Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          aetq5Dp0eBCCM/q4bHxr0V4Y3BSUi0ng4QouT4sNC3o=
Subject key identifier:   22:A9:09:09:A6:AD:9E:ED:A4:3A:63:B8:7A:85:AF:0F:74:1E:F8:4B
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       0196BF6EB7A0FAE2FF1AD88ABE0388C669C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          1533
Signing time:             Sun 11 May 2025 13:00:26 +0000
Manifest this update:     Sun 11 May 2025 13:00:26 +0000
Manifest next update:     Mon 12 May 2025 13:00:26 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: Wf1M30aDAV/JsVmzGLUIuIT/0YmUQP2gtIjYb0RwcbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 13:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6e:b7:a0:fa:e2:ff:1a:d8:8a:be:03:88:c6:69:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: May 11 13:00:26 2025 GMT
            Not After : May 12 13:00:26 2025 GMT
        Subject: CN=22a90909a6ad9eeda43a63b87a85af0f741ef84b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:97:e2:4e:99:bd:09:ad:1a:0d:bb:b4:da:bd:
                    16:21:eb:0e:c8:a1:d0:38:e8:83:fd:6b:f0:71:fc:
                    f3:65:0a:de:a6:fd:c6:59:27:2c:33:5d:b9:cf:11:
                    07:8c:ba:1c:cc:e7:1f:c7:19:03:52:69:6a:14:4e:
                    1f:ad:00:62:2e:c0:7f:d1:fb:4e:40:ff:4e:c5:aa:
                    a8:9f:0e:28:11:46:ab:8d:8c:b3:e6:f2:fa:11:8e:
                    02:ce:42:e7:67:50:09:76:35:60:5c:f7:45:54:e5:
                    5e:1c:97:73:af:34:26:a3:9c:62:07:b1:4b:4b:99:
                    85:f6:db:8a:77:75:c6:88:b7:97:63:6a:e9:cc:1c:
                    c3:3b:cb:5c:22:60:13:b7:d2:0c:f4:c0:a0:14:f0:
                    3e:b4:e5:f1:b5:8b:9d:93:e9:81:71:0f:c8:db:4b:
                    7b:fd:b4:3e:c8:55:ba:9f:31:53:33:f1:26:68:3c:
                    db:d6:dd:6d:3e:1e:0b:3c:00:d9:58:7b:7e:9b:c1:
                    49:b2:3c:39:94:f8:a8:b5:8a:a6:74:d8:cc:56:23:
                    14:d3:6a:6e:cf:6c:02:f7:ee:d2:40:dd:f4:05:64:
                    c3:b2:ae:c2:fb:9d:eb:4d:b3:09:d7:94:f0:d6:14:
                    5f:84:9d:7f:b4:f2:83:70:4c:90:34:94:b7:c9:45:
                    3a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:A9:09:09:A6:AD:9E:ED:A4:3A:63:B8:7A:85:AF:0F:74:1E:F8:4B
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d6:fb:54:e2:c8:54:05:82:98:fc:a3:fe:92:74:d0:46:38:7f:
         70:59:20:87:cc:1f:fe:2c:f4:22:bb:1f:19:bb:d6:f6:2a:6e:
         d2:bd:ca:c1:3d:91:30:e9:ed:38:76:49:6d:a6:bc:7d:af:d3:
         69:31:90:95:35:ea:1a:27:ba:31:1f:d8:be:13:3e:75:e7:b6:
         44:0e:3a:8f:9e:91:31:da:9e:a7:f8:ab:8a:c1:f0:e1:9f:18:
         7b:3f:3f:3c:9d:2f:86:1e:2e:5e:2b:48:80:7f:db:7c:ef:a4:
         40:63:ce:13:4f:54:4c:23:fa:ac:bb:52:38:fc:88:fb:e2:98:
         77:a0:5e:36:98:6b:b6:f2:3b:23:99:62:c8:81:24:fa:75:21:
         90:35:22:37:31:b2:7f:4b:50:1a:32:df:c3:3b:85:30:8c:96:
         23:ca:dc:19:c6:ab:06:2e:22:53:b8:30:28:06:f2:b7:e1:c8:
         af:12:fe:35:17:19:08:96:30:35:e1:6c:2f:f9:e3:80:8d:cc:
         98:6b:14:72:ee:ec:b1:e2:9a:43:64:e8:a8:37:e4:9e:4e:82:
         3b:05:2d:4b:62:13:8d:65:1c:c6:aa:fe:ee:69:fe:03:c6:27:
         61:16:38:da:ac:f4:b4:9b:dd:d7:89:29:f7:4c:f0:73:86:ed:
         5b:53:39:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/breg+uL/GtiKvgOIxmnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUwNTExMTMwMDI2WhcNMjUwNTEyMTMwMDI2WjAzMTEwLwYDVQQD
EygyMmE5MDkwOWE2YWQ5ZWVkYTQzYTYzYjg3YTg1YWYwZjc0MWVmODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJfiTpm9Ca0aDbu02r0WIesOyKHQ
OOiD/WvwcfzzZQrepv3GWScsM125zxEHjLoczOcfxxkDUmlqFE4frQBiLsB/0ftO
QP9Oxaqonw4oEUarjYyz5vL6EY4CzkLnZ1AJdjVgXPdFVOVeHJdzrzQmo5xiB7FL
S5mF9tuKd3XGiLeXY2rpzBzDO8tcImATt9IM9MCgFPA+tOXxtYudk+mBcQ/I20t7
/bQ+yFW6nzFTM/EmaDzb1t1tPh4LPADZWHt+m8FJsjw5lPiotYqmdNjMViMU02pu
z2wC9+7SQN30BWTDsq7C+53rTbMJ15Tw1hRfhJ1/tPKDcEyQNJS3yUU6KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKpCQmmrZ7tpDpjuHqFrw90HvhLMB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1vtU4shU
BYKY/KP+knTQRjh/cFkgh8wf/iz0IrsfGbvW9ipu0r3KwT2RMOntOHZJbaa8fa/T
aTGQlTXqGie6MR/YvhM+dee2RA46j56RMdqep/irisHw4Z8Yez8/PJ0vhh4uXitI
gH/bfO+kQGPOE09UTCP6rLtSOPyI++KYd6BeNphrtvI7I5liyIEk+nUhkDUiNzGy
f0tQGjLfwzuFMIyWI8rcGcarBi4iU7gwKAbyt+HIrxL+NRcZCJYwNeFsL/njgI3M
mGsUcu7sseKaQ2ToqDfknk6COwUtS2ITjWUcxqr+7mn+A8YnYRY42qz0tJvd14kp
90zwc4btW1M5kA==
-----END CERTIFICATE-----