Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
File:                     O63rHzjiUanY1hTzLTbyat9P1YA.mft (raw, json)
Hash identifier:          kRghjBwpWgQ7KCICXAymdSIUHg1u6pK0A9EhOGzUveM=
Subject key identifier:   45:8E:B8:B7:3F:40:B6:5F:92:AE:CF:E4:76:3D:A0:77:C1:8D:44:8D
Authority key identifier: 3B:AD:EB:1F:38:E2:51:A9:D8:D6:14:F3:2D:36:F2:6A:DF:4F:D5:80
Certificate issuer:       /CN=3badeb1f38e251a9d8d614f32d36f26adf4fd580
Certificate serial:       0196CF4FA3306168C3813FC861B5A983FB18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
Manifest number:          0CE8
Signing time:             Wed 14 May 2025 15:00:24 +0000
Manifest this update:     Wed 14 May 2025 15:00:24 +0000
Manifest next update:     Thu 15 May 2025 15:00:24 +0000
Files and hashes:         1: O63rHzjiUanY1hTzLTbyat9P1YA.crl (hash: LLn/g+77oqdzs/hB+JvkFbA8iOvmN7JpWipUpKekOwM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 14:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cf:4f:a3:30:61:68:c3:81:3f:c8:61:b5:a9:83:fb:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3badeb1f38e251a9d8d614f32d36f26adf4fd580
        Validity
            Not Before: May 14 15:00:24 2025 GMT
            Not After : May 15 15:00:24 2025 GMT
        Subject: CN=458eb8b73f40b65f92aecfe4763da077c18d448d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:84:ce:a8:ef:03:4b:ca:63:e0:ec:56:32:e6:
                    c9:ee:50:ac:47:e5:e4:07:59:83:b0:93:58:44:5e:
                    5a:00:5e:5c:bf:f7:1f:9f:17:df:d9:3a:71:f4:9a:
                    83:75:87:61:f7:53:1e:92:03:8a:13:46:b0:f7:06:
                    86:38:13:35:56:3a:9e:d7:c8:05:e1:76:89:65:4a:
                    0d:99:a8:7a:0c:39:86:1c:b0:4e:44:ba:9f:ff:d1:
                    e6:85:b0:e7:28:98:55:0e:55:22:9e:c9:94:29:89:
                    3c:c7:5b:c4:ad:48:90:c4:bb:81:31:b5:60:48:fd:
                    a0:44:83:e6:99:c9:95:0e:30:a0:dc:98:1b:4e:f6:
                    90:7a:1f:cf:89:b1:7c:6a:73:d6:21:11:aa:7c:9f:
                    e4:41:5f:ca:60:98:3b:f7:07:2c:6a:ae:2b:d2:7a:
                    63:7e:8f:c3:34:74:39:04:75:43:6f:cc:c5:10:49:
                    d9:09:bf:78:e1:ec:71:cd:56:0d:e7:a6:b7:1d:16:
                    e3:26:2b:5d:a0:d7:c8:5e:2e:e2:2c:bf:d0:6b:36:
                    6b:95:6a:7f:c6:5a:5f:39:a1:f4:c7:16:9c:99:34:
                    7b:93:d7:7c:1e:87:00:41:c6:47:6d:0a:6a:11:3c:
                    54:4f:35:cb:e8:45:3e:45:43:9f:87:2c:b9:87:f7:
                    90:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:8E:B8:B7:3F:40:B6:5F:92:AE:CF:E4:76:3D:A0:77:C1:8D:44:8D
