Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft
File:                     oqodRGKTg8rfx1F9733ikpWuObQ.mft (raw, json)
Hash identifier:          ubFcCdMzJdAwQ9RbDubOZDap6NhfwISNVfo4r4uspWY=
Subject key identifier:   55:D4:32:F3:FC:12:3A:8B:9E:E1:4E:E6:14:78:00:C4:63:4C:DD:78
Authority key identifier: A2:AA:1D:44:62:93:83:CA:DF:C7:51:7D:EF:7D:E2:92:95:AE:39:B4
Certificate issuer:       /CN=a2aa1d44629383cadfc7517def7de29295ae39b4
Certificate serial:       0197C8A6FDCEB56BA2F9F9B19F63885AC0A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft
Manifest number:          0D34
Signing time:             Wed 02 Jul 2025 01:01:16 +0000
Manifest this update:     Wed 02 Jul 2025 01:01:16 +0000
Manifest next update:     Thu 03 Jul 2025 01:01:16 +0000
Files and hashes:         1: oqodRGKTg8rfx1F9733ikpWuObQ.crl (hash: rsCh1YI1iEtPKLFYJICx9IKWtXFvZlZA9kuha5e1obw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 01:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c8:a6:fd:ce:b5:6b:a2:f9:f9:b1:9f:63:88:5a:c0:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2aa1d44629383cadfc7517def7de29295ae39b4
        Validity
            Not Before: Jul  2 01:01:16 2025 GMT
            Not After : Jul  3 01:01:16 2025 GMT
        Subject: CN=55d432f3fc123a8b9ee14ee6147800c4634cdd78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d3:7d:00:85:8b:d0:4c:a2:5e:d5:28:a1:a8:
                    63:69:ca:e3:df:42:8b:ba:9d:b1:13:ec:09:7a:64:
                    6f:f1:81:36:01:96:0a:97:95:ca:47:6d:ea:99:12:
                    46:10:16:53:1e:ac:58:58:33:c3:7e:70:0d:b6:ee:
                    06:43:99:ec:f4:5b:2f:42:37:ca:67:91:d7:55:2e:
                    ef:2f:b1:47:10:46:96:2c:83:b7:d7:9d:7a:db:69:
                    64:4c:f4:d8:17:68:2d:44:4e:40:66:da:57:f3:0e:
                    03:94:65:dd:91:4f:4f:54:f3:07:cb:2b:31:85:bd:
                    fb:84:fb:0c:13:4e:44:47:31:e9:5e:49:e8:bc:09:
                    09:27:90:62:0b:3c:ff:e1:e1:65:55:06:a1:a5:b8:
                    0f:11:8e:ff:b6:e6:d8:21:5e:13:ea:9a:2a:76:0e:
                    62:b6:24:70:0c:e5:f9:13:02:9c:8e:7c:7f:56:2b:
                    a4:cc:63:cf:ad:f3:bf:58:af:dd:2d:23:a0:58:03:
                    f6:6c:37:4c:ba:1d:6c:90:64:11:c8:84:a3:aa:ef:
                    3c:df:47:cf:ee:76:87:83:f7:7e:c9:48:54:38:23:
                    2a:81:b8:9a:e5:b2:8e:0c:cd:11:f3:ad:aa:d3:bf:
                    4a:79:f2:11:ad:03:87:a9:00:55:d9:2b:40:b0:36:
                    0d:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:D4:32:F3:FC:12:3A:8B:9E:E1:4E:E6:14:78:00:C4:63:4C:DD:78
