Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          +KWyD+3MF3zQlS5IDyRopT8kmxzAIDg1TYe0ad0nS70=
Subject key identifier:   41:5A:D4:EE:F3:A9:0B:89:5E:0E:ED:A0:25:1E:B1:C9:C9:CA:76:24
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       0196C8723E05C20374F7FF2B2B9338736159
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          14C5
Signing time:             Tue 13 May 2025 07:00:52 +0000
Manifest this update:     Tue 13 May 2025 07:00:52 +0000
Manifest next update:     Wed 14 May 2025 07:00:52 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: vUMpdYMA5qNJHdMH3K36SjN+7IDkN/RcqpeQuG+o2O4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:72:3e:05:c2:03:74:f7:ff:2b:2b:93:38:73:61:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: May 13 07:00:52 2025 GMT
            Not After : May 14 07:00:52 2025 GMT
        Subject: CN=415ad4eef3a90b895e0eeda0251eb1c9c9ca7624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:d0:3f:41:9c:23:a9:f1:91:cf:78:89:bb:8f:
                    e3:cd:15:94:93:47:c8:41:8f:ca:36:bd:83:76:28:
                    0d:d2:5d:6b:69:7b:d2:86:da:c8:2e:56:31:6f:0d:
                    58:be:88:22:9b:8a:75:2d:5b:95:ae:ab:5b:1a:04:
                    d6:54:ae:c5:65:b7:36:85:4f:63:94:56:23:c8:1b:
                    2d:0d:6d:91:69:09:11:63:1d:6e:de:40:fb:c9:65:
                    62:79:7a:66:66:ef:44:4e:d3:10:29:8a:dc:a8:af:
                    7d:78:a5:ff:89:76:c2:d3:7a:0c:84:61:2c:ac:ef:
                    6f:fb:7d:db:0f:e2:89:d5:21:e1:a9:7c:ea:4e:b8:
                    74:2a:86:0c:d2:1b:d9:b1:9b:fc:83:cf:ef:26:da:
                    48:49:6e:a7:7d:57:7d:b3:c6:e7:19:2c:15:07:e1:
                    72:d7:91:dc:3e:7c:44:48:78:7b:14:99:35:91:ab:
                    71:75:fa:32:ee:4a:64:d0:54:e6:e0:ca:03:0b:f5:
                    ea:58:56:8c:82:a7:ab:5d:56:c4:99:89:67:02:4b:
                    d7:c2:a4:4a:5f:08:7c:98:5e:89:87:66:09:b1:e9:
                    d3:ef:9e:9d:ca:64:f9:72:44:48:b3:df:bb:f1:3d:
                    35:70:cf:cb:a9:34:ab:f1:6e:09:33:24:e5:cf:07:
                    bb:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:5A:D4:EE:F3:A9:0B:89:5E:0E:ED:A0:25:1E:B1:C9:C9:CA:76:24
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:e5:61:91:36:d2:f7:ac:8a:5c:a7:59:c6:17:25:c0:a9:ff:
         a8:4f:a0:3c:f3:1d:b3:53:0b:32:78:45:c7:c3:73:a6:e9:ab:
         37:84:50:20:b0:e5:23:e2:69:c2:f6:36:04:fa:92:86:1d:c1:
         01:8d:69:51:02:2e:34:18:76:79:b8:dd:e5:84:70:5a:fb:7a:
         cb:1c:cc:06:ee:e1:9d:81:18:7e:51:41:71:a6:34:c6:16:1b:
         52:41:84:c0:32:e8:ce:5c:00:6a:07:de:b5:a2:70:48:a6:da:
         a7:33:10:c7:62:d1:42:ae:6e:d9:11:a3:ef:df:36:fa:08:9d:
         98:c9:1d:36:f6:6f:c1:99:a1:a1:81:6f:ac:48:61:5f:22:65:
         28:a5:6d:6c:c8:7e:41:1a:d6:84:da:99:ee:60:cd:3a:f8:a9:
         bd:79:73:20:4a:5f:44:b9:ba:63:c6:42:e1:a0:ef:31:d2:cf:
         7e:c1:b9:cb:aa:3c:9d:1a:d3:bb:54:82:7d:44:3a:6e:f0:ea:
         9a:04:51:c6:8b:12:0f:85:d8:c2:e1:50:91:ef:9f:7c:ea:bd:
         9b:2d:38:d9:b9:75:ac:d5:a9:84:7d:90:00:60:46:eb:d2:9d:
         e0:4e:ec:0e:0d:99:20:45:df:47:e2:90:97:76:be:d8:21:ac:
         75:40:4d:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIcj4FwgN09/8rK5M4c2FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjUwNTEzMDcwMDUyWhcNMjUwNTE0MDcwMDUyWjAzMTEwLwYDVQQD
Eyg0MTVhZDRlZWYzYTkwYjg5NWUwZWVkYTAyNTFlYjFjOWM5Y2E3NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdA/QZwjqfGRz3iJu4/jzRWUk0fI
QY/KNr2DdigN0l1raXvShtrILlYxbw1Yvogim4p1LVuVrqtbGgTWVK7FZbc2hU9j
lFYjyBstDW2RaQkRYx1u3kD7yWVieXpmZu9ETtMQKYrcqK99eKX/iXbC03oMhGEs
rO9v+33bD+KJ1SHhqXzqTrh0KoYM0hvZsZv8g8/vJtpISW6nfVd9s8bnGSwVB+Fy
15HcPnxESHh7FJk1katxdfoy7kpk0FTm4MoDC/XqWFaMgqerXVbEmYlnAkvXwqRK
Xwh8mF6Jh2YJsenT756dymT5ckRIs9+78T01cM/LqTSr8W4JMyTlzwe7OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFa1O7zqQuJXg7toCUescnJynYkMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADeVhkTbS
96yKXKdZxhclwKn/qE+gPPMds1MLMnhFx8NzpumrN4RQILDlI+JpwvY2BPqShh3B
AY1pUQIuNBh2ebjd5YRwWvt6yxzMBu7hnYEYflFBcaY0xhYbUkGEwDLozlwAagfe
taJwSKbapzMQx2LRQq5u2RGj7982+gidmMkdNvZvwZmhoYFvrEhhXyJlKKVtbMh+
QRrWhNqZ7mDNOvipvXlzIEpfRLm6Y8ZC4aDvMdLPfsG5y6o8nRrTu1SCfUQ6bvDq
mgRRxosSD4XYwuFQke+ffOq9my042bl1rNWphH2QAGBG69Kd4E7sDg2ZIEXfR+KQ
l3a+2CGsdUBNoA==
-----END CERTIFICATE-----