Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          t013zV8Bu3smqCg0rJjV3eXUBSx/sDYWH9pKzxuugNs=
Subject key identifier:   4D:FE:08:B1:FE:62:B0:FF:7B:0D:B8:F9:83:CA:88:3B:0A:B7:42:16
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       0196C8045582B2114635A13B254FB45635B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          01BB
Signing time:             Tue 13 May 2025 05:00:49 +0000
Manifest this update:     Tue 13 May 2025 05:00:49 +0000
Manifest next update:     Wed 14 May 2025 05:00:49 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: dcnWqzDeVa+s2fb/uBjru1myORfELmVEgv4EcLkl0Vg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 05:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:04:55:82:b2:11:46:35:a1:3b:25:4f:b4:56:35:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: May 13 05:00:49 2025 GMT
            Not After : May 14 05:00:49 2025 GMT
        Subject: CN=4dfe08b1fe62b0ff7b0db8f983ca883b0ab74216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:63:88:f9:6a:1e:ab:d3:63:db:35:a8:9c:f5:
                    dd:3d:f1:88:0e:9c:cc:8c:e3:95:0e:4a:ab:d0:92:
                    32:bd:e5:16:7a:bc:e5:93:21:71:ba:6b:66:c2:d1:
                    98:cb:a0:63:b9:a9:0e:4c:32:75:4b:d3:88:83:81:
                    69:82:35:c6:8b:17:22:47:ed:f7:44:e1:c4:bd:ea:
                    e3:92:19:e3:05:4d:b4:34:cb:52:f5:c0:4c:ea:de:
                    7e:65:ad:ac:9d:df:00:1d:66:4b:b3:7d:b6:4c:26:
                    81:e9:22:a2:b7:93:45:13:79:7f:d6:dc:26:e7:8a:
                    70:23:9a:64:d1:60:e0:a6:cd:42:38:b3:dc:fb:7d:
                    b0:53:42:f7:e2:d3:ff:73:eb:14:ec:07:35:8d:33:
                    95:c2:71:79:ff:b1:99:eb:7b:35:af:0f:7f:28:ae:
                    0e:20:b0:f8:19:a6:31:64:80:f0:9c:b6:07:bb:e4:
                    e3:55:49:b9:af:1d:df:f0:df:40:09:d0:de:f7:be:
                    8b:62:41:f5:13:3e:c7:bb:17:7f:8a:dd:09:58:a7:
                    a1:9e:74:b0:49:f3:2e:d2:ca:62:0e:77:ad:91:65:
                    e8:bb:22:5c:44:ff:8e:c4:38:ee:9f:d8:2d:07:7a:
                    5e:dd:75:8b:b9:04:ad:5a:aa:7b:d2:61:e8:86:ee:
                    ed:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:FE:08:B1:FE:62:B0:FF:7B:0D:B8:F9:83:CA:88:3B:0A:B7:42:16
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:4a:99:3d:50:f5:0b:3a:a6:16:e6:e2:e7:40:fc:88:5e:49:
         b3:36:e8:40:04:49:dc:4f:f7:ce:41:4c:ac:2d:c9:38:68:ef:
         20:fa:ac:99:bd:b8:d4:06:fd:d1:79:da:4e:c2:da:f7:dc:d9:
         55:d7:ba:6f:fc:db:c6:bd:40:fb:e7:4b:6d:2a:b9:47:7b:0d:
         be:9d:31:c4:0f:c0:54:87:5e:dc:cd:a2:26:92:4b:df:9d:6e:
         13:24:15:54:62:3f:59:f6:4e:d3:0f:67:89:ea:a8:74:77:55:
         6a:c6:6f:b2:3a:91:f9:de:0e:09:77:38:fa:90:20:a5:7d:de:
         2e:8d:bd:21:97:0b:36:4a:a3:90:f8:e4:93:41:e2:f1:fa:1c:
         f9:b5:37:62:bb:76:07:c8:d7:4d:51:59:5a:08:6e:28:fd:46:
         07:02:55:2c:c0:f3:43:3e:c0:42:52:e4:ac:22:b3:3c:15:cf:
         c1:e3:b8:ec:f7:73:b3:c8:e8:4a:08:85:5a:e1:c7:e2:06:c4:
         09:73:92:3d:bd:c3:3d:5f:fb:cd:28:65:f4:bd:ed:54:fa:9f:
         4d:5e:ad:13:0a:90:f9:d6:26:9c:a8:c4:4e:63:62:2e:92:4f:
         bf:41:ad:cb:e3:40:9d:7c:d2:b4:a7:34:cf:7d:d2:9c:a4:3b:
         18:cd:a3:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIBFWCshFGNaE7JU+0VjW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjUwNTEzMDUwMDQ5WhcNMjUwNTE0MDUwMDQ5WjAzMTEwLwYDVQQD
Eyg0ZGZlMDhiMWZlNjJiMGZmN2IwZGI4Zjk4M2NhODgzYjBhYjc0MjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72OI+Woeq9Nj2zWonPXdPfGIDpzM
jOOVDkqr0JIyveUWerzlkyFxumtmwtGYy6BjuakOTDJ1S9OIg4FpgjXGixciR+33
ROHEverjkhnjBU20NMtS9cBM6t5+Za2snd8AHWZLs322TCaB6SKit5NFE3l/1twm
54pwI5pk0WDgps1COLPc+32wU0L34tP/c+sU7Ac1jTOVwnF5/7GZ63s1rw9/KK4O
ILD4GaYxZIDwnLYHu+TjVUm5rx3f8N9ACdDe976LYkH1Ez7Huxd/it0JWKehnnSw
SfMu0spiDnetkWXouyJcRP+OxDjun9gtB3pe3XWLuQStWqp70mHohu7tJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3+CLH+YrD/ew24+YPKiDsKt0IWMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGEqZPVD1
CzqmFubi50D8iF5JszboQARJ3E/3zkFMrC3JOGjvIPqsmb241Ab90XnaTsLa99zZ
Vde6b/zbxr1A++dLbSq5R3sNvp0xxA/AVIde3M2iJpJL351uEyQVVGI/WfZO0w9n
ieqodHdVasZvsjqR+d4OCXc4+pAgpX3eLo29IZcLNkqjkPjkk0Hi8foc+bU3Yrt2
B8jXTVFZWghuKP1GBwJVLMDzQz7AQlLkrCKzPBXPweO47Pdzs8joSgiFWuHH4gbE
CXOSPb3DPV/7zShl9L3tVPqfTV6tEwqQ+dYmnKjETmNiLpJPv0Gty+NAnXzStKc0
z33SnKQ7GM2jcQ==
-----END CERTIFICATE-----