Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          nGeULjKrtZO5dykSNgTBKgIH910b/62G0qerW7H6a4I=
Subject key identifier:   FD:77:E0:9C:3F:44:FC:E8:07:DD:18:89:5A:98:E4:E3:66:39:8E:AB
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       0196C7CD0FE5383EACCA0E94CC47547BF9CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0BC9
Signing time:             Tue 13 May 2025 04:00:26 +0000
Manifest this update:     Tue 13 May 2025 04:00:26 +0000
Manifest next update:     Wed 14 May 2025 04:00:26 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: BXlKUOlEZOJ2pC3+MWQWWlt/qsad7vtySqYAPGidg5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:cd:0f:e5:38:3e:ac:ca:0e:94:cc:47:54:7b:f9:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: May 13 04:00:26 2025 GMT
            Not After : May 14 04:00:26 2025 GMT
        Subject: CN=fd77e09c3f44fce807dd18895a98e4e366398eab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3a:f4:08:d7:38:d5:36:5a:13:9d:e1:93:54:
                    e4:d7:79:05:28:e8:2a:92:80:98:9c:e2:10:ee:a5:
                    82:84:fd:57:fc:94:32:83:90:90:60:3b:01:ab:8a:
                    6d:5a:a7:04:44:cf:5b:e9:b1:4d:6c:6e:31:b0:e1:
                    67:1a:e9:02:59:e2:b4:14:73:d7:b3:fc:73:ef:ed:
                    e7:82:e3:46:b8:fa:97:70:e8:93:06:b9:35:65:7f:
                    05:76:5f:bf:a3:45:69:2c:ad:5e:fa:d9:e7:5b:3a:
                    5e:44:68:d3:32:ba:c7:05:c9:d7:43:b3:94:d5:47:
                    71:b5:04:25:63:04:d5:9a:d0:24:18:cd:6e:36:6b:
                    05:54:c1:cd:34:d7:d0:b8:4f:5e:af:35:d8:f2:0d:
                    74:db:43:af:04:30:80:2b:4b:01:03:e0:71:00:96:
                    22:79:f6:a8:0c:d5:90:72:4a:35:a8:db:e4:1d:3b:
                    59:00:5f:bb:9d:4b:04:7e:88:74:fd:d3:2f:db:ea:
                    8b:44:1a:eb:c7:33:ee:b1:9b:99:bf:54:0b:3f:3c:
                    fd:d2:5c:ad:44:3a:7b:fe:65:67:6f:3f:c4:c2:72:
                    ca:42:95:ac:ed:10:ed:a8:f0:bf:ec:93:12:6c:86:
                    da:09:1a:9c:d5:1b:de:2b:ab:d1:58:e3:50:b3:97:
                    86:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:77:E0:9C:3F:44:FC:E8:07:DD:18:89:5A:98:E4:E3:66:39:8E:AB
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:f3:51:73:3a:76:43:19:2c:19:6e:62:61:4c:12:c7:5d:1e:
         11:0e:af:1f:e9:c3:37:90:fb:e0:7a:23:17:fa:ba:0f:0c:2d:
         ba:64:d5:78:33:53:dd:bc:1d:00:78:ae:5e:5f:fd:51:2f:22:
         63:cb:b7:2a:86:2c:68:a5:47:5d:c2:23:bd:15:83:a6:3c:41:
         43:e4:5e:9f:6c:97:7d:48:ca:20:d3:cb:c4:70:dc:ab:d5:70:
         37:ac:ae:a7:36:5c:b3:06:09:a5:6d:50:5d:d4:a9:5d:25:8c:
         e2:cb:1e:f2:0d:09:de:ce:fc:8a:bc:20:bd:19:47:97:8c:8a:
         37:71:e1:36:f5:4d:e8:52:1e:dc:b9:43:62:51:78:fe:40:97:
         f6:7d:91:70:17:cc:06:73:a0:06:84:7a:e9:e0:7b:82:96:75:
         87:aa:2e:a7:14:2e:d5:8c:41:2d:8f:b6:ed:e4:ee:5b:f2:92:
         de:fe:54:8c:94:40:b4:37:32:e0:5e:36:d6:dc:60:53:87:e1:
         a1:7d:78:62:61:cc:6a:e0:36:4c:89:8a:cf:3f:10:38:ee:5b:
         43:35:d0:fe:9f:53:54:94:4a:6c:95:71:8d:6c:11:1b:d4:18:
         ea:26:4a:b0:08:4f:a0:8c:e0:e7:cc:8c:d3:16:a7:f8:c1:18:
         b9:ad:60:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHzQ/lOD6syg6UzEdUe/nMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNTEzMDQwMDI2WhcNMjUwNTE0MDQwMDI2WjAzMTEwLwYDVQQD
EyhmZDc3ZTA5YzNmNDRmY2U4MDdkZDE4ODk1YTk4ZTRlMzY2Mzk4ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTr0CNc41TZaE53hk1Tk13kFKOgq
koCYnOIQ7qWChP1X/JQyg5CQYDsBq4ptWqcERM9b6bFNbG4xsOFnGukCWeK0FHPX
s/xz7+3nguNGuPqXcOiTBrk1ZX8Fdl+/o0VpLK1e+tnnWzpeRGjTMrrHBcnXQ7OU
1UdxtQQlYwTVmtAkGM1uNmsFVMHNNNfQuE9erzXY8g1020OvBDCAK0sBA+BxAJYi
efaoDNWQcko1qNvkHTtZAF+7nUsEfoh0/dMv2+qLRBrrxzPusZuZv1QLPzz90lyt
RDp7/mVnbz/EwnLKQpWs7RDtqPC/7JMSbIbaCRqc1RveK6vRWONQs5eGRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP134Jw/RPzoB90YiVqY5ONmOY6rMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXvNRczp2
QxksGW5iYUwSx10eEQ6vH+nDN5D74HojF/q6DwwtumTVeDNT3bwdAHiuXl/9US8i
Y8u3KoYsaKVHXcIjvRWDpjxBQ+Ren2yXfUjKINPLxHDcq9VwN6yupzZcswYJpW1Q
XdSpXSWM4sse8g0J3s78irwgvRlHl4yKN3HhNvVN6FIe3LlDYlF4/kCX9n2RcBfM
BnOgBoR66eB7gpZ1h6oupxQu1YxBLY+27eTuW/KS3v5UjJRAtDcy4F421txgU4fh
oX14YmHMauA2TImKzz8QOO5bQzXQ/p9TVJRKbJVxjWwRG9QY6iZKsAhPoIzg58yM
0xan+MEYua1g3g==
-----END CERTIFICATE-----