Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
File:                     ogqr6NvAhXg0PCW4xomHpevAOMk.mft (raw, json)
Hash identifier:          oOgamtxC+i7+0dc2phEghudwIZBv49jGb/fHu5Xr2q4=
Subject key identifier:   B9:96:6A:18:33:AA:7C:4F:07:CA:3B:A9:02:F8:39:7C:30:0F:BA:B5
Authority key identifier: A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9
Certificate issuer:       /CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
Certificate serial:       0197B745432F12A71C15C598D86E0C18156B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
Manifest number:          05
Signing time:             Sat 28 Jun 2025 16:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:59 +0000
Files and hashes:         1: ogqr6NvAhXg0PCW4xomHpevAOMk.crl (hash: KMJsCmymRmBoYp1Oqp5B1azwpcIu6CPWmjSx+pDsWBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:43:2f:12:a7:1c:15:c5:98:d8:6e:0c:18:15:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
        Validity
            Not Before: Jun 28 16:00:59 2025 GMT
            Not After : Jun 29 16:00:59 2025 GMT
        Subject: CN=b9966a1833aa7c4f07ca3ba902f8397c300fbab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e3:3a:0c:bf:f2:79:29:10:38:b7:3c:66:5e:
                    37:3a:b1:29:a0:68:09:19:f6:64:73:1a:78:71:f7:
                    9a:58:da:a4:cb:11:29:15:2c:65:7c:f5:21:d1:bb:
                    55:40:88:a0:e5:68:70:80:57:49:e1:57:35:94:f6:
                    be:28:b2:17:d1:95:8a:60:88:09:82:1d:4f:5a:e3:
                    f9:18:11:1e:49:98:94:f3:e0:ce:6b:7a:95:52:9b:
                    9d:25:55:88:59:cc:5d:da:8f:bf:04:00:de:01:d9:
                    80:56:c3:7e:c7:b4:ac:00:95:0f:46:3d:ab:ec:e2:
                    b5:07:c0:04:ad:3f:50:20:68:d0:59:cf:d9:9b:b2:
                    d7:e1:a2:7b:31:18:73:44:cc:54:90:6b:47:e9:03:
                    91:53:71:be:88:7d:ce:f0:16:4c:3d:b2:43:e5:da:
                    29:eb:d3:2a:91:c7:d8:e8:01:af:04:53:26:30:53:
                    aa:5f:e6:9b:46:b1:e4:58:9e:c7:68:d8:94:cf:08:
                    9f:a8:2c:86:13:37:05:81:5e:7b:96:24:06:9b:f1:
                    80:55:b4:b6:be:cc:47:05:de:01:68:7b:f3:69:45:
                    2d:6f:e0:0e:ad:75:eb:b3:9a:a0:ea:07:89:1e:eb:
                    d2:50:6d:b0:21:26:94:e5:c0:b8:32:4a:10:b7:88:
                    2d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:96:6A:18:33:AA:7C:4F:07:CA:3B:A9:02:F8:39:7C:30:0F:BA:B5
            X509v3 Authority Key Identifier:
                keyid:A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:c6:1e:64:b0:8f:24:48:97:d4:6b:e3:d8:c2:01:d1:7f:52:
         e6:32:1f:b8:33:c7:04:25:9d:d9:da:2b:7d:61:8e:50:92:ea:
         c5:88:27:7a:85:38:ac:39:c5:d2:7e:e3:05:a8:89:da:89:60:
         62:dd:fb:48:6b:44:64:99:03:35:ff:96:55:1d:4c:3a:d1:a0:
         fc:c5:b9:45:f0:ed:fa:5a:62:78:54:ef:21:17:6c:0d:f0:ba:
         29:9f:b5:56:7c:0c:1c:d5:12:a7:00:b7:c6:dc:8b:42:92:1f:
         ed:40:2d:21:3f:19:37:07:70:ae:eb:af:7c:27:33:e5:99:ac:
         5e:12:c2:94:b4:0c:73:f0:95:93:97:12:40:1b:b5:04:2a:e3:
         fa:f6:19:7e:c0:4e:d8:c0:ff:5e:60:1c:c5:86:54:79:9e:a7:
         8b:61:be:e4:b9:f9:9e:b5:17:14:78:1e:4b:a7:a3:38:c5:bd:
         a5:f9:dc:e0:a5:6b:86:7b:70:b1:9a:6f:22:27:dd:9e:7b:d8:
         03:63:9b:8c:37:fa:06:22:54:a7:fa:b4:a7:78:c4:30:eb:4d:
         e0:19:cd:99:5d:86:62:3c:18:c4:2c:6f:37:e7:ec:94:44:27:
         9c:e4:5e:51:df:e0:c6:14:51:e7:d9:47:00:0e:9c:8a:7b:1c:
         1c:84:f3:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RUMvEqccFcWY2G4MGBVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGFhYmU4ZGJjMDg1NzgzNDNjMjViOGM2ODk4N2E1ZWJj
MDM4YzkwHhcNMjUwNjI4MTYwMDU5WhcNMjUwNjI5MTYwMDU5WjAzMTEwLwYDVQQD
EyhiOTk2NmExODMzYWE3YzRmMDdjYTNiYTkwMmY4Mzk3YzMwMGZiYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOM6DL/yeSkQOLc8Zl43OrEpoGgJ
GfZkcxp4cfeaWNqkyxEpFSxlfPUh0btVQIig5WhwgFdJ4Vc1lPa+KLIX0ZWKYIgJ
gh1PWuP5GBEeSZiU8+DOa3qVUpudJVWIWcxd2o+/BADeAdmAVsN+x7SsAJUPRj2r
7OK1B8AErT9QIGjQWc/Zm7LX4aJ7MRhzRMxUkGtH6QORU3G+iH3O8BZMPbJD5dop
69MqkcfY6AGvBFMmMFOqX+abRrHkWJ7HaNiUzwifqCyGEzcFgV57liQGm/GAVbS2
vsxHBd4BaHvzaUUtb+AOrXXrs5qg6geJHuvSUG2wISaU5cC4MkoQt4gtsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmWahgzqnxPB8o7qQL4OXwwD7q1MB8GA1UdIwQY
MBaAFKIKq+jbwIV4NDwluMaJh6XrwDjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYt
NzFkNjQ5YzNmZDM1LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYtNzFkNjQ5YzNmZDM1
LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsMYeZLCP
JEiX1Gvj2MIB0X9S5jIfuDPHBCWd2dorfWGOUJLqxYgneoU4rDnF0n7jBaiJ2olg
Yt37SGtEZJkDNf+WVR1MOtGg/MW5RfDt+lpieFTvIRdsDfC6KZ+1VnwMHNUSpwC3
xtyLQpIf7UAtIT8ZNwdwruuvfCcz5ZmsXhLClLQMc/CVk5cSQBu1BCrj+vYZfsBO
2MD/XmAcxYZUeZ6ni2G+5Ln5nrUXFHgeS6ejOMW9pfnc4KVrhntwsZpvIifdnnvY
A2ObjDf6BiJUp/q0p3jEMOtN4BnNmV2GYjwYxCxvN+fslEQnnOReUd/gxhRR59lH
AA6cinscHITz3A==
-----END CERTIFICATE-----