Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          Lhf75MncS8ZLpIo3gTGUQ5kwPuyLqdRywFh81QOBZ2w=
Subject key identifier:   C4:59:D3:E7:98:06:49:EB:B8:D4:C2:DC:F2:F2:C4:11:63:AF:EE:0C
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       0196C7294BB498801C2768A992508A5AC28C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          1537
Signing time:             Tue 13 May 2025 01:01:34 +0000
Manifest this update:     Tue 13 May 2025 01:01:34 +0000
Manifest next update:     Wed 14 May 2025 01:01:34 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: L/oo+XechzZeFJRRzPB8GsoZCxeu4pqCTSk+FxBgack=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 01:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:29:4b:b4:98:80:1c:27:68:a9:92:50:8a:5a:c2:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: May 13 01:01:34 2025 GMT
            Not After : May 14 01:01:34 2025 GMT
        Subject: CN=c459d3e7980649ebb8d4c2dcf2f2c41163afee0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b9:ae:cc:98:97:2e:49:76:e0:ca:9f:ba:92:
                    6b:2b:cc:fc:8e:36:be:ff:ce:88:f3:d0:8b:a2:8f:
                    26:a2:cf:d6:37:d4:b8:b3:24:04:69:06:61:07:79:
                    3c:a2:3d:58:e1:4e:1d:55:96:a7:47:04:c8:55:fd:
                    e1:86:98:2c:bf:69:de:94:63:bf:98:a8:cd:05:88:
                    75:a9:c0:49:73:09:d4:0a:3a:4a:05:33:b0:8b:3b:
                    d6:69:29:fc:ac:01:49:66:68:78:78:ab:8e:ee:60:
                    c6:04:7e:a6:e9:80:ad:d8:c8:8e:67:b0:7a:a4:90:
                    43:2a:53:2d:b9:8e:19:7a:6f:2f:1e:cd:a4:2d:da:
                    23:74:0d:d4:fd:94:4e:cd:01:03:5c:14:70:aa:21:
                    07:b7:6a:4d:6d:85:4a:6f:e9:12:f8:d8:fc:34:5b:
                    21:30:11:c1:01:f8:a8:a7:1e:bd:d2:24:0d:aa:75:
                    4c:d3:4b:eb:9d:1e:92:cc:7b:29:2d:fa:22:a6:b6:
                    53:9f:ba:fd:1a:69:b9:b9:9f:d9:bc:b2:7e:b2:5c:
                    e2:af:ff:b6:00:a1:dc:2d:48:83:dc:23:0e:9b:26:
                    7c:78:20:f4:bc:ef:6c:41:15:d2:2f:ed:a7:2f:ce:
                    3c:c6:9f:fa:b3:e9:75:6e:05:d1:d9:cb:0e:51:20:
                    3d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:59:D3:E7:98:06:49:EB:B8:D4:C2:DC:F2:F2:C4:11:63:AF:EE:0C
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:35:91:bc:29:50:ed:11:2d:8b:37:77:52:98:c4:11:e6:c1:
         28:03:50:7b:7e:ac:cb:fb:dc:1e:06:73:ec:f0:94:4b:dd:97:
         f2:bc:e5:bb:30:51:6a:41:64:75:3c:a5:86:e6:51:b2:00:62:
         63:2d:19:72:ac:c6:30:3d:0c:b9:0d:c0:15:d5:07:2e:9a:cb:
         4d:62:8f:e6:83:67:2e:cf:d2:86:4a:7e:2f:11:5c:0c:bc:57:
         ff:b8:06:70:07:56:0a:a5:e6:83:34:2d:4e:57:df:f5:21:47:
         58:e7:7b:d7:f7:71:97:71:98:6f:6f:f3:0f:d7:31:e4:a4:21:
         97:89:39:e0:1b:b2:b9:24:ba:e0:af:ce:69:e6:65:63:91:e7:
         26:00:f8:8c:d3:48:34:3d:b3:5d:e6:7e:34:ae:32:c5:04:93:
         81:11:db:4f:7a:ba:de:d6:5c:00:a1:be:dd:bf:3d:03:47:20:
         b0:04:3d:82:22:7c:9c:a3:f2:46:1b:f1:f0:c8:24:8a:f4:85:
         bc:a2:b3:be:06:6a:b4:19:a4:6a:61:1a:0d:fc:1a:44:22:b3:
         6e:42:45:7f:7d:69:15:e4:3d:8f:40:af:26:c4:58:c1:bb:57:
         b7:cd:8e:b5:87:0a:03:fa:b9:30:b2:e2:59:f1:40:f5:af:50:
         43:ad:c3:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKUu0mIAcJ2ipklCKWsKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjUwNTEzMDEwMTM0WhcNMjUwNTE0MDEwMTM0WjAzMTEwLwYDVQQD
EyhjNDU5ZDNlNzk4MDY0OWViYjhkNGMyZGNmMmYyYzQxMTYzYWZlZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrmuzJiXLkl24MqfupJrK8z8jja+
/86I89CLoo8mos/WN9S4syQEaQZhB3k8oj1Y4U4dVZanRwTIVf3hhpgsv2nelGO/
mKjNBYh1qcBJcwnUCjpKBTOwizvWaSn8rAFJZmh4eKuO7mDGBH6m6YCt2MiOZ7B6
pJBDKlMtuY4Zem8vHs2kLdojdA3U/ZROzQEDXBRwqiEHt2pNbYVKb+kS+Nj8NFsh
MBHBAfiopx690iQNqnVM00vrnR6SzHspLfoiprZTn7r9Gmm5uZ/ZvLJ+slzir/+2
AKHcLUiD3CMOmyZ8eCD0vO9sQRXSL+2nL848xp/6s+l1bgXR2csOUSA9IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRZ0+eYBknruNTC3PLyxBFjr+4MMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfzWRvClQ
7REtizd3UpjEEebBKANQe36sy/vcHgZz7PCUS92X8rzluzBRakFkdTylhuZRsgBi
Yy0ZcqzGMD0MuQ3AFdUHLprLTWKP5oNnLs/Shkp+LxFcDLxX/7gGcAdWCqXmgzQt
Tlff9SFHWOd71/dxl3GYb2/zD9cx5KQhl4k54BuyuSS64K/OaeZlY5HnJgD4jNNI
ND2zXeZ+NK4yxQSTgRHbT3q63tZcAKG+3b89A0cgsAQ9giJ8nKPyRhvx8MgkivSF
vKKzvgZqtBmkamEaDfwaRCKzbkJFf31pFeQ9j0CvJsRYwbtXt82OtYcKA/q5MLLi
WfFA9a9QQ63DXg==
-----END CERTIFICATE-----