Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          exJgVHVlk3EMbuoRcineUCbT3i7o1+5ojwmQLh8Pb5s=
Subject key identifier:   3A:98:68:12:1E:DC:3F:CB:40:24:76:1C:1B:7D:D3:91:3C:14:AA:04
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       0197C8DDBC832CE4FD738A3ED5335725A954
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          0240
Signing time:             Wed 02 Jul 2025 02:01:04 +0000
Manifest this update:     Wed 02 Jul 2025 02:01:04 +0000
Manifest next update:     Thu 03 Jul 2025 02:01:04 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: Gh/aYhIK0s2amijn8KNbIgKeOipnyssTyJIvlx/sKFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 01:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c8:dd:bc:83:2c:e4:fd:73:8a:3e:d5:33:57:25:a9:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Jul  2 02:01:04 2025 GMT
            Not After : Jul  3 02:01:04 2025 GMT
        Subject: CN=3a9868121edc3fcb4024761c1b7dd3913c14aa04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:cd:f3:20:ce:ff:4c:ca:a5:8c:a8:6e:51:59:
                    16:9c:1d:0c:b4:e9:fb:52:15:e6:83:cd:78:73:13:
                    dd:ca:06:b4:46:99:1b:63:78:7a:21:9c:78:61:01:
                    86:51:48:b7:49:1b:b1:eb:57:da:51:2e:69:5d:15:
                    b4:c6:9a:bf:5c:ba:0e:0d:a0:15:63:93:2b:c3:10:
                    77:42:cf:3f:61:3c:b1:0a:64:77:02:4d:69:3a:39:
                    e8:f4:e7:99:cb:57:f0:bf:2d:12:50:7c:ce:be:9b:
                    6d:e1:76:fb:b6:f2:12:c9:97:15:cb:38:fd:52:ac:
                    f2:37:f5:1e:c8:4f:4a:ec:9a:8d:77:6f:1a:06:1f:
                    5f:62:51:cc:08:6e:93:d8:86:b8:34:48:06:67:70:
                    c9:eb:1f:f0:6e:5e:0d:ef:53:ea:e1:56:e5:07:c6:
                    3d:93:30:ff:92:a1:99:50:66:5f:cf:7c:07:23:dc:
                    d5:af:c2:bb:db:ac:45:9e:48:78:13:44:bc:5b:d8:
                    60:0b:29:e4:da:3e:23:cc:a6:96:fd:78:f4:da:98:
                    3e:1d:aa:0d:e1:21:f0:03:be:62:4b:ba:fb:91:ef:
                    5c:dd:ab:98:cc:15:05:77:d9:dd:cb:85:c2:04:6b:
                    b4:85:9a:c3:ff:5e:03:98:3d:3c:8f:17:1f:a3:7f:
                    8a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:98:68:12:1E:DC:3F:CB:40:24:76:1C:1B:7D:D3:91:3C:14:AA:04
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:fe:50:e5:d0:0d:52:3b:3c:70:28:d0:2a:36:1e:fa:27:20:
         3f:38:e7:80:01:b1:44:76:4a:4c:c5:64:2f:90:53:99:94:0c:
         c1:ea:61:f6:92:5b:73:5b:5b:86:31:37:31:18:6f:c7:78:89:
         ab:6f:e4:19:03:58:d6:81:b2:49:8b:ff:27:2b:1c:7d:ca:10:
         8e:9f:2e:ca:c9:66:80:f0:c0:19:a9:b3:8a:13:99:42:cc:0a:
         9f:54:ef:db:9b:d9:bb:fc:fa:49:b8:95:08:94:18:33:0d:c9:
         15:37:c0:15:93:3d:b6:91:d7:47:53:5d:29:f3:6d:3c:47:5e:
         c0:8c:98:b6:7d:20:6c:b4:7e:cf:ec:8b:16:01:33:10:1b:90:
         c3:a7:40:9c:86:81:99:79:36:06:05:de:29:75:69:2d:ee:c3:
         7d:0b:59:85:29:06:2a:a0:b0:a3:eb:15:d7:c0:2c:8e:68:04:
         15:00:40:53:29:6e:38:d1:98:7d:a1:bc:07:e1:09:08:13:03:
         6d:f5:0d:cd:9b:96:a6:8e:4e:dc:60:ab:e0:a0:88:25:90:7d:
         56:0f:d9:22:0d:53:15:09:60:ad:c4:0c:b5:30:a5:63:8e:a3:
         cf:d3:87:24:12:48:63:a1:11:66:55:b0:16:99:f6:ba:23:a0:
         dd:50:a3:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfI3byDLOT9c4o+1TNXJalUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjUwNzAyMDIwMTA0WhcNMjUwNzAzMDIwMTA0WjAzMTEwLwYDVQQD
EygzYTk4NjgxMjFlZGMzZmNiNDAyNDc2MWMxYjdkZDM5MTNjMTRhYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM3zIM7/TMqljKhuUVkWnB0MtOn7
UhXmg814cxPdyga0RpkbY3h6IZx4YQGGUUi3SRux61faUS5pXRW0xpq/XLoODaAV
Y5MrwxB3Qs8/YTyxCmR3Ak1pOjno9OeZy1fwvy0SUHzOvptt4Xb7tvISyZcVyzj9
UqzyN/UeyE9K7JqNd28aBh9fYlHMCG6T2Ia4NEgGZ3DJ6x/wbl4N71Pq4VblB8Y9
kzD/kqGZUGZfz3wHI9zVr8K726xFnkh4E0S8W9hgCynk2j4jzKaW/Xj02pg+HaoN
4SHwA75iS7r7ke9c3auYzBUFd9ndy4XCBGu0hZrD/14DmD08jxcfo3+KYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqYaBIe3D/LQCR2HBt905E8FKoEMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACv5Q5dAN
Ujs8cCjQKjYe+icgPzjngAGxRHZKTMVkL5BTmZQMweph9pJbc1tbhjE3MRhvx3iJ
q2/kGQNY1oGySYv/JyscfcoQjp8uyslmgPDAGamzihOZQswKn1Tv25vZu/z6SbiV
CJQYMw3JFTfAFZM9tpHXR1NdKfNtPEdewIyYtn0gbLR+z+yLFgEzEBuQw6dAnIaB
mXk2BgXeKXVpLe7DfQtZhSkGKqCwo+sV18AsjmgEFQBAUyluONGYfaG8B+EJCBMD
bfUNzZuWpo5O3GCr4KCIJZB9Vg/ZIg1TFQlgrcQMtTClY46jz9OHJBJIY6ERZlWw
Fpn2uiOg3VCjJQ==
-----END CERTIFICATE-----