Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
File:                     OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft (raw, json)
Hash identifier:          Y84WmBsbnpwcDTy5kwX9JozWIH5soqiG1bClD4ov0kk=
Subject key identifier:   D4:9A:47:33:BC:29:EC:2E:0D:29:CA:C8:7D:4C:14:62:8F:79:85:CE
Authority key identifier: 3B:2A:A7:20:56:81:71:62:0E:9B:C9:B9:7D:AD:CC:74:B5:13:39:4F
Certificate issuer:       /CN=3b2aa720568171620e9bc9b97dadcc74b513394f
Certificate serial:       0196BAEDA2CDECAD78356FA9C42B629C628B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
Manifest number:          0565
Signing time:             Sat 10 May 2025 16:00:57 +0000
Manifest this update:     Sat 10 May 2025 16:00:57 +0000
Manifest next update:     Sun 11 May 2025 16:00:57 +0000
Files and hashes:         1: OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl (hash: 5eVXvuHFg5oIQOWKhV2pnBTFXuQwM45yzabLylOpMU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:ed:a2:cd:ec:ad:78:35:6f:a9:c4:2b:62:9c:62:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b2aa720568171620e9bc9b97dadcc74b513394f
        Validity
            Not Before: May 10 16:00:57 2025 GMT
            Not After : May 11 16:00:57 2025 GMT
        Subject: CN=d49a4733bc29ec2e0d29cac87d4c14628f7985ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5f:a0:d0:e9:bf:6d:02:3b:9d:fb:c9:41:ca:
                    0e:be:21:19:d3:cb:69:0e:50:0a:b3:fa:2b:69:ce:
                    b2:cf:df:9b:82:c2:89:90:3d:95:5d:d6:2c:61:f8:
                    b4:54:87:13:3c:12:0e:39:75:56:6d:11:cc:e2:e7:
                    44:df:ce:af:d3:0a:c7:3a:3a:32:8f:78:3f:41:4d:
                    52:bd:2f:a3:c7:86:19:26:31:02:2e:59:d6:45:66:
                    52:ee:69:e4:9f:11:b4:d6:d0:3e:97:ed:a4:40:1c:
                    dc:44:18:72:c5:b4:54:05:53:cd:09:50:76:51:9c:
                    29:62:a6:76:17:04:bc:92:cd:a7:0c:6a:3d:6f:02:
                    19:b1:64:09:4d:58:07:94:2f:a3:30:94:37:ea:19:
                    48:be:05:37:f3:b6:16:7d:c4:76:0c:76:4b:aa:c3:
                    a8:cc:d0:7b:0a:1b:7a:6b:e0:08:9d:8f:c6:5b:f6:
                    e6:52:84:6e:12:6e:92:82:93:ca:44:87:a3:d3:21:
                    e9:c6:0c:aa:c0:89:92:f1:14:2e:55:e3:0e:01:c8:
                    6e:80:37:6f:88:62:69:8e:ba:35:1f:45:33:f1:a1:
                    12:c4:35:18:34:87:ea:62:32:12:c0:39:6e:90:87:
                    34:f0:31:ee:9d:89:f6:9a:ba:8e:e0:5d:69:72:23:
                    fd:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:9A:47:33:BC:29:EC:2E:0D:29:CA:C8:7D:4C:14:62:8F:79:85:CE
