Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft
File:                     O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft (raw, json)
Hash identifier:          ug7x0pavlT00rY2Dftslef2i2x+uar3A/5nJW+CcfhQ=
Subject key identifier:   0C:EC:C8:20:9C:31:2D:93:7B:65:A9:C1:56:0A:FA:3C:D6:E3:4B:1E
Authority key identifier: 3B:F2:C2:0D:A4:D6:30:18:2E:EE:33:45:AD:9D:1C:4A:D9:17:0D:50
Certificate issuer:       /CN=3bf2c20da4d630182eee3345ad9d1c4ad9170d50
Certificate serial:       0196B71083938A04762F6FF6540DCB591124
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O_LCDaTWMBgu7jNFrZ0cStkXDVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft
Manifest number:          0F6F
Signing time:             Fri 09 May 2025 22:00:34 +0000
Manifest this update:     Fri 09 May 2025 22:00:34 +0000
Manifest next update:     Sat 10 May 2025 22:00:34 +0000
Files and hashes:         1: O_LCDaTWMBgu7jNFrZ0cStkXDVA.crl (hash: 3J4GZvadoUYd83wN+zktjxrrL+4aoaS0H08/sHYgjuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O_LCDaTWMBgu7jNFrZ0cStkXDVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 17:53:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:10:83:93:8a:04:76:2f:6f:f6:54:0d:cb:59:11:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bf2c20da4d630182eee3345ad9d1c4ad9170d50
        Validity
            Not Before: May  9 22:00:34 2025 GMT
            Not After : May 10 22:00:34 2025 GMT
        Subject: CN=0cecc8209c312d937b65a9c1560afa3cd6e34b1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:79:0d:e1:ff:59:7d:84:b9:fb:2c:a4:31:55:
                    f5:94:97:7b:92:4c:04:da:2e:48:76:15:b9:fd:30:
                    d2:f0:bb:73:60:85:96:be:63:cb:ba:bd:34:1a:c5:
                    d1:f2:89:15:78:7c:38:9c:60:c6:4c:11:15:9f:2f:
                    aa:e7:cf:b1:f5:5d:98:c4:c9:53:e5:2b:60:65:35:
                    47:49:53:16:dd:0e:9e:a3:fb:e1:af:96:48:5b:27:
                    53:85:c9:82:cb:fe:c7:43:3e:7e:8b:c0:50:b4:4e:
                    06:4b:6e:3a:25:5e:fa:b8:e7:ad:01:92:d1:78:1c:
                    91:99:0a:c6:3f:0a:5d:25:13:f5:ef:4b:bc:23:9b:
                    55:03:d6:1b:85:6b:e7:64:b7:72:92:db:db:24:20:
                    90:38:41:b6:32:55:5d:e9:bb:4c:76:3d:ac:32:4e:
                    f2:0e:de:2c:79:d8:12:ce:cb:56:01:44:84:73:9b:
                    00:92:6b:0c:bd:c7:b2:cd:6a:08:bd:c3:c4:16:7a:
                    4a:73:0f:0e:c0:d1:e6:03:6a:e4:f7:92:1d:fa:31:
                    da:4c:fc:b5:59:fe:91:29:e6:46:14:3e:36:d1:9d:
                    27:25:2d:2f:0e:c4:7e:b1:b4:d6:b5:6f:90:92:f2:
                    3f:4b:f8:a6:ca:26:85:c0:49:79:05:0d:b2:5c:d6:
                    0a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:EC:C8:20:9C:31:2D:93:7B:65:A9:C1:56:0A:FA:3C:D6:E3:4B:1E
