Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          0iqMazrL3l2AFvyf7GvD19myI7fI5YDdn1zD3NuLNF0=
Subject key identifier:   4D:2A:F7:23:D3:DA:0C:37:6A:2C:8D:7D:BD:82:C7:CE:27:10:D0:FA
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       0196B8911442C71C79AE5E2933DD85012881
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          131A
Signing time:             Sat 10 May 2025 05:00:37 +0000
Manifest this update:     Sat 10 May 2025 05:00:37 +0000
Manifest next update:     Sun 11 May 2025 05:00:37 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: 2U2dcrF4ke3z9pXBIdWSMJjfEO2OD7jqk6DHUKv47qQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:91:14:42:c7:1c:79:ae:5e:29:33:dd:85:01:28:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: May 10 05:00:37 2025 GMT
            Not After : May 11 05:00:37 2025 GMT
        Subject: CN=4d2af723d3da0c376a2c8d7dbd82c7ce2710d0fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:36:a5:df:7d:0f:54:37:0f:ae:38:0b:5f:13:
                    f0:57:bb:46:cb:85:54:6f:eb:2d:0d:7a:62:66:f4:
                    c3:b6:8d:f6:51:f0:24:de:de:10:9a:ab:df:d1:b6:
                    f7:e3:6b:f9:71:2b:d7:74:fb:68:80:bf:d3:e2:ab:
                    40:94:4c:f2:f8:2f:2e:14:f6:bb:8d:16:9c:f6:79:
                    d3:2e:8c:d6:2e:10:54:00:c7:6f:bf:b4:d9:14:90:
                    ce:fe:d6:7d:b9:5b:b6:9f:2a:2a:b8:f4:7a:d0:2b:
                    95:8a:56:74:4c:d4:f6:ef:30:a2:63:1b:59:ab:9a:
                    55:a0:97:a4:e3:3a:2a:76:67:f0:e1:47:a4:19:e0:
                    ff:e8:7e:fe:df:65:d3:88:f8:6e:ec:43:46:9e:18:
                    c2:fd:f4:78:89:17:72:c5:80:e6:75:ba:83:a6:c3:
                    2a:a0:1b:63:6b:a5:cc:f1:d6:9b:91:d4:b0:80:75:
                    97:44:37:dd:48:87:fa:04:0c:42:92:b3:8a:29:b3:
                    6f:1e:93:64:cc:20:35:05:a4:a1:66:a1:2b:62:be:
                    c0:f3:e2:28:3f:d8:e9:6a:34:b7:d7:c8:d9:b3:7f:
                    20:41:28:d6:2d:f1:a6:30:4f:91:ce:37:64:84:d1:
                    69:85:9b:5d:60:77:99:86:7c:64:5a:51:0e:19:a3:
                    0a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:2A:F7:23:D3:DA:0C:37:6A:2C:8D:7D:BD:82:C7:CE:27:10:D0:FA
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ac:a7:45:f6:d6:af:1b:5c:6a:08:24:23:5d:56:9b:3f:57:
         ef:b3:b5:d2:30:39:c6:68:4c:34:71:20:50:83:cd:02:78:ba:
         e3:d6:ca:0a:4c:3d:f8:db:25:af:5e:21:77:cc:ca:e9:c7:1d:
         4c:ea:7f:8d:88:ee:86:60:2e:9d:c0:ef:b8:5b:8a:e7:8a:c3:
         69:92:bb:90:17:df:b4:31:5f:17:29:1f:2c:3e:f9:d3:8a:c4:
         10:6d:28:11:44:5a:2a:08:ed:75:36:4c:d7:a6:79:42:ff:e0:
         7d:72:ab:3c:eb:49:7a:e4:9a:d8:d6:8e:bb:06:fc:cc:23:91:
         10:95:b2:73:c2:59:13:bb:05:b2:58:1d:e7:ae:d0:1d:3f:10:
         c1:7e:06:b8:d3:a6:51:69:42:c9:ea:fb:cb:4b:98:fc:3f:c1:
         85:0c:4f:ca:68:92:db:b7:1a:2b:c8:3b:2f:d9:7e:e9:49:1a:
         3b:a2:4f:99:57:fa:fb:0f:c8:30:56:c1:15:aa:ff:cc:ee:d7:
         84:49:bf:51:15:c1:2e:11:bf:4f:b9:3f:84:59:ad:9b:26:d1:
         90:41:c5:4f:70:76:a4:c3:5f:16:06:61:18:3e:4b:ef:9b:83:
         50:e0:0c:2f:6a:e2:01:4d:8f:e8:b6:f6:cc:9b:e8:69:9e:72:
         47:f6:85:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4kRRCxxx5rl4pM92FASiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUwNTEwMDUwMDM3WhcNMjUwNTExMDUwMDM3WjAzMTEwLwYDVQQD
Eyg0ZDJhZjcyM2QzZGEwYzM3NmEyYzhkN2RiZDgyYzdjZTI3MTBkMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjal330PVDcPrjgLXxPwV7tGy4VU
b+stDXpiZvTDto32UfAk3t4Qmqvf0bb342v5cSvXdPtogL/T4qtAlEzy+C8uFPa7
jRac9nnTLozWLhBUAMdvv7TZFJDO/tZ9uVu2nyoquPR60CuVilZ0TNT27zCiYxtZ
q5pVoJek4zoqdmfw4UekGeD/6H7+32XTiPhu7ENGnhjC/fR4iRdyxYDmdbqDpsMq
oBtja6XM8dabkdSwgHWXRDfdSIf6BAxCkrOKKbNvHpNkzCA1BaShZqErYr7A8+Io
P9jpajS318jZs38gQSjWLfGmME+RzjdkhNFphZtdYHeZhnxkWlEOGaMKuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0q9yPT2gw3aiyNfb2Cx84nEND6MB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKynRfbW
rxtcaggkI11Wmz9X77O10jA5xmhMNHEgUIPNAni649bKCkw9+Nslr14hd8zK6ccd
TOp/jYjuhmAuncDvuFuK54rDaZK7kBfftDFfFykfLD7504rEEG0oEURaKgjtdTZM
16Z5Qv/gfXKrPOtJeuSa2NaOuwb8zCOREJWyc8JZE7sFslgd567QHT8QwX4GuNOm
UWlCyer7y0uY/D/BhQxPymiS27caK8g7L9l+6UkaO6JPmVf6+w/IMFbBFar/zO7X
hEm/URXBLhG/T7k/hFmtmybRkEHFT3B2pMNfFgZhGD5L75uDUOAML2riAU2P6Lb2
zJvoaZ5yR/aFsQ==
-----END CERTIFICATE-----