Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          pl7tzkWo18dsYimKPi0UAT1Neh/A0Zw285IIGwke9nY=
Subject key identifier:   B6:5D:C8:C8:90:5D:C8:D3:E8:13:1F:36:46:E1:D9:28:DE:48:F2:58
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       0196E231ED25B13F856BCE22FCDA81568CCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          0953
Signing time:             Sun 18 May 2025 07:00:44 +0000
Manifest this update:     Sun 18 May 2025 07:00:44 +0000
Manifest next update:     Mon 19 May 2025 07:00:44 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: isTsfOu8exj9k6/kTTX4r2zFdUZF7hIf8kPqSMQ7qAM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 May 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e2:31:ed:25:b1:3f:85:6b:ce:22:fc:da:81:56:8c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: May 18 07:00:44 2025 GMT
            Not After : May 19 07:00:44 2025 GMT
        Subject: CN=b65dc8c8905dc8d3e8131f3646e1d928de48f258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:03:5e:a4:96:b6:de:bb:e9:2f:4b:d6:36:dc:
                    ef:c5:9e:ca:34:83:38:8a:67:de:37:8f:2e:20:8c:
                    95:8f:68:81:e0:2f:6c:62:5a:06:80:27:c6:af:77:
                    f9:2b:51:c0:78:03:c8:f5:c2:b0:db:92:89:19:6c:
                    df:93:3a:d0:a4:4e:3b:9a:f1:69:df:8a:83:82:c8:
                    5f:98:9b:53:85:87:8a:55:5b:6b:24:b5:f2:54:8a:
                    cb:a5:e2:2f:e7:56:97:78:a9:cc:b1:d7:52:c6:7f:
                    09:ff:99:d0:53:b1:d7:5d:46:6b:3a:7f:a5:c5:b2:
                    5a:23:12:3e:f7:62:9d:41:46:55:28:3b:3c:73:7d:
                    77:86:91:34:88:09:33:08:bb:39:72:2c:44:de:38:
                    99:19:eb:50:78:9d:9f:bb:b8:7f:b2:ee:5b:36:63:
                    11:3a:cc:78:b0:9d:3d:46:c2:f9:76:ab:d9:bc:94:
                    e9:e3:5f:34:14:52:8e:f1:d7:f3:16:c9:1a:eb:2e:
                    96:b3:89:c5:a9:02:8b:2b:92:4d:06:44:7e:b1:f2:
                    08:d1:86:4b:8f:b6:a3:34:5b:72:9c:29:33:2e:b7:
                    58:46:65:89:25:88:0e:ca:67:8c:f0:fb:4a:41:62:
                    6d:9d:cc:bb:07:05:58:39:63:29:86:89:60:4b:20:
                    94:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:5D:C8:C8:90:5D:C8:D3:E8:13:1F:36:46:E1:D9:28:DE:48:F2:58
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:81:c3:cf:ee:c4:aa:83:bf:b8:03:f8:e3:84:75:ed:ea:fa:
         83:60:08:72:2d:9f:0b:cb:2d:d1:26:8d:84:19:b5:7a:b5:36:
         0b:60:f5:86:06:f7:34:1e:9e:31:a0:62:f5:73:37:5f:56:fe:
         7f:a1:4d:08:93:3c:6a:fe:16:81:84:0f:85:2d:ce:83:ba:06:
         9c:69:77:1e:85:9d:be:3e:2d:69:39:ca:ca:12:db:96:72:31:
         33:0d:b4:4c:c9:58:84:f3:1a:1b:91:ad:ef:5a:1e:34:21:f9:
         12:35:2f:36:b5:00:64:ce:80:a5:09:d3:a8:70:f7:e5:0f:73:
         07:b6:ba:ec:82:e6:6f:85:88:47:54:ba:23:ec:03:bb:d5:4f:
         41:47:78:8d:b1:57:48:31:89:fe:f3:47:f8:39:bd:ae:bb:a3:
         b1:bf:1a:ab:c6:e2:ab:64:3d:09:24:0f:02:64:9d:60:64:6d:
         50:d4:89:af:53:02:94:bc:d0:74:e7:92:44:49:85:96:e0:ba:
         03:ad:63:86:d6:ae:5c:62:6f:76:b4:1f:d7:58:6f:46:e8:e5:
         c7:7c:87:a3:91:f1:0b:18:d5:b1:cc:8e:57:e5:ca:ac:30:05:
         f8:48:5f:4d:51:43:54:a0:7c:21:86:41:55:a9:fc:dc:cd:f4:
         07:db:8a:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbiMe0lsT+Fa84i/NqBVozKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjUwNTE4MDcwMDQ0WhcNMjUwNTE5MDcwMDQ0WjAzMTEwLwYDVQQD
EyhiNjVkYzhjODkwNWRjOGQzZTgxMzFmMzY0NmUxZDkyOGRlNDhmMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ANepJa23rvpL0vWNtzvxZ7KNIM4
imfeN48uIIyVj2iB4C9sYloGgCfGr3f5K1HAeAPI9cKw25KJGWzfkzrQpE47mvFp
34qDgshfmJtThYeKVVtrJLXyVIrLpeIv51aXeKnMsddSxn8J/5nQU7HXXUZrOn+l
xbJaIxI+92KdQUZVKDs8c313hpE0iAkzCLs5cixE3jiZGetQeJ2fu7h/su5bNmMR
Osx4sJ09RsL5dqvZvJTp4180FFKO8dfzFska6y6Ws4nFqQKLK5JNBkR+sfII0YZL
j7ajNFtynCkzLrdYRmWJJYgOymeM8PtKQWJtncy7BwVYOWMpholgSyCUvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZdyMiQXcjT6BMfNkbh2SjeSPJYMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIHDz+7E
qoO/uAP444R17er6g2AIci2fC8st0SaNhBm1erU2C2D1hgb3NB6eMaBi9XM3X1b+
f6FNCJM8av4WgYQPhS3Og7oGnGl3HoWdvj4taTnKyhLblnIxMw20TMlYhPMaG5Gt
71oeNCH5EjUvNrUAZM6ApQnTqHD35Q9zB7a67ILmb4WIR1S6I+wDu9VPQUd4jbFX
SDGJ/vNH+Dm9rrujsb8aq8biq2Q9CSQPAmSdYGRtUNSJr1MClLzQdOeSREmFluC6
A61jhtauXGJvdrQf11hvRujlx3yHo5HxCxjVscyOV+XKrDAF+EhfTVFDVKB8IYZB
Van83M30B9uKeQ==
-----END CERTIFICATE-----