Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
File:                     o2osPu23l22c4wRYHyNTL-y0bn8.mft (raw, json)
Hash identifier:          c/ywzmxT3ot330QcTIIFit7u6d0WeoF4HigrIihS7WQ=
Subject key identifier:   F8:87:0E:B9:88:29:86:17:9D:E9:EA:AB:50:FC:E3:D5:73:00:31:26
Authority key identifier: A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F
Certificate issuer:       /CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
Certificate serial:       0196BA11331EE7884A2D89A34E0C44526920
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 12:00:11 +0000
Manifest this update:     Sat 10 May 2025 12:00:11 +0000
Manifest next update:     Sun 11 May 2025 12:00:11 +0000
Files and hashes:         1: o2osPu23l22c4wRYHyNTL-y0bn8.crl (hash: reJE46UjLOKCimP4Yq53hQX2mMmlWzet8tGJhTTUiKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 12:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:11:33:1e:e7:88:4a:2d:89:a3:4e:0c:44:52:69:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
        Validity
            Not Before: May 10 12:00:11 2025 GMT
            Not After : May 11 12:00:11 2025 GMT
        Subject: CN=f8870eb9882986179de9eaab50fce3d573003126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:a7:7f:49:7d:cb:1a:e1:11:85:3a:ee:9d:64:
                    ae:c8:d9:f1:9a:7d:6b:b9:96:c9:59:b8:d3:52:a5:
                    1a:e4:b8:03:ae:1f:64:50:0e:7d:60:b3:e9:84:8f:
                    7f:ad:e0:82:ed:cd:7a:4e:23:a3:75:38:65:87:a9:
                    dd:48:47:19:77:71:b7:f6:7c:d3:4c:3c:2c:3b:b9:
                    e0:8a:e0:77:43:8a:be:84:06:19:bb:72:5b:44:8a:
                    aa:16:1c:47:e4:b8:00:76:86:c5:39:9c:90:3c:e9:
                    ec:74:af:8b:77:b2:da:ac:d2:19:7c:12:10:f8:97:
                    19:01:6f:f1:32:d9:ec:95:a3:a2:a1:0e:94:05:80:
                    f9:52:f7:78:26:77:73:e5:12:a4:c9:77:9a:08:7b:
                    27:79:18:9a:42:4b:29:fd:73:34:ae:3c:4d:7d:ac:
                    0f:2e:e0:23:f3:f8:3c:03:d7:91:bb:32:75:d7:57:
                    10:d8:2c:29:97:d0:26:2a:ae:27:2d:99:59:e3:fb:
                    61:27:63:74:5c:83:aa:a3:64:41:c4:7f:25:9b:00:
                    64:e2:76:db:73:f0:7b:03:cf:09:22:50:87:b8:6d:
                    91:f1:b0:b3:df:9a:ca:30:05:39:2f:74:e8:ff:c8:
                    17:a7:11:6a:46:76:59:f7:80:b9:87:08:4b:73:d6:
                    37:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:87:0E:B9:88:29:86:17:9D:E9:EA:AB:50:FC:E3:D5:73:00:31:26
            X509v3 Authority Key Identifier:
                keyid:A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:de:6f:6f:53:68:33:0c:a7:4e:5d:16:6e:db:09:d7:34:96:
         99:8c:69:92:1f:00:3d:0f:49:ba:b9:41:e5:08:29:a4:ec:21:
         f3:43:f3:d6:72:59:c8:ee:42:47:dd:b4:01:92:20:b8:cd:d7:
         e8:25:d9:1f:32:1e:ca:9c:8e:d9:de:11:5c:62:9d:b3:e8:a9:
         90:ff:3d:72:c7:0b:6e:7d:be:2e:79:53:26:76:aa:c0:99:c4:
         b5:7e:99:7b:8f:de:74:ec:af:d3:0f:f3:aa:f7:0b:b7:dd:b8:
         57:5d:53:4d:c0:55:7a:62:ef:92:72:da:f7:b5:27:16:ff:19:
         54:26:8f:53:92:b6:9a:91:05:ab:ca:c3:9c:13:b5:0e:66:79:
         0b:28:20:66:c8:73:66:e7:2c:bb:b9:f1:7d:30:30:c0:14:78:
         c5:0d:0a:cf:b7:44:cf:93:9b:7a:86:8d:ab:8f:5d:fb:cd:2b:
         c0:7b:15:90:47:c2:e4:b8:d8:2b:9f:78:d0:65:5f:17:cb:4f:
         1b:32:e0:bb:76:bf:22:39:c0:cc:84:bb:d3:f6:49:89:91:9d:
         b4:ec:74:24:60:db:fa:61:e9:85:04:ae:01:59:33:cd:45:44:
         e3:d8:5f:7d:34:d3:0b:af:ca:e0:90:7b:6b:1d:59:5e:2c:a2:
         df:6e:db:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6ETMe54hKLYmjTgxEUmkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmEyYzNlZWRiNzk3NmQ5Y2UzMDQ1ODFmMjM1MzJmZWNi
NDZlN2YwHhcNMjUwNTEwMTIwMDExWhcNMjUwNTExMTIwMDExWjAzMTEwLwYDVQQD
EyhmODg3MGViOTg4Mjk4NjE3OWRlOWVhYWI1MGZjZTNkNTczMDAzMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA86d/SX3LGuERhTrunWSuyNnxmn1r
uZbJWbjTUqUa5LgDrh9kUA59YLPphI9/reCC7c16TiOjdThlh6ndSEcZd3G39nzT
TDwsO7ngiuB3Q4q+hAYZu3JbRIqqFhxH5LgAdobFOZyQPOnsdK+Ld7LarNIZfBIQ
+JcZAW/xMtnslaOioQ6UBYD5Uvd4Jndz5RKkyXeaCHsneRiaQksp/XM0rjxNfawP
LuAj8/g8A9eRuzJ111cQ2Cwpl9AmKq4nLZlZ4/thJ2N0XIOqo2RBxH8lmwBk4nbb
c/B7A88JIlCHuG2R8bCz35rKMAU5L3To/8gXpxFqRnZZ94C5hwhLc9Y3BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiHDrmIKYYXnenqq1D849VzADEmMB8GA1UdIwQY
MBaAFKNqLD7tt5dtnOMEWB8jUy/stG5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGIt
ZGRlMTkyM2JhNzI0LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGItZGRlMTkyM2JhNzI0
LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY95vb1No
MwynTl0WbtsJ1zSWmYxpkh8APQ9JurlB5QgppOwh80Pz1nJZyO5CR920AZIguM3X
6CXZHzIeypyO2d4RXGKds+ipkP89cscLbn2+LnlTJnaqwJnEtX6Ze4/edOyv0w/z
qvcLt924V11TTcBVemLvknLa97UnFv8ZVCaPU5K2mpEFq8rDnBO1DmZ5CyggZshz
Zucsu7nxfTAwwBR4xQ0Kz7dEz5ObeoaNq49d+80rwHsVkEfC5LjYK5940GVfF8tP
GzLgu3a/IjnAzIS70/ZJiZGdtOx0JGDb+mHphQSuAVkzzUVE49hffTTTC6/K4JB7
ax1ZXiyi327bhQ==
-----END CERTIFICATE-----