Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
File:                     oMWM0HH3gLesNAwBROsE-1DMu_E.mft (raw, json)
Hash identifier:          233UfAo8SwkU5/hhw+mdN6kOq+SFqeL5m33qku/y1FI=
Subject key identifier:   F8:02:C3:60:7B:BF:78:9F:9A:2D:D1:3E:F6:C2:8E:DD:6D:89:C1:B8
Authority key identifier: A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1
Certificate issuer:       /CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
Certificate serial:       0196BE5C7075D6C40EE42B60FFE9980AB41D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
Manifest number:          1525
Signing time:             Sun 11 May 2025 08:00:51 +0000
Manifest this update:     Sun 11 May 2025 08:00:51 +0000
Manifest next update:     Mon 12 May 2025 08:00:51 +0000
Files and hashes:         1: oMWM0HH3gLesNAwBROsE-1DMu_E.crl (hash: 5IZi5pLxGg5hkp5xBVtJVL9ffr4BvEZlTYxxYM9/dtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:70:75:d6:c4:0e:e4:2b:60:ff:e9:98:0a:b4:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
        Validity
            Not Before: May 11 08:00:51 2025 GMT
            Not After : May 12 08:00:51 2025 GMT
        Subject: CN=f802c3607bbf789f9a2dd13ef6c28edd6d89c1b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:cc:fa:ff:64:d2:92:26:8e:8d:5a:c5:ce:62:
                    2a:d8:20:89:a2:db:bf:69:36:5c:b3:bc:e6:72:63:
                    87:eb:82:79:a7:d6:9e:e3:cc:6a:99:1f:6f:61:f7:
                    76:00:40:7f:31:2c:12:68:61:66:a9:5f:fa:89:af:
                    00:10:66:c2:42:c4:17:de:ac:79:ca:f1:d1:cc:60:
                    b0:69:62:7e:4e:a0:2f:7e:a0:08:6c:c3:15:8d:8a:
                    8d:d0:aa:15:47:f3:c3:e7:9f:7b:c3:07:82:08:b2:
                    f5:ba:3a:db:cb:19:0e:18:3a:41:43:ec:c2:2d:c4:
                    cb:c6:f9:a7:02:ba:fa:66:e5:af:69:49:ab:72:49:
                    4d:57:5c:6b:84:f1:2a:2f:c2:1e:f4:b3:7c:eb:42:
                    3d:ea:aa:f3:a6:6d:1e:8c:f3:da:6a:eb:42:bc:32:
                    03:6b:bb:7f:8e:b3:0a:5f:20:1a:ae:bb:13:bf:63:
                    21:92:2b:f3:f6:ea:53:72:e2:99:aa:4f:47:a1:5f:
                    da:23:68:69:0a:a1:55:16:95:76:49:bf:84:66:91:
                    58:22:e8:a8:9d:00:85:51:d1:95:9c:01:6d:51:86:
                    e2:fb:00:16:99:a7:52:4a:42:13:6c:61:61:6f:9f:
                    d7:c1:a2:99:7b:ba:31:4e:13:12:3f:aa:3d:7c:e9:
                    14:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:02:C3:60:7B:BF:78:9F:9A:2D:D1:3E:F6:C2:8E:DD:6D:89:C1:B8
            X509v3 Authority Key Identifier:
                keyid:A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:0c:91:f5:3e:85:7b:d9:87:13:40:9a:a7:1e:e3:40:30:f1:
         b2:4e:76:88:81:af:f7:ea:24:59:65:de:28:aa:de:e4:b8:77:
         5b:d5:4c:2d:3e:d3:cd:7a:f7:c6:ae:ea:cc:53:fb:89:91:f7:
         e6:74:14:ef:8d:7c:e7:c0:2f:98:38:fe:16:e5:2e:46:14:de:
         9a:46:55:7b:7b:7f:7b:80:8d:11:46:29:d8:6f:50:d7:4f:23:
         2e:8d:a3:1a:41:c5:30:80:83:8f:89:4d:05:24:27:78:6c:44:
         99:1c:09:0b:44:75:67:66:4c:14:31:f6:38:ac:71:8a:31:f9:
         fa:5d:e7:06:f3:31:5e:8c:31:52:95:3b:83:e2:e3:bb:39:ec:
         40:fe:f7:a4:45:3e:f6:68:df:fd:f6:e6:19:3e:3c:4c:eb:cb:
         0f:0b:bb:f7:6b:06:24:16:0a:1d:f9:0d:8a:1d:98:dd:54:c5:
         d4:63:9d:3d:73:59:52:e7:78:56:4c:89:09:0f:ec:66:e3:80:
         88:87:0d:40:20:ef:5a:47:e6:c8:be:69:8e:fb:32:31:f4:e7:
         dd:8a:66:e9:5d:49:27:19:7c:87:52:3b:47:ac:65:7c:7f:ca:
         7e:95:95:1e:c5:f4:47:74:fe:8f:a5:17:3d:49:23:b2:ad:f2:
         16:f8:20:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XHB11sQO5Ctg/+mYCrQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzU4Y2QwNzFmNzgwYjdhYzM0MGMwMTQ0ZWIwNGZiNTBj
Y2JiZjEwHhcNMjUwNTExMDgwMDUxWhcNMjUwNTEyMDgwMDUxWjAzMTEwLwYDVQQD
EyhmODAyYzM2MDdiYmY3ODlmOWEyZGQxM2VmNmMyOGVkZDZkODljMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcz6/2TSkiaOjVrFzmIq2CCJotu/
aTZcs7zmcmOH64J5p9ae48xqmR9vYfd2AEB/MSwSaGFmqV/6ia8AEGbCQsQX3qx5
yvHRzGCwaWJ+TqAvfqAIbMMVjYqN0KoVR/PD5597wweCCLL1ujrbyxkOGDpBQ+zC
LcTLxvmnArr6ZuWvaUmrcklNV1xrhPEqL8Ie9LN860I96qrzpm0ejPPaautCvDID
a7t/jrMKXyAarrsTv2Mhkivz9upTcuKZqk9HoV/aI2hpCqFVFpV2Sb+EZpFYIuio
nQCFUdGVnAFtUYbi+wAWmadSSkITbGFhb5/XwaKZe7oxThMSP6o9fOkUSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgCw2B7v3ifmi3RPvbCjt1ticG4MB8GA1UdIwQY
MBaAFKDFjNBx94C3rDQMAUTrBPtQzLvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzkt
NjZiMmY5OWMwYjQ1LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzktNjZiMmY5OWMwYjQ1
LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQyR9T6F
e9mHE0Capx7jQDDxsk52iIGv9+okWWXeKKre5Lh3W9VMLT7TzXr3xq7qzFP7iZH3
5nQU741858AvmDj+FuUuRhTemkZVe3t/e4CNEUYp2G9Q108jLo2jGkHFMICDj4lN
BSQneGxEmRwJC0R1Z2ZMFDH2OKxxijH5+l3nBvMxXowxUpU7g+LjuznsQP73pEU+
9mjf/fbmGT48TOvLDwu792sGJBYKHfkNih2Y3VTF1GOdPXNZUud4VkyJCQ/sZuOA
iIcNQCDvWkfmyL5pjvsyMfTn3Ypm6V1JJxl8h1I7R6xlfH/KfpWVHsX0R3T+j6UX
PUkjsq3yFvgglA==
-----END CERTIFICATE-----