Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          lu9qr8J/0rrqdjjTyYb4GdqaahGm3vd3JzY2tjBMLPw=
Subject key identifier:   CA:40:F7:D8:90:A8:CE:01:66:BB:3E:74:98:62:74:32:CC:C2:AC:C5
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       0197B96AA138117E1A419F627A51D9324463
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          15B4
Signing time:             Sun 29 Jun 2025 02:01:02 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:02 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:02 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: ZQfmTskALCdD2pvHA/1+WKxbaXkxHuI/qgxa01aPKsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:a1:38:11:7e:1a:41:9f:62:7a:51:d9:32:44:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Jun 29 02:01:02 2025 GMT
            Not After : Jun 30 02:01:02 2025 GMT
        Subject: CN=ca40f7d890a8ce0166bb3e7498627432ccc2acc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e1:5b:4d:67:12:73:00:ee:31:b8:6b:d2:df:
                    8f:ea:13:c5:ff:60:3d:03:40:e6:a2:92:aa:96:17:
                    fc:b0:c0:24:1b:df:e2:42:86:64:54:97:6f:7b:5c:
                    22:06:89:b3:b2:b0:33:c5:06:09:c9:9d:46:0b:6d:
                    01:e1:db:e5:85:43:e4:14:66:22:6d:4e:3d:c9:4f:
                    0c:a9:29:d1:37:9a:73:df:cc:d7:9c:18:7a:5a:9d:
                    c6:12:8e:4a:04:12:43:09:cb:f0:ab:b2:79:88:38:
                    27:4a:27:b8:26:75:19:3f:23:b1:d5:9e:68:90:c7:
                    0f:a2:13:7e:eb:75:52:7c:d9:7f:c3:8c:df:be:3d:
                    8e:bc:87:63:99:2b:9c:23:31:15:28:67:b5:72:3b:
                    bc:9d:19:59:ed:98:9e:d8:f8:c4:af:f2:b8:1b:d8:
                    13:a0:4b:6d:53:35:54:fd:ce:7a:a2:66:a7:b7:07:
                    b8:10:4a:d7:bb:7c:ab:32:45:b9:fa:5e:e0:a7:9e:
                    0a:7c:14:20:72:a3:ce:7f:b7:42:54:17:5f:a7:27:
                    c7:c2:c5:7e:db:5a:ca:de:81:27:91:10:b9:1d:0c:
                    69:45:00:ca:a8:ec:52:37:e6:28:25:da:d5:69:90:
                    de:fd:61:b0:4b:79:52:ac:d9:53:d4:64:4a:33:6b:
                    99:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:40:F7:D8:90:A8:CE:01:66:BB:3E:74:98:62:74:32:CC:C2:AC:C5
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:66:6b:d9:42:dd:5a:33:fd:36:1a:10:72:55:3f:04:4f:f0:
         1f:ae:56:d1:b8:75:69:79:50:7f:7c:5d:fc:0b:ca:1a:c7:e0:
         20:ff:ba:17:0e:ee:45:bc:ce:9c:69:05:9a:f5:bd:53:3f:5e:
         35:e2:e0:c9:30:d8:ed:6c:a7:cd:a1:cd:1b:12:3e:e9:8c:4a:
         42:d3:93:45:cd:8f:9a:90:8b:83:c9:ae:07:d2:e5:a8:23:7f:
         00:2d:8e:1e:3f:45:45:5a:82:a2:91:d4:76:e3:2b:40:1e:c4:
         86:39:6a:34:51:86:89:33:7a:fc:d5:47:31:18:9b:4e:c9:23:
         b1:3d:87:88:86:4f:1e:9b:b2:12:35:f8:ce:b7:3e:71:d0:b1:
         72:4f:fe:b7:5f:89:20:6f:4e:16:38:34:c6:64:e8:9a:ac:e3:
         34:a1:a0:22:25:1e:54:ed:ce:d5:f8:c9:7a:cd:eb:7c:82:08:
         d2:5c:bb:79:c2:81:0b:94:1a:1f:a5:d9:44:32:de:c3:c0:02:
         7e:2c:7a:d0:b1:a8:55:4b:0c:1f:7e:a1:62:cf:48:fa:9b:d5:
         d0:58:f6:5f:d7:b2:8f:96:5d:99:07:59:ce:47:bb:84:dd:be:
         c5:96:25:08:13:af:cb:a7:5e:4f:cd:ac:ea:6e:7e:8c:60:91:
         08:15:6a:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5aqE4EX4aQZ9ielHZMkRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUwNjI5MDIwMTAyWhcNMjUwNjMwMDIwMTAyWjAzMTEwLwYDVQQD
EyhjYTQwZjdkODkwYThjZTAxNjZiYjNlNzQ5ODYyNzQzMmNjYzJhY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuFbTWcScwDuMbhr0t+P6hPF/2A9
A0DmopKqlhf8sMAkG9/iQoZkVJdve1wiBomzsrAzxQYJyZ1GC20B4dvlhUPkFGYi
bU49yU8MqSnRN5pz38zXnBh6Wp3GEo5KBBJDCcvwq7J5iDgnSie4JnUZPyOx1Z5o
kMcPohN+63VSfNl/w4zfvj2OvIdjmSucIzEVKGe1cju8nRlZ7Zie2PjEr/K4G9gT
oEttUzVU/c56omantwe4EErXu3yrMkW5+l7gp54KfBQgcqPOf7dCVBdfpyfHwsV+
21rK3oEnkRC5HQxpRQDKqOxSN+YoJdrVaZDe/WGwS3lSrNlT1GRKM2uZAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpA99iQqM4BZrs+dJhidDLMwqzFMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANGZr2ULd
WjP9NhoQclU/BE/wH65W0bh1aXlQf3xd/AvKGsfgIP+6Fw7uRbzOnGkFmvW9Uz9e
NeLgyTDY7WynzaHNGxI+6YxKQtOTRc2PmpCLg8muB9LlqCN/AC2OHj9FRVqCopHU
duMrQB7EhjlqNFGGiTN6/NVHMRibTskjsT2HiIZPHpuyEjX4zrc+cdCxck/+t1+J
IG9OFjg0xmTomqzjNKGgIiUeVO3O1fjJes3rfIII0ly7ecKBC5QaH6XZRDLew8AC
fix60LGoVUsMH36hYs9I+pvV0Fj2X9eyj5ZdmQdZzke7hN2+xZYlCBOvy6deT82s
6m5+jGCRCBVqDg==
-----END CERTIFICATE-----