Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          c4hDCjmBKfqYc+B+NSQt1Np6jxM3n73KSK6Up8DSXXU=
Subject key identifier:   C8:10:7C:DE:8C:A6:02:95:4D:5F:0C:44:81:1D:99:EF:4F:4F:87:7F
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       0197B88F178E7D815EEE85E72BAF8C41B830
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 22:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:14 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: LfHgYF1Wtdt9BG0XUH1PAe5y25NlO8v35asaaWBca60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:17:8e:7d:81:5e:ee:85:e7:2b:af:8c:41:b8:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Jun 28 22:01:14 2025 GMT
            Not After : Jun 29 22:01:14 2025 GMT
        Subject: CN=c8107cde8ca602954d5f0c44811d99ef4f4f877f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b7:5d:21:86:42:37:39:47:89:46:56:19:d2:
                    84:64:65:9f:5d:19:d5:53:99:3d:3e:58:f4:c8:c1:
                    86:f3:30:30:ba:36:d6:83:46:79:f6:18:90:c3:5e:
                    1a:90:eb:ab:99:0d:37:33:be:f9:e6:56:e4:0f:f9:
                    ef:fb:e7:04:1f:37:b0:e2:61:20:aa:f1:b6:33:dd:
                    a1:5f:a5:6f:26:94:ab:8b:fd:50:2b:c1:52:fa:ef:
                    27:bf:bc:88:62:20:58:3a:f9:46:dc:7a:8a:25:ad:
                    ff:24:bd:c0:f7:c6:88:b7:2c:1b:43:e9:bf:26:40:
                    a4:51:77:3c:bb:95:96:3d:e6:3f:09:2f:df:ea:e3:
                    64:28:65:21:ef:2f:0d:d1:b0:a0:d8:3b:8c:35:e9:
                    8c:b0:e0:13:65:54:23:a6:be:a1:19:92:ae:5e:8b:
                    bf:1d:39:72:7a:99:b3:d9:1b:95:13:e0:e3:92:3d:
                    96:10:ff:96:e9:74:96:26:a6:95:84:b4:54:84:ca:
                    7e:0f:02:7a:0f:21:84:21:80:e2:64:2c:d6:55:b9:
                    83:0c:c1:18:18:09:ce:a7:8a:e3:6f:25:1a:80:65:
                    e2:2a:fc:24:c1:90:15:70:bb:92:20:94:a1:6f:79:
                    a5:c3:29:d3:29:ba:a9:bd:54:34:b8:9b:74:2b:7a:
                    b5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:10:7C:DE:8C:A6:02:95:4D:5F:0C:44:81:1D:99:EF:4F:4F:87:7F
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:de:7d:ee:c1:29:04:44:73:27:26:ab:f6:57:ad:95:80:f9:
         49:c6:fd:f4:05:f6:7d:39:51:ae:22:50:3f:bf:9e:95:2f:f2:
         18:ed:07:01:04:4f:ba:7d:98:47:d5:8a:40:72:b0:e2:b1:83:
         2c:75:5c:09:7f:ab:b4:56:9c:d5:3c:83:d7:c8:40:4c:3f:11:
         73:d1:45:a8:8c:c5:e1:b9:b5:50:1b:16:40:16:83:4b:57:3e:
         cf:be:84:69:42:34:3f:53:e0:88:9e:16:c3:c8:91:e4:9b:41:
         88:e8:a9:81:18:8e:21:d2:82:3e:e4:22:3f:ae:db:c3:a5:74:
         d2:a3:18:2f:6d:1a:94:ca:38:fe:0a:48:cd:53:3a:51:6d:cc:
         b5:17:11:b5:39:69:43:ef:e2:37:eb:0d:69:ea:4a:7e:f3:f9:
         dc:a8:d2:e0:7c:b0:26:4f:d4:ab:12:de:26:bd:32:b7:33:b2:
         d6:b0:f2:e3:8e:22:c4:e6:0c:25:5b:bf:1d:be:ef:8f:04:4f:
         c3:51:87:24:9d:fc:d4:60:ba:80:e1:1c:f2:2b:17:f0:e0:53:
         5a:b4:ca:9c:18:3a:02:5f:75:90:2f:f5:b8:29:a9:d7:ad:58:
         a6:23:63:ba:56:74:86:ae:cb:ba:33:0b:da:f4:85:07:bb:fc:
         7c:f8:19:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jxeOfYFe7oXnK6+MQbgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUwNjI4MjIwMTE0WhcNMjUwNjI5MjIwMTE0WjAzMTEwLwYDVQQD
EyhjODEwN2NkZThjYTYwMjk1NGQ1ZjBjNDQ4MTFkOTllZjRmNGY4NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbddIYZCNzlHiUZWGdKEZGWfXRnV
U5k9Plj0yMGG8zAwujbWg0Z59hiQw14akOurmQ03M7755lbkD/nv++cEHzew4mEg
qvG2M92hX6VvJpSri/1QK8FS+u8nv7yIYiBYOvlG3HqKJa3/JL3A98aItywbQ+m/
JkCkUXc8u5WWPeY/CS/f6uNkKGUh7y8N0bCg2DuMNemMsOATZVQjpr6hGZKuXou/
HTlyepmz2RuVE+Djkj2WEP+W6XSWJqaVhLRUhMp+DwJ6DyGEIYDiZCzWVbmDDMEY
GAnOp4rjbyUagGXiKvwkwZAVcLuSIJShb3mlwynTKbqpvVQ0uJt0K3q1CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgQfN6MpgKVTV8MRIEdme9PT4d/MB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGt597sEp
BERzJyar9letlYD5Scb99AX2fTlRriJQP7+elS/yGO0HAQRPun2YR9WKQHKw4rGD
LHVcCX+rtFac1TyD18hATD8Rc9FFqIzF4bm1UBsWQBaDS1c+z76EaUI0P1PgiJ4W
w8iR5JtBiOipgRiOIdKCPuQiP67bw6V00qMYL20alMo4/gpIzVM6UW3MtRcRtTlp
Q+/iN+sNaepKfvP53KjS4HywJk/UqxLeJr0ytzOy1rDy444ixOYMJVu/Hb7vjwRP
w1GHJJ381GC6gOEc8isX8OBTWrTKnBg6Al91kC/1uCmp161YpiNjulZ0hq7LujML
2vSFB7v8fPgZtw==
-----END CERTIFICATE-----