Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          ZjuFNG1fEUej10fQz5P1hf8bS97c8vRybWT9PDFh/Lc=
Subject key identifier:   9B:4D:A1:62:54:23:65:96:D3:3E:02:1F:6E:59:FB:3E:30:9B:C2:18
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0196BD80C881672AD2B5788F5C0A48702904
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          1531
Signing time:             Sun 11 May 2025 04:00:55 +0000
Manifest this update:     Sun 11 May 2025 04:00:55 +0000
Manifest next update:     Mon 12 May 2025 04:00:55 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: oloA7BWguCwxuwuC5Y7ps3xTLHYLze2nNiixW9mlv3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:c8:81:67:2a:d2:b5:78:8f:5c:0a:48:70:29:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: May 11 04:00:55 2025 GMT
            Not After : May 12 04:00:55 2025 GMT
        Subject: CN=9b4da16254236596d33e021f6e59fb3e309bc218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:09:6e:6f:dc:ac:46:38:50:1c:fb:9f:13:95:
                    da:aa:18:83:37:6c:ae:69:c1:2e:96:f4:85:88:4d:
                    b4:a8:4f:c4:75:a4:46:50:7e:31:d7:ad:55:ee:8d:
                    b8:3c:dc:09:b0:bc:79:a6:1a:ca:cf:73:e6:38:27:
                    e5:be:cd:66:b3:54:34:59:88:78:4c:41:66:a4:79:
                    c1:dc:f7:ec:de:f9:fa:82:c8:e2:fa:8c:0e:2c:d1:
                    db:74:44:96:09:d9:34:52:a6:8c:00:24:b8:39:cd:
                    01:02:30:cf:ad:1f:bd:d8:da:58:9c:3e:be:c8:55:
                    52:c8:a6:04:26:d3:78:57:93:79:59:a7:e6:63:64:
                    66:26:10:fa:bc:af:1c:92:13:2f:3f:e3:66:51:b5:
                    b0:d6:c4:99:66:31:d9:72:99:3a:e4:2e:a7:5a:27:
                    35:a6:8c:a7:f1:57:cd:c9:a4:5e:a7:7f:56:65:29:
                    61:1a:90:2c:1e:30:01:98:da:65:a0:ff:55:3f:14:
                    6b:2a:9c:fe:11:00:f7:b3:ba:f2:05:c2:9f:0a:db:
                    a7:38:40:8e:0a:19:25:dd:d1:c0:bf:a9:a0:be:7c:
                    24:f3:f1:3a:1f:cc:4c:1c:81:a8:0f:a9:c7:ba:a6:
                    6f:0d:b4:ab:be:54:81:52:11:92:63:aa:ab:1a:58:
                    99:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:4D:A1:62:54:23:65:96:D3:3E:02:1F:6E:59:FB:3E:30:9B:C2:18
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:b7:e7:85:69:8e:fc:aa:2b:ed:a6:c2:a6:32:cd:ed:17:12:
         4e:d7:6a:cb:72:83:cf:fc:a9:56:71:85:a6:7a:ef:4c:28:3a:
         23:a0:65:02:92:1e:4d:1b:03:e2:de:35:df:96:31:eb:07:e6:
         b0:84:b2:ea:2e:cb:0b:55:c9:a9:c4:f6:4a:3e:f7:6f:ce:be:
         82:63:b6:de:83:77:ab:73:e1:5e:8a:88:f6:bf:8a:44:0c:5e:
         83:d4:0c:25:c9:6f:2c:1b:2e:b3:ae:5d:b2:f7:c7:86:67:8b:
         ec:ae:44:8b:eb:75:dc:84:ba:af:b6:b9:41:14:91:5b:15:41:
         6d:f2:c3:97:1c:80:c0:5b:5b:92:20:57:5a:24:d9:2a:cf:fe:
         15:7d:e7:59:f7:0c:17:fd:4d:95:80:e9:82:b9:8b:60:03:c6:
         52:68:a4:be:b5:07:a1:a7:e7:47:31:d7:44:6c:69:9a:e3:8a:
         61:15:3a:c1:13:63:50:a1:0b:83:35:80:35:c0:b6:40:ce:8c:
         4c:b6:a8:61:26:3d:e5:19:62:68:92:06:bf:be:19:d3:63:0d:
         b8:0b:c9:a7:88:3e:37:9c:e6:43:95:6a:c6:1e:d2:0c:0f:7b:
         2d:47:c7:b1:91:3f:8b:eb:5d:5e:2e:32:b8:4c:82:34:fe:f1:
         9f:e4:a6:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gMiBZyrStXiPXApIcCkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwNTExMDQwMDU1WhcNMjUwNTEyMDQwMDU1WjAzMTEwLwYDVQQD
Eyg5YjRkYTE2MjU0MjM2NTk2ZDMzZTAyMWY2ZTU5ZmIzZTMwOWJjMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Alub9ysRjhQHPufE5XaqhiDN2yu
acEulvSFiE20qE/EdaRGUH4x161V7o24PNwJsLx5phrKz3PmOCflvs1ms1Q0WYh4
TEFmpHnB3Pfs3vn6gsji+owOLNHbdESWCdk0UqaMACS4Oc0BAjDPrR+92NpYnD6+
yFVSyKYEJtN4V5N5WafmY2RmJhD6vK8ckhMvP+NmUbWw1sSZZjHZcpk65C6nWic1
poyn8VfNyaRep39WZSlhGpAsHjABmNploP9VPxRrKpz+EQD3s7ryBcKfCtunOECO
Chkl3dHAv6mgvnwk8/E6H8xMHIGoD6nHuqZvDbSrvlSBUhGSY6qrGliZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtNoWJUI2WW0z4CH25Z+z4wm8IYMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7fnhWmO
/Kor7abCpjLN7RcSTtdqy3KDz/ypVnGFpnrvTCg6I6BlApIeTRsD4t4135Yx6wfm
sISy6i7LC1XJqcT2Sj73b86+gmO23oN3q3PhXoqI9r+KRAxeg9QMJclvLBsus65d
svfHhmeL7K5Ei+t13IS6r7a5QRSRWxVBbfLDlxyAwFtbkiBXWiTZKs/+FX3nWfcM
F/1NlYDpgrmLYAPGUmikvrUHoafnRzHXRGxpmuOKYRU6wRNjUKELgzWANcC2QM6M
TLaoYSY95RliaJIGv74Z02MNuAvJp4g+N5zmQ5Vqxh7SDA97LUfHsZE/i+tdXi4y
uEyCNP7xn+Smgg==
-----END CERTIFICATE-----