            X509v3 Authority Key Identifier:
                keyid:3B:AD:EB:1F:38:E2:51:A9:D8:D6:14:F3:2D:36:F2:6A:DF:4F:D5:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:a9:73:cd:71:77:1b:03:9f:2c:a3:01:a5:ea:21:36:93:68:
         49:d6:fe:53:41:e6:60:4d:90:48:59:72:9a:90:74:79:a7:52:
         c0:aa:af:b2:50:e8:2a:6b:fd:3d:cc:08:17:16:c4:36:c3:46:
         24:a3:80:32:f7:b1:e0:e4:4a:4b:cb:d1:55:36:21:48:1e:c5:
         1e:56:ac:21:16:54:0f:e5:9a:ed:49:80:64:76:e2:61:e7:d8:
         1d:c5:80:31:51:ea:5e:31:08:34:28:ea:0f:b9:18:15:5d:bc:
         59:d2:03:48:06:eb:90:d0:94:64:a4:a9:35:82:35:89:4c:bf:
         3a:50:ec:eb:a9:70:d3:9e:04:cf:5c:5c:e3:ce:22:d0:97:70:
         33:b3:22:43:a2:ef:70:11:f8:5f:0f:45:e6:0a:71:9e:c4:dd:
         e9:92:7c:c6:44:9e:8f:da:25:c5:d1:00:8d:74:8d:0e:fe:4d:
         e7:31:21:d6:93:0a:69:94:94:5b:df:e8:d0:f4:72:e5:99:53:
         97:f8:dc:64:85:22:67:eb:33:59:63:7a:c8:8b:b6:10:92:af:
         2a:f8:34:15:e7:52:bf:54:b0:ae:3a:9e:d6:c7:f5:d8:7e:06:
         c3:f3:d1:84:52:ae:c5:1b:40:7b:3b:a7:58:b6:ee:44:e0:0c:
         c0:48:49:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbPT6MwYWjDgT/IYbWpg/sYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWRlYjFmMzhlMjUxYTlkOGQ2MTRmMzJkMzZmMjZhZGY0
ZmQ1ODAwHhcNMjUwNTE0MTUwMDI0WhcNMjUwNTE1MTUwMDI0WjAzMTEwLwYDVQQD
Eyg0NThlYjhiNzNmNDBiNjVmOTJhZWNmZTQ3NjNkYTA3N2MxOGQ0NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oTOqO8DS8pj4OxWMubJ7lCsR+Xk
B1mDsJNYRF5aAF5cv/cfnxff2Tpx9JqDdYdh91MekgOKE0aw9waGOBM1Vjqe18gF
4XaJZUoNmah6DDmGHLBORLqf/9HmhbDnKJhVDlUinsmUKYk8x1vErUiQxLuBMbVg
SP2gRIPmmcmVDjCg3JgbTvaQeh/PibF8anPWIRGqfJ/kQV/KYJg79wcsaq4r0npj
fo/DNHQ5BHVDb8zFEEnZCb944exxzVYN56a3HRbjJitdoNfIXi7iLL/QazZrlWp/
xlpfOaH0xxacmTR7k9d8HocAQcZHbQpqETxUTzXL6EU+RUOfhyy5h/eQHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWOuLc/QLZfkq7P5HY9oHfBjUSNMB8GA1UdIwQY
MBaAFDut6x844lGp2NYU8y028mrfT9WAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmJhMGYtZDU2ZC00ZDdmLWE4YjUt
NGM4N2ZlNWZkYWRjLzEvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmJhMGYtZDU2ZC00ZDdmLWE4YjUtNGM4N2ZlNWZkYWRj
LzEvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqlzzXF3
GwOfLKMBpeohNpNoSdb+U0HmYE2QSFlympB0eadSwKqvslDoKmv9PcwIFxbENsNG
JKOAMvex4ORKS8vRVTYhSB7FHlasIRZUD+Wa7UmAZHbiYefYHcWAMVHqXjEINCjq
D7kYFV28WdIDSAbrkNCUZKSpNYI1iUy/OlDs66lw054Ez1xc484i0JdwM7MiQ6Lv
cBH4Xw9F5gpxnsTd6ZJ8xkSej9olxdEAjXSNDv5N5zEh1pMKaZSUW9/o0PRy5ZlT
l/jcZIUiZ+szWWN6yIu2EJKvKvg0FedSv1Swrjqe1sf12H4Gw/PRhFKuxRtAezun
WLbuROAMwEhJZA==
-----END CERTIFICATE-----