Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          Vf+gKnBfOkzFcsTjhbaLOz7wbs/g0eIIhLwrHkkJpDc=
Subject key identifier:   0A:64:FC:DD:86:A0:61:97:E2:47:B3:A8:D3:F1:05:F6:EF:88:54:08
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       0196BAECECB3A02D4541E4A3F59C29EF39E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0984
Signing time:             Sat 10 May 2025 16:00:11 +0000
Manifest this update:     Sat 10 May 2025 16:00:11 +0000
Manifest next update:     Sun 11 May 2025 16:00:11 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: x8fMZj8IfOfLCksTvnLvAGx9JBfhV28ZunBzsMzXUQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:ec:ec:b3:a0:2d:45:41:e4:a3:f5:9c:29:ef:39:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: May 10 16:00:11 2025 GMT
            Not After : May 11 16:00:11 2025 GMT
        Subject: CN=0a64fcdd86a06197e247b3a8d3f105f6ef885408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ac:97:65:e7:89:33:af:ee:ef:f4:df:b7:09:
                    5a:4c:6a:ca:b0:10:40:86:b8:43:12:e7:41:6c:9a:
                    9b:94:fb:ba:df:a3:1f:86:33:e7:b8:f4:5b:95:f7:
                    ba:81:50:7e:2f:e9:cb:df:fb:a2:c4:85:b3:d9:e7:
                    cb:d0:79:69:d8:40:b7:9a:1e:48:8d:64:c1:45:0e:
                    35:d2:8c:21:47:7a:e3:69:66:df:6d:8e:38:85:d1:
                    ca:ca:14:18:f5:2f:75:ad:1d:4e:ca:4b:c1:72:f5:
                    a5:1f:f8:4c:81:d0:d7:fb:6d:8c:48:bb:35:ac:ab:
                    e8:50:40:c7:a1:33:ea:e6:89:64:0f:55:19:9c:7f:
                    66:6a:29:82:55:01:35:b9:c4:8f:46:4c:c3:fd:61:
                    e5:6f:14:13:62:d7:60:23:e7:51:34:7a:73:28:fe:
                    8f:30:4b:7c:dc:89:ab:57:b5:bc:77:e9:8b:ff:4b:
                    74:6e:31:ed:57:d2:81:d0:cf:12:52:ac:70:28:d7:
                    79:92:2f:d7:c1:40:37:6a:9a:08:c0:28:06:71:ed:
                    2f:70:2f:e5:b8:50:51:d9:5f:02:a8:c6:f7:b9:06:
                    79:46:62:a7:8f:fa:a2:14:d6:fe:c6:c7:79:50:2f:
                    73:bf:69:93:d3:d6:97:04:73:d6:77:1d:3e:20:92:
                    c0:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:64:FC:DD:86:A0:61:97:E2:47:B3:A8:D3:F1:05:F6:EF:88:54:08
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:17:6c:70:ee:ca:89:ff:6f:ae:f0:87:28:db:86:eb:38:82:
         bc:8d:3a:7b:8d:fb:09:1c:49:81:d4:fa:a4:90:21:db:f5:ed:
         51:7c:c2:f1:86:d2:3e:0f:27:a7:68:c8:2d:ea:9f:5c:66:2d:
         db:ae:b4:e1:ff:d1:3e:b4:d0:3c:d3:75:62:c9:15:0b:7e:d2:
         98:bf:19:98:8d:b4:84:f5:d9:95:65:e3:c2:9c:19:b0:9c:a2:
         eb:28:93:8b:dd:ba:63:29:3d:ef:c2:ca:3e:23:0c:62:0b:eb:
         c0:be:48:42:38:b1:8e:e1:84:72:89:58:f9:74:06:b8:43:2c:
         43:be:b2:09:30:a2:dc:ad:6b:b8:18:17:07:86:e1:c3:50:1a:
         3f:e3:06:e6:0d:9a:01:53:b1:45:11:2f:50:f5:52:99:00:f5:
         97:1b:0a:7a:62:ad:34:8e:62:b2:2e:36:f8:b5:80:43:10:4d:
         8e:c9:8f:4c:2c:83:d4:80:94:e4:b6:f9:92:fd:63:13:89:e3:
         44:43:b2:ad:a1:9a:dc:24:c0:26:6b:9f:aa:7a:60:ab:5e:99:
         c6:cf:90:56:06:c1:6f:ef:00:a1:2f:a0:1a:13:78:f7:31:c9:
         a5:51:86:1b:63:a9:6c:8d:12:5c:53:c3:f9:7a:23:2a:36:8a:
         42:0c:8a:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa67OyzoC1FQeSj9Zwp7znhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwNTEwMTYwMDExWhcNMjUwNTExMTYwMDExWjAzMTEwLwYDVQQD
EygwYTY0ZmNkZDg2YTA2MTk3ZTI0N2IzYThkM2YxMDVmNmVmODg1NDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArayXZeeJM6/u7/TftwlaTGrKsBBA
hrhDEudBbJqblPu636MfhjPnuPRblfe6gVB+L+nL3/uixIWz2efL0Hlp2EC3mh5I
jWTBRQ410owhR3rjaWbfbY44hdHKyhQY9S91rR1OykvBcvWlH/hMgdDX+22MSLs1
rKvoUEDHoTPq5olkD1UZnH9maimCVQE1ucSPRkzD/WHlbxQTYtdgI+dRNHpzKP6P
MEt83ImrV7W8d+mL/0t0bjHtV9KB0M8SUqxwKNd5ki/XwUA3apoIwCgGce0vcC/l
uFBR2V8CqMb3uQZ5RmKnj/qiFNb+xsd5UC9zv2mT09aXBHPWdx0+IJLAwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApk/N2GoGGX4kezqNPxBfbviFQIMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOxdscO7K
if9vrvCHKNuG6ziCvI06e437CRxJgdT6pJAh2/XtUXzC8YbSPg8np2jILeqfXGYt
26604f/RPrTQPNN1YskVC37SmL8ZmI20hPXZlWXjwpwZsJyi6yiTi926Yyk978LK
PiMMYgvrwL5IQjixjuGEcolY+XQGuEMsQ76yCTCi3K1ruBgXB4bhw1AaP+MG5g2a
AVOxRREvUPVSmQD1lxsKemKtNI5isi42+LWAQxBNjsmPTCyD1ICU5Lb5kv1jE4nj
REOyraGa3CTAJmufqnpgq16Zxs+QVgbBb+8AoS+gGhN49zHJpVGGG2OpbI0SXFPD
+XojKjaKQgyK4Q==
-----END CERTIFICATE-----