            X509v3 Authority Key Identifier:
                keyid:A2:AA:1D:44:62:93:83:CA:DF:C7:51:7D:EF:7D:E2:92:95:AE:39:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:06:20:fd:e8:de:50:bf:56:09:12:f7:b2:5d:3e:b6:09:b1:
         7b:16:12:b1:48:64:11:32:fc:55:cb:67:76:80:19:5f:f8:b8:
         d4:20:7a:2c:98:a7:ff:52:5a:4e:31:35:34:a8:ee:ba:d0:eb:
         14:05:c5:a3:cd:86:69:fe:6b:34:1a:1b:04:07:70:2a:a0:a5:
         f5:1c:a7:32:b5:c5:90:72:d9:80:9e:9a:3a:df:5a:ce:70:ef:
         34:c1:ab:a9:15:d9:8d:cb:63:bd:e2:67:13:96:ce:af:e1:4f:
         10:fe:f1:ca:a9:77:0c:c0:e0:10:c1:26:b7:ad:27:00:30:f8:
         22:77:c7:0b:e7:c1:0a:be:07:b8:a6:16:61:dd:8f:de:1f:71:
         3b:1b:ef:36:23:ca:6f:da:7a:25:f8:a9:16:33:36:d3:26:20:
         60:b5:7b:1e:79:b9:76:cb:0c:48:41:93:c6:f9:89:8f:e6:1d:
         41:c6:5c:f6:ed:70:3c:bc:79:1f:5a:a0:82:01:8b:17:1b:91:
         78:0e:0f:e2:8c:ab:ae:8c:75:b5:c7:75:7d:84:f7:97:37:dc:
         0f:69:ef:36:e0:25:ca:35:4f:e4:58:0c:17:c2:75:fc:49:0c:
         16:13:b2:9b:1f:3a:34:1d:3b:7f:05:3d:97:28:14:a6:f9:61:
         dd:7b:20:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfIpv3OtWui+fmxn2OIWsCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYWExZDQ0NjI5MzgzY2FkZmM3NTE3ZGVmN2RlMjkyOTVh
ZTM5YjQwHhcNMjUwNzAyMDEwMTE2WhcNMjUwNzAzMDEwMTE2WjAzMTEwLwYDVQQD
Eyg1NWQ0MzJmM2ZjMTIzYThiOWVlMTRlZTYxNDc4MDBjNDYzNGNkZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtN9AIWL0EyiXtUooahjacrj30KL
up2xE+wJemRv8YE2AZYKl5XKR23qmRJGEBZTHqxYWDPDfnANtu4GQ5ns9FsvQjfK
Z5HXVS7vL7FHEEaWLIO3151622lkTPTYF2gtRE5AZtpX8w4DlGXdkU9PVPMHyysx
hb37hPsME05ERzHpXknovAkJJ5BiCzz/4eFlVQahpbgPEY7/tubYIV4T6poqdg5i
tiRwDOX5EwKcjnx/ViukzGPPrfO/WK/dLSOgWAP2bDdMuh1skGQRyISjqu8830fP
7naHg/d+yUhUOCMqgbia5bKODM0R862q079KefIRrQOHqQBV2StAsDYNRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXUMvP8EjqLnuFO5hR4AMRjTN14MB8GA1UdIwQY
MBaAFKKqHURik4PK38dRfe994pKVrjm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zMTc4MjQtZjhmNS00Yjc4LTliNWUt
NzQ5MTc1YjE3OGYxLzEvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zMTc4MjQtZjhmNS00Yjc4LTliNWUtNzQ5MTc1YjE3OGYx
LzEvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsgYg/eje
UL9WCRL3sl0+tgmxexYSsUhkETL8VctndoAZX/i41CB6LJin/1JaTjE1NKjuutDr
FAXFo82Gaf5rNBobBAdwKqCl9RynMrXFkHLZgJ6aOt9aznDvNMGrqRXZjctjveJn
E5bOr+FPEP7xyql3DMDgEMEmt60nADD4InfHC+fBCr4HuKYWYd2P3h9xOxvvNiPK
b9p6JfipFjM20yYgYLV7Hnm5dssMSEGTxvmJj+YdQcZc9u1wPLx5H1qgggGLFxuR
eA4P4oyrrox1tcd1fYT3lzfcD2nvNuAlyjVP5FgMF8J1/EkMFhOymx86NB07fwU9
lygUpvlh3Xsgaw==
-----END CERTIFICATE-----