Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          QY4hxOvDeBYrjqrobwCoaRSHj3ITvzclWtPARLrejes=
Subject key identifier:   AD:F9:47:19:68:1C:77:C3:69:07:08:A4:BA:4E:58:40:C5:F8:68:D4
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       0197C61467E2A5825F792CF75C38B29B2666
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          0A12
Signing time:             Tue 01 Jul 2025 13:01:55 +0000
Manifest this update:     Tue 01 Jul 2025 13:01:55 +0000
Manifest next update:     Wed 02 Jul 2025 13:01:55 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: sUP9gGfzHuZvqw587JPX+ZNQB7rSMfKIbNm1kzbiJYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 13:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:14:67:e2:a5:82:5f:79:2c:f7:5c:38:b2:9b:26:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: Jul  1 13:01:55 2025 GMT
            Not After : Jul  2 13:01:55 2025 GMT
        Subject: CN=adf94719681c77c3690708a4ba4e5840c5f868d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4e:55:8f:8b:33:e2:7e:35:92:51:7a:12:f8:
                    3e:09:3b:13:78:b2:dc:1b:2b:01:70:25:d0:42:a2:
                    6b:41:66:d5:fe:e5:9e:6c:0b:29:14:ff:5d:48:22:
                    1d:35:10:03:15:e9:b0:c5:b1:8b:d1:46:cb:83:91:
                    c9:12:ea:67:75:e4:cb:b6:7f:d6:e1:04:bb:08:34:
                    0f:f1:0c:42:b9:ec:51:90:7d:ca:9c:00:04:7e:62:
                    f2:4d:56:1c:b1:43:5e:f5:d9:ed:93:32:c3:03:b5:
                    fb:ee:84:8d:aa:c9:28:64:bc:57:b9:48:b8:5f:48:
                    30:71:39:0e:67:dc:48:d1:f4:a5:ad:86:e4:3d:c0:
                    39:f2:fa:1b:1e:00:7d:86:bd:9a:30:1a:5a:7b:f3:
                    12:ca:fd:58:c6:f6:0b:42:38:0b:df:24:36:3d:e6:
                    a9:36:60:87:8b:c2:f8:0a:67:6b:ec:7b:98:33:d2:
                    57:5d:a0:32:78:aa:91:ac:2e:e1:f9:da:fe:62:36:
                    55:8a:57:c9:fc:1d:cc:75:fb:11:d8:d6:e5:d7:15:
                    ed:1a:1c:de:51:23:3d:dd:63:07:ad:c9:db:e1:8c:
                    43:79:b4:92:81:a4:a5:40:e6:32:7a:5a:2d:72:ed:
                    e4:00:9b:2a:5f:7a:73:eb:ec:b8:d9:2a:97:a2:8f:
                    1d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F9:47:19:68:1C:77:C3:69:07:08:A4:BA:4E:58:40:C5:F8:68:D4
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:09:b9:02:0a:10:af:0c:a7:58:11:99:89:28:1b:31:10:df:
         35:b9:93:f3:3f:28:6f:2f:a5:c2:b2:74:75:6d:82:7e:d2:f3:
         9b:bc:80:0e:92:3e:d5:e5:55:d6:6d:e9:d6:62:c4:ac:18:35:
         c4:aa:5e:51:fc:14:60:95:a5:60:b6:2b:b2:26:3d:fc:59:30:
         c1:f3:c0:11:2b:44:c5:c2:76:73:bb:e9:4c:12:4b:8a:2c:5a:
         55:36:fa:f6:fa:b9:c3:5d:c9:e9:69:f5:57:4c:fe:93:58:d0:
         c0:d8:0e:bb:0a:25:bb:95:2b:59:53:75:19:47:bd:4c:b4:8f:
         98:5b:30:3c:5f:74:3c:92:7a:35:89:27:19:3f:83:f6:61:90:
         66:e6:4f:4b:e1:3c:97:45:d8:25:e2:78:42:8e:e0:0a:da:83:
         4d:7a:a1:fa:c5:8a:2c:5e:34:5c:e2:3b:f8:0b:8e:e5:ff:f6:
         65:e4:4c:9e:70:6d:ba:e5:9d:c5:a1:d6:40:16:db:01:3a:3a:
         71:25:ea:30:a0:95:e5:34:1c:75:29:9d:67:d0:f2:32:58:00:
         dd:52:bb:92:3e:98:c9:c7:86:5c:e5:9c:4c:d6:33:df:61:9d:
         8d:11:97:6c:fe:8e:b2:f2:ea:5a:f9:92:cd:e2:3c:ca:1b:23:
         70:1d:ef:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGFGfipYJfeSz3XDiymyZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjUwNzAxMTMwMTU1WhcNMjUwNzAyMTMwMTU1WjAzMTEwLwYDVQQD
EyhhZGY5NDcxOTY4MWM3N2MzNjkwNzA4YTRiYTRlNTg0MGM1Zjg2OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk5Vj4sz4n41klF6Evg+CTsTeLLc
GysBcCXQQqJrQWbV/uWebAspFP9dSCIdNRADFemwxbGL0UbLg5HJEupndeTLtn/W
4QS7CDQP8QxCuexRkH3KnAAEfmLyTVYcsUNe9dntkzLDA7X77oSNqskoZLxXuUi4
X0gwcTkOZ9xI0fSlrYbkPcA58vobHgB9hr2aMBpae/MSyv1YxvYLQjgL3yQ2Peap
NmCHi8L4Cmdr7HuYM9JXXaAyeKqRrC7h+dr+YjZVilfJ/B3MdfsR2Nbl1xXtGhze
USM93WMHrcnb4YxDebSSgaSlQOYyelotcu3kAJsqX3pz6+y42SqXoo8d7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK35RxloHHfDaQcIpLpOWEDF+GjUMB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkQm5AgoQ
rwynWBGZiSgbMRDfNbmT8z8oby+lwrJ0dW2CftLzm7yADpI+1eVV1m3p1mLErBg1
xKpeUfwUYJWlYLYrsiY9/FkwwfPAEStExcJ2c7vpTBJLiixaVTb69vq5w13J6Wn1
V0z+k1jQwNgOuwolu5UrWVN1GUe9TLSPmFswPF90PJJ6NYknGT+D9mGQZuZPS+E8
l0XYJeJ4Qo7gCtqDTXqh+sWKLF40XOI7+AuO5f/2ZeRMnnBtuuWdxaHWQBbbATo6
cSXqMKCV5TQcdSmdZ9DyMlgA3VK7kj6YyceGXOWcTNYz32GdjRGXbP6OsvLqWvmS
zeI8yhsjcB3vVA==
-----END CERTIFICATE-----