Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          GERFe6E8tjGFsIE8r5d2UwmxMiHmENMF/Ni7hjkVnHI=
Subject key identifier:   5C:1B:78:41:D5:63:E7:3B:20:50:12:8C:39:9F:6C:62:14:BF:A6:36
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       0197C94B6BD55B4FE129367B81616CD2A0A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          0290
Signing time:             Wed 02 Jul 2025 04:00:52 +0000
Manifest this update:     Wed 02 Jul 2025 04:00:52 +0000
Manifest next update:     Thu 03 Jul 2025 04:00:52 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: 8wRAO/uOG+AqtVEVr5DpejXSVNs/xMk2Ma3qOvnXmDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:4b:6b:d5:5b:4f:e1:29:36:7b:81:61:6c:d2:a0:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Jul  2 04:00:52 2025 GMT
            Not After : Jul  3 04:00:52 2025 GMT
        Subject: CN=5c1b7841d563e73b2050128c399f6c6214bfa636
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ea:13:8f:e3:52:dc:11:7e:fa:4c:b5:b5:fd:
                    b0:1a:cc:0d:ab:da:f0:58:51:50:8b:a3:64:09:56:
                    32:b8:94:16:0d:68:24:cc:3c:18:ee:06:2c:6b:66:
                    9b:bd:96:c8:91:c5:ca:5d:24:35:37:89:a0:5c:27:
                    a3:5c:d7:2e:52:aa:f0:8e:fa:e7:49:29:bf:ed:7c:
                    34:36:35:6c:71:11:8b:8c:b3:c0:93:2f:fe:91:f2:
                    bd:b6:a5:1e:f3:22:87:76:95:7e:98:df:f5:bf:c2:
                    5a:ae:ef:cc:08:cf:2e:d0:ba:b4:5c:cc:ca:57:80:
                    8f:de:04:b6:7f:64:b0:75:cd:ae:89:dc:6a:d8:07:
                    6e:84:d4:3a:5f:d1:5c:59:99:02:e7:2f:5b:b7:77:
                    f0:bf:4a:92:25:aa:3f:ad:b2:80:2f:86:4c:29:bd:
                    8a:57:bf:70:8a:5b:2b:4a:2b:f9:ad:fe:bb:e0:f9:
                    ad:f5:29:9a:07:7e:cd:30:fe:fa:11:f4:2e:cc:ec:
                    ba:4c:74:4a:d0:31:05:10:fc:83:18:92:98:95:9c:
                    32:93:c2:bb:91:22:1c:02:c3:e4:1d:83:ab:19:43:
                    43:ad:53:97:eb:37:a0:8e:76:4e:55:96:89:f7:aa:
                    da:93:df:57:aa:80:23:cb:ee:00:19:ed:7d:75:43:
                    d0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:1B:78:41:D5:63:E7:3B:20:50:12:8C:39:9F:6C:62:14:BF:A6:36
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:a9:d5:73:f5:99:bf:ac:96:5d:a6:5c:28:9e:d2:fa:83:a5:
         64:f9:50:3d:54:02:e9:73:35:d8:55:60:fb:8c:cb:32:e1:75:
         00:f7:26:88:b8:18:d9:ca:78:a2:21:99:b3:67:f0:34:d1:8a:
         b0:38:a4:eb:dd:f7:c4:ee:86:fc:43:90:55:c2:e3:20:8e:8a:
         ee:a8:1b:0f:5e:12:e9:d0:8c:91:85:66:cc:fd:5f:41:51:30:
         a7:eb:ce:c9:34:74:ac:ae:97:23:cb:b4:2a:29:11:32:af:10:
         b8:d0:17:e6:4f:8a:4a:8f:ef:93:8b:21:d9:7d:45:b5:2e:6d:
         b8:31:96:81:84:3c:e6:6d:15:80:ce:36:12:1f:3c:5b:79:1c:
         b4:ab:3d:0d:b6:15:38:e0:a4:01:db:3b:5a:03:37:6d:64:7c:
         9a:c5:e9:c7:0d:d5:1e:50:80:bc:d4:47:4c:68:68:f3:d3:28:
         96:27:76:e5:5c:31:36:80:15:97:55:9b:20:6b:70:05:6a:c4:
         d9:b2:0f:e8:1f:35:89:02:bc:a6:b6:e7:44:68:c6:b2:c4:9b:
         59:90:16:93:50:25:19:e4:65:44:5e:5b:ba:d1:5e:68:6d:b4:
         d2:89:19:db:7f:5a:85:75:f2:f9:1e:e3:9b:b0:d2:57:9c:66:
         b0:0a:c5:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJS2vVW0/hKTZ7gWFs0qCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUwNzAyMDQwMDUyWhcNMjUwNzAzMDQwMDUyWjAzMTEwLwYDVQQD
Eyg1YzFiNzg0MWQ1NjNlNzNiMjA1MDEyOGMzOTlmNmM2MjE0YmZhNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuoTj+NS3BF++ky1tf2wGswNq9rw
WFFQi6NkCVYyuJQWDWgkzDwY7gYsa2abvZbIkcXKXSQ1N4mgXCejXNcuUqrwjvrn
SSm/7Xw0NjVscRGLjLPAky/+kfK9tqUe8yKHdpV+mN/1v8Jaru/MCM8u0Lq0XMzK
V4CP3gS2f2Swdc2uidxq2AduhNQ6X9FcWZkC5y9bt3fwv0qSJao/rbKAL4ZMKb2K
V79wilsrSiv5rf674Pmt9SmaB37NMP76EfQuzOy6THRK0DEFEPyDGJKYlZwyk8K7
kSIcAsPkHYOrGUNDrVOX6zegjnZOVZaJ96rak99XqoAjy+4AGe19dUPQBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwbeEHVY+c7IFASjDmfbGIUv6Y2MB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm6nVc/WZ
v6yWXaZcKJ7S+oOlZPlQPVQC6XM12FVg+4zLMuF1APcmiLgY2cp4oiGZs2fwNNGK
sDik6933xO6G/EOQVcLjII6K7qgbD14S6dCMkYVmzP1fQVEwp+vOyTR0rK6XI8u0
KikRMq8QuNAX5k+KSo/vk4sh2X1FtS5tuDGWgYQ85m0VgM42Eh88W3kctKs9DbYV
OOCkAds7WgM3bWR8msXpxw3VHlCAvNRHTGho89Molid25VwxNoAVl1WbIGtwBWrE
2bIP6B81iQK8prbnRGjGssSbWZAWk1AlGeRlRF5butFeaG200okZ239ahXXy+R7j
m7DSV5xmsArFOg==
-----END CERTIFICATE-----