            X509v3 Authority Key Identifier:
                keyid:3B:2A:A7:20:56:81:71:62:0E:9B:C9:B9:7D:AD:CC:74:B5:13:39:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:e2:c3:68:4f:ed:05:ee:8d:63:3b:7e:8a:c1:15:4e:5c:45:
         96:c7:10:c1:f6:d0:fe:42:bf:f6:44:47:a4:39:0f:21:18:1c:
         b6:54:5e:31:e3:a0:31:df:08:28:b5:ee:25:85:20:89:ff:cc:
         5d:a4:74:ba:9e:10:99:b1:52:98:09:58:23:6b:9a:cf:80:96:
         ee:16:85:cb:26:f4:be:94:91:96:69:8c:08:f9:5c:9c:97:6e:
         7a:ac:7c:e6:8c:cb:52:79:03:d9:e6:f6:cf:2e:1b:b9:dc:ee:
         2a:59:16:32:55:7b:10:e2:9f:5f:93:fe:fa:f2:5b:8f:52:0b:
         d3:a1:18:a2:f6:da:9b:bb:74:90:f3:66:5d:16:54:16:2d:e7:
         40:11:6a:c6:a0:fe:64:3f:6f:d4:84:6c:c7:0d:d5:b9:3a:08:
         38:f8:36:58:96:e0:67:e9:21:26:f4:99:98:ad:0f:a0:a0:82:
         46:97:3c:c2:8c:7c:ae:b5:b9:bd:f7:0f:fe:28:71:21:a6:a1:
         6f:aa:a0:20:7c:43:e5:8c:d4:7b:bc:92:f8:50:a6:69:ee:0f:
         1d:ca:b9:0c:97:96:5a:6b:aa:d2:fd:bb:83:52:bd:87:e2:0c:
         c5:e8:0b:da:70:bc:0c:88:a6:02:53:21:d4:25:6c:99:6f:16:
         e9:3b:93:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa67aLN7K14NW+pxCtinGKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMmFhNzIwNTY4MTcxNjIwZTliYzliOTdkYWRjYzc0YjUx
MzM5NGYwHhcNMjUwNTEwMTYwMDU3WhcNMjUwNTExMTYwMDU3WjAzMTEwLwYDVQQD
EyhkNDlhNDczM2JjMjllYzJlMGQyOWNhYzg3ZDRjMTQ2MjhmNzk4NWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV+g0Om/bQI7nfvJQcoOviEZ08tp
DlAKs/orac6yz9+bgsKJkD2VXdYsYfi0VIcTPBIOOXVWbRHM4udE386v0wrHOjoy
j3g/QU1SvS+jx4YZJjECLlnWRWZS7mnknxG01tA+l+2kQBzcRBhyxbRUBVPNCVB2
UZwpYqZ2FwS8ks2nDGo9bwIZsWQJTVgHlC+jMJQ36hlIvgU387YWfcR2DHZLqsOo
zNB7Cht6a+AInY/GW/bmUoRuEm6SgpPKRIej0yHpxgyqwImS8RQuVeMOAchugDdv
iGJpjro1H0Uz8aESxDUYNIfqYjISwDlukIc08DHunYn2mrqO4F1pciP98QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSaRzO8KewuDSnKyH1MFGKPeYXOMB8GA1UdIwQY
MBaAFDsqpyBWgXFiDpvJuX2tzHS1EzlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNzc1ODktOGQ5YS00YjIyLTlhMTUt
NjA1ZGUwZWFhZWI2LzEvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNzc1ODktOGQ5YS00YjIyLTlhMTUtNjA1ZGUwZWFhZWI2
LzEvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuLDaE/t
Be6NYzt+isEVTlxFlscQwfbQ/kK/9kRHpDkPIRgctlReMeOgMd8IKLXuJYUgif/M
XaR0up4QmbFSmAlYI2uaz4CW7haFyyb0vpSRlmmMCPlcnJdueqx85ozLUnkD2eb2
zy4budzuKlkWMlV7EOKfX5P++vJbj1IL06EYovbam7t0kPNmXRZUFi3nQBFqxqD+
ZD9v1IRsxw3VuToIOPg2WJbgZ+khJvSZmK0PoKCCRpc8wox8rrW5vfcP/ihxIaah
b6qgIHxD5YzUe7yS+FCmae4PHcq5DJeWWmuq0v27g1K9h+IMxegL2nC8DIimAlMh
1CVsmW8W6TuTFA==
-----END CERTIFICATE-----