92:e1:77:95:3d:8a:57:4f:59:
         e7:eb:13:30:3c:27:30:a2:83:66:13:2e:6b:f5:5f:0b:e4:6c:
         cf:ac:90:81:b3:de:ad:41:51:fb:5c:85:0d:40:b0:87:00:5f:
         10:4e:67:ba:8c:b9:42:4d:ce:8f:1f:8b:b8:be:1f:36:7e:b8:
         2f:70:d9:e6:34:20:b5:7f:bd:e5:4f:a6:b8:49:65:5f:c5:78:
         ed:18:03:04:17:aa:49:fb:e4:a3:eb:bd:a7:7c:d3:8d:41:00:
         ec:0f:d6:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3EI3nF/UJii0JB3JHk5I0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUwNTA5MjIwMDM3WhcNMjUwNTEwMjIwMDM3WjAzMTEwLwYDVQQD
EyhkOGQ2MzhhODFjOGNhNDE2NzcxMmI2ZGNmMzM4ZmU5ZTk4NDJlYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/NfhxivJQLDbwHODcFSzVLmMrS3
oC9R0+TP62E2e1x8KUesDv+U/RyO1NQg4ulPtQ8vSL1w8BxZshqdzLZiXC0goLyL
A+oqtkZ444xXBsWz95E5Bs/5Yml5RalWp2ObJLr/TO1hEiiii2WUG7Qj3uTRtlqR
k4lMPAArevjPHpKnWEbzBoQJcxDXuDCybGtW/9Pm/t1TqN4dEuQpt9rgtSGCG/sZ
EcsB6EUir7cBJaInjmnLhXvH0Yk6ClCUM48zyQ6jPQmBKKvcz2g/E22qutx1MY2B
CAJIr2Tmv8HtjZ88z79sPOW2VEThyNcz8VNvflqAY+7yr9JbEGjyqriTowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjWOKgcjKQWdxK23PM4/p6YQuwyMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt8FQpfQC
TDt4YXdmxIrGQS7wVwgYgGeuMLWsnBTmeSg0R/DjCwl9oddd+QJ0Os7vkmBUV/zj
zYnmmdNGC5e2AQqBObgSc+d8fbKdQ5WrxTyI00OpvzNFL8gUSnkxC0M1vKnuyuC1
3EHiW6y86rwz/QLhKkVXO1hsI2DlJhHifb3MvB2MLiARyPhyxM7+mqcC8juDzQsz
O5dEkuF3lT2KV09Z5+sTMDwnMKKDZhMua/VfC+Rsz6yQgbPerUFR+1yFDUCwhwBf
EE5nuoy5Qk3Ojx+LuL4fNn64L3DZ5jQgtX+95U+muEllX8V47RgDBBeqSfvko+u9
p3zTjUEA7A/W6g==
-----END CERTIFICATE-----