Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          0oPg4NXgibT0LkYRCnlhFu/Y6+x2AY/njgggHJWlyW0=
Subject key identifier:   E2:EE:11:CD:4D:02:B6:5B:28:9C:F2:86:83:7D:4D:0E:7E:BF:16:98
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       0196BD80BE6A00606DE2D44E11B00844F587
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          0989
Signing time:             Sun 11 May 2025 04:00:53 +0000
Manifest this update:     Sun 11 May 2025 04:00:53 +0000
Manifest next update:     Mon 12 May 2025 04:00:53 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: peNLdGuqUV+Jb+plzI0Dww2+Yq92B23QR8K/YTdOdQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:be:6a:00:60:6d:e2:d4:4e:11:b0:08:44:f5:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: May 11 04:00:53 2025 GMT
            Not After : May 12 04:00:53 2025 GMT
        Subject: CN=e2ee11cd4d02b65b289cf286837d4d0e7ebf1698
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a4:6e:da:6a:fa:40:b1:94:89:aa:6d:47:96:
                    9b:e1:a1:b1:6f:ca:34:ec:d6:be:9f:54:80:6e:c3:
                    f7:46:7b:43:91:7e:ea:a4:8d:09:49:8b:e2:1a:e6:
                    fa:d6:99:c7:70:b9:9b:0f:7c:47:ca:4f:ce:b7:0c:
                    e8:0c:f5:c7:de:96:ba:df:e6:2a:9d:38:de:23:44:
                    21:b2:68:e4:e5:2d:3f:28:e9:dc:f9:b9:f0:0b:17:
                    aa:66:50:11:04:d0:e0:22:d5:76:be:5c:cd:0d:69:
                    11:9e:a6:27:80:0b:4a:11:88:6d:d5:5f:ca:10:8f:
                    5a:40:d7:a3:d8:fe:8d:d1:2c:0f:f4:ec:30:8b:c9:
                    3a:c9:91:10:95:0e:0b:61:fa:b9:18:36:3d:4d:94:
                    08:fb:4b:80:1a:5f:b6:80:bc:18:2f:90:e7:79:a8:
                    08:03:8c:9e:ca:d6:45:21:db:c7:45:44:e8:ff:01:
                    5d:fa:fc:ef:c0:b9:99:b1:dd:cc:01:61:10:3f:69:
                    b8:db:26:38:50:c3:24:63:9a:f8:ca:5c:55:ea:a3:
                    28:9e:fe:d2:b6:cc:b7:b9:cf:eb:28:30:53:f0:ae:
                    ce:e0:f4:be:0d:cd:88:cf:b1:31:3e:b9:72:79:08:
                    ef:7a:95:5c:52:18:c5:54:77:1f:6a:52:72:cd:4d:
                    3f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:EE:11:CD:4D:02:B6:5B:28:9C:F2:86:83:7D:4D:0E:7E:BF:16:98
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:57:dc:b7:06:5a:9f:a9:b0:16:7a:e3:0f:2f:1b:bb:47:96:
         2c:37:bb:3b:6b:b9:86:39:04:b3:f0:88:d8:7b:e2:8c:d0:1b:
         99:b7:71:04:73:3c:7b:f1:cf:44:03:2a:22:e7:33:3b:ea:f7:
         cd:f3:ad:ad:ff:65:e0:41:65:fd:cf:71:9c:b0:09:2b:14:17:
         a8:1f:1c:2c:3b:d4:bf:18:07:1b:9a:ce:a4:14:32:8e:b6:e5:
         e4:84:54:ca:84:49:b4:cb:36:fe:2f:21:53:97:b2:d9:98:e1:
         1e:ca:af:1b:ba:7a:58:f4:4e:dd:e6:e5:58:a0:4c:bd:10:78:
         a5:e3:ac:35:7b:7b:fe:3a:38:07:72:91:a8:22:8f:19:02:6d:
         c6:51:7f:17:8a:ab:9d:18:6e:3e:e3:e1:e5:25:0e:7f:0f:1b:
         e1:17:a6:91:ce:9a:1a:7b:ea:b9:b4:3b:cd:2d:ee:fd:ad:97:
         64:ed:1b:f0:02:48:f9:24:1d:34:8b:89:25:77:66:f3:ec:27:
         99:53:e3:51:0c:8a:ba:3e:a8:c6:cf:e3:46:28:ce:77:c8:26:
         ec:64:36:81:cc:97:5f:1a:65:b1:71:79:c4:19:15:b1:6a:b1:
         d9:6e:ba:1c:a2:21:6b:ec:47:77:94:23:9c:59:66:98:62:ca:
         89:e0:5c:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gL5qAGBt4tROEbAIRPWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjUwNTExMDQwMDUzWhcNMjUwNTEyMDQwMDUzWjAzMTEwLwYDVQQD
EyhlMmVlMTFjZDRkMDJiNjViMjg5Y2YyODY4MzdkNGQwZTdlYmYxNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aRu2mr6QLGUiaptR5ab4aGxb8o0
7Na+n1SAbsP3RntDkX7qpI0JSYviGub61pnHcLmbD3xHyk/OtwzoDPXH3pa63+Yq
nTjeI0Qhsmjk5S0/KOnc+bnwCxeqZlARBNDgItV2vlzNDWkRnqYngAtKEYht1V/K
EI9aQNej2P6N0SwP9Owwi8k6yZEQlQ4LYfq5GDY9TZQI+0uAGl+2gLwYL5DneagI
A4yeytZFIdvHRUTo/wFd+vzvwLmZsd3MAWEQP2m42yY4UMMkY5r4ylxV6qMonv7S
tsy3uc/rKDBT8K7O4PS+Dc2Iz7ExPrlyeQjvepVcUhjFVHcfalJyzU0/6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOLuEc1NArZbKJzyhoN9TQ5+vxaYMB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArVfctwZa
n6mwFnrjDy8bu0eWLDe7O2u5hjkEs/CI2HvijNAbmbdxBHM8e/HPRAMqIuczO+r3
zfOtrf9l4EFl/c9xnLAJKxQXqB8cLDvUvxgHG5rOpBQyjrbl5IRUyoRJtMs2/i8h
U5ey2ZjhHsqvG7p6WPRO3eblWKBMvRB4peOsNXt7/jo4B3KRqCKPGQJtxlF/F4qr
nRhuPuPh5SUOfw8b4Remkc6aGnvqubQ7zS3u/a2XZO0b8AJI+SQdNIuJJXdm8+wn
mVPjUQyKuj6oxs/jRijOd8gm7GQ2gcyXXxplsXF5xBkVsWqx2W66HKIha+xHd5Qj
nFlmmGLKieBcpQ==
-----END CERTIFICATE-----