Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          AoPOquzUBkOJoUAcyGwHnNISPteJWjnMPdxqbGkTggY=
Subject key identifier:   CB:3C:13:39:8D:B2:9B:0B:6B:C5:F1:74:5D:50:34:16:6F:E1:C3:E8
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       0197BB58C6CB708EA0DA5B50EE561F895965
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          13A0
Signing time:             Sun 29 Jun 2025 11:00:46 +0000
Manifest this update:     Sun 29 Jun 2025 11:00:46 +0000
Manifest next update:     Mon 30 Jun 2025 11:00:46 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: wsgKJfWIgQHOUwhkNpgbDtOwz07dkHG5QExWdZpV1UU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 07:42:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bb:58:c6:cb:70:8e:a0:da:5b:50:ee:56:1f:89:59:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Jun 29 11:00:46 2025 GMT
            Not After : Jun 30 11:00:46 2025 GMT
        Subject: CN=cb3c13398db29b0b6bc5f1745d5034166fe1c3e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a5:12:ea:8b:fd:00:a6:46:65:2e:92:65:c0:
                    e9:ad:1a:ae:0d:f9:a6:6a:7d:a1:dc:b8:48:e3:b4:
                    ae:e5:24:d2:3a:0b:3c:a0:c0:89:6b:3b:a8:dc:16:
                    8f:28:81:eb:76:15:9b:08:af:fd:3a:54:f3:d5:4c:
                    ac:88:63:07:d3:ea:da:4c:dd:14:96:63:84:32:93:
                    78:ef:8e:c7:02:40:67:d8:d1:47:a8:cd:25:13:56:
                    e0:da:b4:23:be:bf:fd:99:f2:f5:5c:8d:90:5c:4c:
                    b6:56:9c:74:68:4f:18:26:3b:3f:e6:ac:5c:20:e4:
                    e2:96:96:ba:95:76:1c:d2:52:21:c5:7e:04:a8:77:
                    af:b3:69:4f:cb:19:d9:e2:22:cd:a1:db:d5:d4:d0:
                    fe:ea:5d:f0:e8:70:8a:03:0e:0a:54:e0:c8:12:c7:
                    5a:48:a6:40:d9:0a:58:4e:ae:86:ad:4b:9b:f1:07:
                    1b:a3:b3:18:fd:5b:f4:16:e8:a6:fe:12:71:67:9d:
                    19:72:a6:b4:a2:23:d1:01:5c:c3:e5:7e:95:25:78:
                    51:eb:25:a1:4a:3b:11:3b:13:55:70:a0:16:d8:9d:
                    e2:7d:2a:ec:70:1d:7f:7c:cd:0a:c1:7e:d3:1b:64:
                    1f:e7:5e:90:a5:ca:23:27:05:48:5a:50:92:61:ee:
                    8b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:3C:13:39:8D:B2:9B:0B:6B:C5:F1:74:5D:50:34:16:6F:E1:C3:E8
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:c1:09:99:fc:ac:1c:1f:28:a9:36:0e:3a:39:1b:50:49:33:
         ae:8e:bb:00:9f:90:30:70:f9:8c:0d:8d:23:0c:93:e6:b4:b3:
         26:47:20:dc:16:1d:b0:7b:7b:c8:a4:dd:b4:ad:2b:22:3e:da:
         55:f9:27:32:eb:f9:99:4b:7e:85:7b:a2:15:2f:bc:db:77:58:
         8b:cd:3c:f0:b0:3d:ee:c5:3f:08:63:b8:ea:02:48:9c:e8:e8:
         d2:d3:c1:f1:cc:00:55:9a:0b:f1:40:c0:6c:c5:96:cf:29:98:
         94:eb:19:f1:be:97:48:96:42:67:14:42:21:88:96:b6:dc:df:
         38:62:0e:45:09:f8:8d:86:03:66:d5:31:c1:0e:ed:43:ba:5f:
         a6:cc:35:99:0a:35:c1:26:f0:0d:fc:4d:45:3d:13:41:9a:60:
         bc:b9:f8:99:b6:51:50:fe:dd:fd:20:34:81:c5:a2:29:d0:c6:
         6d:84:02:71:de:b1:3e:47:1d:9c:a3:75:3b:c0:d8:2d:09:bf:
         a2:8b:f1:ba:f5:cf:0b:8c:33:17:65:59:0f:71:de:72:2c:b5:
         c8:52:bf:2d:2a:b7:8f:98:f7:5a:f4:17:7c:45:7d:a8:33:0b:
         89:ab:4b:d6:d5:0d:16:fb:88:56:78:c1:7e:a5:7e:92:f6:33:
         20:fd:f5:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe7WMbLcI6g2ltQ7lYfiVllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUwNjI5MTEwMDQ2WhcNMjUwNjMwMTEwMDQ2WjAzMTEwLwYDVQQD
EyhjYjNjMTMzOThkYjI5YjBiNmJjNWYxNzQ1ZDUwMzQxNjZmZTFjM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6US6ov9AKZGZS6SZcDprRquDfmm
an2h3LhI47Su5STSOgs8oMCJazuo3BaPKIHrdhWbCK/9OlTz1UysiGMH0+raTN0U
lmOEMpN4747HAkBn2NFHqM0lE1bg2rQjvr/9mfL1XI2QXEy2Vpx0aE8YJjs/5qxc
IOTilpa6lXYc0lIhxX4EqHevs2lPyxnZ4iLNodvV1ND+6l3w6HCKAw4KVODIEsda
SKZA2QpYTq6GrUub8Qcbo7MY/Vv0Fuim/hJxZ50Zcqa0oiPRAVzD5X6VJXhR6yWh
SjsROxNVcKAW2J3ifSrscB1/fM0KwX7TG2Qf516QpcojJwVIWlCSYe6L/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMs8EzmNspsLa8XxdF1QNBZv4cPoMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnsEJmfys
HB8oqTYOOjkbUEkzro67AJ+QMHD5jA2NIwyT5rSzJkcg3BYdsHt7yKTdtK0rIj7a
VfknMuv5mUt+hXuiFS+823dYi8088LA97sU/CGO46gJInOjo0tPB8cwAVZoL8UDA
bMWWzymYlOsZ8b6XSJZCZxRCIYiWttzfOGIORQn4jYYDZtUxwQ7tQ7pfpsw1mQo1
wSbwDfxNRT0TQZpgvLn4mbZRUP7d/SA0gcWiKdDGbYQCcd6xPkcdnKN1O8DYLQm/
oovxuvXPC4wzF2VZD3Heciy1yFK/LSq3j5j3WvQXfEV9qDMLiatL1tUNFvuIVnjB
fqV+kvYzIP31dQ==
-----END CERTIFICATE-----