            X509v3 Authority Key Identifier:
                keyid:3B:F2:C2:0D:A4:D6:30:18:2E:EE:33:45:AD:9D:1C:4A:D9:17:0D:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_LCDaTWMBgu7jNFrZ0cStkXDVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:b2:e0:96:3f:e3:d5:67:08:35:84:12:ce:b7:ab:46:77:7d:
         a6:a9:eb:e7:97:56:58:f6:ae:da:9e:78:42:b6:78:b4:4d:0d:
         84:5c:ce:d3:5f:1a:af:12:7c:94:b9:3d:43:64:98:58:37:1d:
         a5:7c:25:c7:91:97:27:50:b8:e5:10:45:fc:b8:a2:60:11:1e:
         37:0d:b2:46:98:1d:a2:69:e0:9c:83:53:01:91:00:a6:63:98:
         4e:b0:6d:da:02:0c:00:63:6b:44:8d:13:1e:69:fb:6c:c4:b3:
         61:ea:0a:2b:15:ec:bf:8b:89:41:93:b9:bd:b3:ae:7a:ca:36:
         4f:4c:76:9b:60:96:5a:00:ff:64:ba:06:04:a4:3b:a8:53:68:
         ed:25:f7:03:27:da:c5:fa:66:22:5f:c3:40:85:63:1c:01:63:
         b9:d3:9b:6a:7e:4b:78:5b:be:ce:e6:ed:7d:3b:cf:d5:b2:74:
         0d:3d:76:0b:f1:5b:08:ce:20:21:33:46:71:15:61:0e:56:4f:
         f8:e2:79:02:59:08:ce:34:44:eb:6b:e6:7e:65:03:fe:ea:c0:
         fe:17:31:93:60:89:51:81:8c:22:5b:f4:3e:e8:b8:f2:c1:62:
         61:4e:5b:f3:eb:f8:77:70:ca:18:d5:ce:86:6d:73:2b:4a:e5:
         ef:a0:41:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3EIOTigR2L2/2VA3LWREkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZjJjMjBkYTRkNjMwMTgyZWVlMzM0NWFkOWQxYzRhZDkx
NzBkNTAwHhcNMjUwNTA5MjIwMDM0WhcNMjUwNTEwMjIwMDM0WjAzMTEwLwYDVQQD
EygwY2VjYzgyMDljMzEyZDkzN2I2NWE5YzE1NjBhZmEzY2Q2ZTM0YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHkN4f9ZfYS5+yykMVX1lJd7kkwE
2i5IdhW5/TDS8LtzYIWWvmPLur00GsXR8okVeHw4nGDGTBEVny+q58+x9V2YxMlT
5StgZTVHSVMW3Q6eo/vhr5ZIWydThcmCy/7HQz5+i8BQtE4GS246JV76uOetAZLR
eByRmQrGPwpdJRP170u8I5tVA9YbhWvnZLdyktvbJCCQOEG2MlVd6btMdj2sMk7y
Dt4sedgSzstWAUSEc5sAkmsMvceyzWoIvcPEFnpKcw8OwNHmA2rk95Id+jHaTPy1
Wf6RKeZGFD420Z0nJS0vDsR+sbTWtW+QkvI/S/imyiaFwEl5BQ2yXNYKoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzsyCCcMS2Te2WpwVYK+jzW40seMB8GA1UdIwQY
MBaAFDvywg2k1jAYLu4zRa2dHErZFw1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19MQ0RhVFdNQmd1N2pORnJaMGNTdGtYRFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wNzJiNDYtMGRhMS00MmQyLTg5OWMt
YTBiZGE4YWY3NTZhLzEvT19MQ0RhVFdNQmd1N2pORnJaMGNTdGtYRFZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wNzJiNDYtMGRhMS00MmQyLTg5OWMtYTBiZGE4YWY3NTZh
LzEvT19MQ0RhVFdNQmd1N2pORnJaMGNTdGtYRFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLLglj/j
1WcINYQSzrerRnd9pqnr55dWWPau2p54QrZ4tE0NhFzO018arxJ8lLk9Q2SYWDcd
pXwlx5GXJ1C45RBF/LiiYBEeNw2yRpgdomngnINTAZEApmOYTrBt2gIMAGNrRI0T
Hmn7bMSzYeoKKxXsv4uJQZO5vbOueso2T0x2m2CWWgD/ZLoGBKQ7qFNo7SX3Ayfa
xfpmIl/DQIVjHAFjudOban5LeFu+zubtfTvP1bJ0DT12C/FbCM4gITNGcRVhDlZP
+OJ5AlkIzjRE62vmfmUD/urA/hcxk2CJUYGMIlv0Pui48sFiYU5b8+v4d3DKGNXO
hm1zK0rl76BBVg==
-----END CERTIFICATE-----