Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File:                     OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier:          MCi46Sq3mF5VmtZNaOAKSUOTKzBK/vMf/FJNJc3zZho=
Subject key identifier:   89:14:1E:97:E1:7D:28:7A:C0:06:DE:67:2D:4D:1F:92:96:D1:ED:FF
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer:       /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial:       0196CBA9CDDBE1A1537AF9C553E578B0430B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number:          1538
Signing time:             Tue 13 May 2025 22:00:25 +0000
Manifest this update:     Tue 13 May 2025 22:00:25 +0000
Manifest next update:     Wed 14 May 2025 22:00:25 +0000
Files and hashes:         1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: 2dk3O7d4SO7Pr7ba+RAf90Z+diBxZQub0FuTo0EDCTA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:a9:cd:db:e1:a1:53:7a:f9:c5:53:e5:78:b0:43:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
        Validity
            Not Before: May 13 22:00:25 2025 GMT
            Not After : May 14 22:00:25 2025 GMT
        Subject: CN=89141e97e17d287ac006de672d4d1f9296d1edff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4a:ed:63:cc:fd:1f:48:4f:dc:dc:5d:ab:0f:
                    38:c1:4c:50:4d:38:f1:cb:8d:f0:ec:f7:34:96:10:
                    a9:ec:89:1b:b7:eb:0e:df:cc:5b:66:47:1a:ae:51:
                    25:19:12:59:5d:5b:54:0c:71:9e:ce:4d:cd:af:51:
                    67:53:6c:65:86:55:5e:0f:5b:19:b5:2f:1f:db:ce:
                    90:e7:cd:1d:e1:d9:60:1a:0c:a6:3a:be:3f:39:0d:
                    9b:2f:ff:83:91:23:47:10:9f:a3:01:0a:ed:ab:a1:
                    5e:1e:85:b2:e2:bf:53:61:f0:2d:20:32:00:6c:eb:
                    4a:18:2f:a3:de:ea:a7:f0:c1:9c:7c:4b:b4:1c:75:
                    25:28:be:3a:50:56:fe:c8:08:49:f2:33:06:a3:6d:
                    ce:33:3a:93:cc:8e:f3:68:e2:ec:12:9e:c1:d7:91:
                    29:5e:2c:b1:1f:ce:54:82:75:ac:1f:e9:f3:37:06:
                    2b:ed:69:9f:32:6a:3a:bf:2e:e5:ad:11:74:76:1d:
                    b5:63:53:86:be:ff:3a:f9:b0:c2:a0:5d:cb:f6:9a:
                    1d:a6:4f:a9:b3:00:5e:c6:d1:d0:b6:6a:e1:ee:c0:
                    0e:47:39:2a:e9:43:1e:1d:64:bb:b5:e0:01:19:63:
                    5a:4b:f0:aa:85:ad:c6:9a:87:fc:82:8c:22:c2:ce:
                    a4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:14:1E:97:E1:7D:28:7A:C0:06:DE:67:2D:4D:1F:92:96:D1:ED:FF
            X509v3 Authority Key Identifier:
                keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:2c:7d:db:8d:e9:09:6a:97:63:08:d0:0b:d3:da:e2:3a:c5:
         f5:69:7a:c3:e4:6b:d2:6e:4e:02:b7:73:b1:ed:2e:16:36:3b:
         aa:77:79:69:ee:c0:48:6c:e9:af:0e:34:d5:37:5a:c6:7c:52:
         57:1b:4c:6b:e0:30:f4:2c:60:89:48:6e:2e:ca:54:80:05:42:
         c7:56:f1:44:88:7c:b0:88:da:b4:04:04:98:f3:99:3d:49:8b:
         d8:ea:54:bc:47:fe:86:49:65:8d:8e:4f:b6:f0:be:74:0d:8d:
         2d:02:3d:96:22:29:47:3e:c5:4d:45:05:09:c5:3b:a8:7b:c0:
         05:82:ed:84:79:02:7d:7e:15:15:84:34:1a:ed:8d:ca:73:40:
         42:28:3a:ec:6f:9f:a1:65:bb:56:a1:02:2a:07:ce:6a:d7:7f:
         6e:f6:4a:80:06:51:65:cb:2f:dd:e9:43:69:02:9d:0e:02:53:
         58:65:3d:91:41:07:08:ea:c6:4e:8d:43:04:ea:eb:a4:dc:2b:
         b8:f2:ce:94:d9:d4:41:e6:16:5c:74:b9:ad:bd:b8:db:86:b8:
         b6:bb:42:aa:82:49:be:0b:a4:04:af:94:1c:fd:01:2a:ab:ab:
         7f:8e:ee:0f:4f:24:16:49:4f:f1:b2:c2:8c:8b:d4:39:bd:e1:
         dd:20:e3:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLqc3b4aFTevnFU+V4sEMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjUwNTEzMjIwMDI1WhcNMjUwNTE0MjIwMDI1WjAzMTEwLwYDVQQD
Eyg4OTE0MWU5N2UxN2QyODdhYzAwNmRlNjcyZDRkMWY5Mjk2ZDFlZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUrtY8z9H0hP3Nxdqw84wUxQTTjx
y43w7Pc0lhCp7Ikbt+sO38xbZkcarlElGRJZXVtUDHGezk3Nr1FnU2xlhlVeD1sZ
tS8f286Q580d4dlgGgymOr4/OQ2bL/+DkSNHEJ+jAQrtq6FeHoWy4r9TYfAtIDIA
bOtKGC+j3uqn8MGcfEu0HHUlKL46UFb+yAhJ8jMGo23OMzqTzI7zaOLsEp7B15Ep
XiyxH85UgnWsH+nzNwYr7WmfMmo6vy7lrRF0dh21Y1OGvv86+bDCoF3L9podpk+p
swBextHQtmrh7sAORzkq6UMeHWS7teABGWNaS/Cqha3Gmof8gowiws6kWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkUHpfhfSh6wAbeZy1NH5KW0e3/MB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSx9243p
CWqXYwjQC9Pa4jrF9Wl6w+Rr0m5OArdzse0uFjY7qnd5ae7ASGzprw401TdaxnxS
VxtMa+Aw9CxgiUhuLspUgAVCx1bxRIh8sIjatAQEmPOZPUmL2OpUvEf+hklljY5P
tvC+dA2NLQI9liIpRz7FTUUFCcU7qHvABYLthHkCfX4VFYQ0Gu2NynNAQig67G+f
oWW7VqECKgfOatd/bvZKgAZRZcsv3elDaQKdDgJTWGU9kUEHCOrGTo1DBOrrpNwr
uPLOlNnUQeYWXHS5rb2424a4trtCqoJJvgukBK+UHP0BKqurf47uD08kFklP8bLC
jIvUOb3h3SDjbA==
-----END CERTIFICATE-----