Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
File:                     oMWM0HH3gLesNAwBROsE-1DMu_E.mft (raw, json)
Hash identifier:          xMZ/MMtBgv3eFpF2kbfsOJEQLxqsiCNTqG38+EOsMxM=
Subject key identifier:   B1:B3:B6:1F:0D:66:C6:31:8D:51:D5:40:12:17:77:9A:98:6D:A9:24
Authority key identifier: A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1
Certificate issuer:       /CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
Certificate serial:       0197C6EF993DA2F1F24EB9EDC053CC1C1725
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
Manifest number:          15AE
Signing time:             Tue 01 Jul 2025 17:01:20 +0000
Manifest this update:     Tue 01 Jul 2025 17:01:20 +0000
Manifest next update:     Wed 02 Jul 2025 17:01:20 +0000
Files and hashes:         1: oMWM0HH3gLesNAwBROsE-1DMu_E.crl (hash: Ns1yjdlscfwCk7ZUK+iMnNpi3gHVYjHQ/5vcC642OKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 16:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:ef:99:3d:a2:f1:f2:4e:b9:ed:c0:53:cc:1c:17:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
        Validity
            Not Before: Jul  1 17:01:20 2025 GMT
            Not After : Jul  2 17:01:20 2025 GMT
        Subject: CN=b1b3b61f0d66c6318d51d5401217779a986da924
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:db:12:35:1b:ac:fc:fe:d0:18:e5:ef:f1:f2:
                    90:11:49:43:15:f5:b3:7f:96:74:54:e1:03:da:3c:
                    ad:a7:32:3b:ec:70:da:c4:00:97:56:19:d5:48:a4:
                    64:34:0f:02:93:3c:1a:72:a7:fe:37:63:b5:fc:76:
                    0f:71:d4:79:8a:7a:99:00:95:83:e6:b0:85:4b:5b:
                    81:7a:fe:59:0e:a5:a0:70:1d:09:19:da:42:9c:bf:
                    81:75:97:4e:d0:42:53:c2:6e:4c:3d:ca:6e:c5:5e:
                    69:2d:48:3e:f6:40:4f:5e:70:90:a6:88:1e:00:87:
                    bc:ee:62:21:b3:ca:86:6a:cf:ef:91:9b:80:9d:60:
                    78:7a:f8:03:53:88:94:98:d3:ff:c4:7d:c0:35:40:
                    d2:03:40:e5:93:4e:df:2c:52:49:a7:ce:18:e7:00:
                    10:57:2b:39:e5:53:2e:fa:ac:05:c0:71:99:0e:2e:
                    fa:f1:81:5c:c0:8b:61:4f:2c:c5:4d:5f:21:a0:52:
                    2d:9e:c0:2f:0e:2c:6f:58:18:a5:8f:8f:0c:84:f1:
                    1c:b7:d8:68:d9:d0:45:26:15:99:f2:a3:1a:c5:5a:
                    bd:91:1a:af:32:17:f9:ee:17:3b:61:a2:b5:fa:26:
                    a9:8c:11:c1:75:21:ff:63:8f:b2:0c:76:02:66:23:
                    da:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:B3:B6:1F:0D:66:C6:31:8D:51:D5:40:12:17:77:9A:98:6D:A9:24
            X509v3 Authority Key Identifier:
                keyid:A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:3d:ea:3a:28:15:38:ca:fb:3a:29:24:33:f2:ec:de:25:98:
         87:9e:9f:ca:f4:51:18:06:03:3b:e4:31:df:f5:e1:38:e5:d4:
         e5:59:40:c0:2d:f3:92:cc:d2:7d:d0:f6:60:b6:a7:3d:d7:1c:
         e0:56:78:52:44:20:c6:11:f0:ce:6c:51:6e:76:b4:14:a3:e9:
         00:c0:d4:18:78:ff:0f:27:13:65:03:68:5e:9b:7b:df:7f:de:
         f3:e4:14:79:0c:06:e9:78:a1:01:7e:14:7f:b3:56:a0:74:a8:
         06:5c:c4:05:34:29:d5:0a:ab:3a:b1:77:76:54:34:04:c3:52:
         b3:93:0f:0b:b5:ce:14:9e:b0:03:a9:8f:ec:51:8b:88:bd:28:
         5c:f2:d0:3a:99:f0:63:8a:6c:b0:db:38:59:82:f0:1a:5b:5e:
         90:ad:f2:bc:6c:6d:16:72:3b:cf:66:94:83:13:5d:76:8d:3f:
         76:5f:8b:b2:44:c5:73:78:e5:3b:ec:4c:52:0a:0d:14:3c:9a:
         3d:9a:c8:b0:9e:b9:a8:b5:ed:6b:b8:75:e8:7a:ac:85:25:43:
         2d:d7:16:c8:d8:db:fb:64:12:e5:f8:bf:79:57:36:92:fd:c8:
         ac:68:39:1f:07:0e:12:3f:78:1f:a3:3f:16:d6:e6:3d:36:c4:
         30:8a:57:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfG75k9ovHyTrntwFPMHBclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzU4Y2QwNzFmNzgwYjdhYzM0MGMwMTQ0ZWIwNGZiNTBj
Y2JiZjEwHhcNMjUwNzAxMTcwMTIwWhcNMjUwNzAyMTcwMTIwWjAzMTEwLwYDVQQD
EyhiMWIzYjYxZjBkNjZjNjMxOGQ1MWQ1NDAxMjE3Nzc5YTk4NmRhOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdsSNRus/P7QGOXv8fKQEUlDFfWz
f5Z0VOED2jytpzI77HDaxACXVhnVSKRkNA8Ckzwacqf+N2O1/HYPcdR5inqZAJWD
5rCFS1uBev5ZDqWgcB0JGdpCnL+BdZdO0EJTwm5MPcpuxV5pLUg+9kBPXnCQpoge
AIe87mIhs8qGas/vkZuAnWB4evgDU4iUmNP/xH3ANUDSA0Dlk07fLFJJp84Y5wAQ
Vys55VMu+qwFwHGZDi768YFcwIthTyzFTV8hoFItnsAvDixvWBilj48MhPEct9ho
2dBFJhWZ8qMaxVq9kRqvMhf57hc7YaK1+iapjBHBdSH/Y4+yDHYCZiPaywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGzth8NZsYxjVHVQBIXd5qYbakkMB8GA1UdIwQY
MBaAFKDFjNBx94C3rDQMAUTrBPtQzLvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzkt
NjZiMmY5OWMwYjQ1LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzktNjZiMmY5OWMwYjQ1
LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiT3qOigV
OMr7OikkM/Ls3iWYh56fyvRRGAYDO+Qx3/XhOOXU5VlAwC3zkszSfdD2YLanPdcc
4FZ4UkQgxhHwzmxRbna0FKPpAMDUGHj/DycTZQNoXpt733/e8+QUeQwG6XihAX4U
f7NWoHSoBlzEBTQp1QqrOrF3dlQ0BMNSs5MPC7XOFJ6wA6mP7FGLiL0oXPLQOpnw
Y4pssNs4WYLwGltekK3yvGxtFnI7z2aUgxNddo0/dl+LskTFc3jlO+xMUgoNFDya
PZrIsJ65qLXta7h16HqshSVDLdcWyNjb+2QS5fi/eVc2kv3IrGg5HwcOEj94H6M/
FtbmPTbEMIpX6Q==
-----END CERTIFICATE-----