Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          m5wd2p9HGS/ZG21z4A/FqiFioWKGpZXj5Z9yLQHMZ/4=
Subject key identifier:   26:F2:D1:A8:89:4E:B8:B8:6E:C2:15:D6:0E:1A:9C:82:77:F5:29:D0
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       0196CB0540FCDF028A4E72CA2B4FA3C09D61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          1538
Signing time:             Tue 13 May 2025 19:00:41 +0000
Manifest this update:     Tue 13 May 2025 19:00:41 +0000
Manifest next update:     Wed 14 May 2025 19:00:41 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: gpBbzDI9Lcte/6Wxdp1yhkrToXYQT9eWWe2ingXBcfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:05:40:fc:df:02:8a:4e:72:ca:2b:4f:a3:c0:9d:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: May 13 19:00:41 2025 GMT
            Not After : May 14 19:00:41 2025 GMT
        Subject: CN=26f2d1a8894eb8b86ec215d60e1a9c8277f529d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1e:69:46:81:b6:76:16:ef:55:9a:79:8f:68:
                    fd:d5:cb:31:49:df:ad:19:c5:3a:43:6e:40:7c:fe:
                    6b:9f:f3:68:a9:5d:3d:20:4e:14:b3:55:ac:a9:39:
                    7d:17:43:c6:0c:77:5f:73:7b:d4:0c:1b:5d:80:fc:
                    ad:51:c7:a3:bd:68:a4:0b:b7:20:62:98:b9:96:64:
                    ec:06:85:86:58:12:ba:70:03:9b:a0:5a:b2:63:0f:
                    51:95:ef:de:7e:a9:7a:e2:8c:11:ab:59:84:c0:75:
                    20:26:b5:fc:63:64:94:7f:f1:50:ff:d2:26:ee:29:
                    42:c9:a4:20:b6:0f:a6:2c:3e:07:69:cd:7d:d4:1f:
                    00:ba:cd:cc:e6:5e:e6:1c:bb:43:15:cd:37:2b:58:
                    32:28:e9:39:a8:92:bf:43:2b:1f:22:2a:1b:74:c8:
                    ad:49:7e:1c:0c:58:d6:d3:75:fe:39:37:ea:be:a6:
                    bd:d2:4e:b0:43:87:2b:99:ce:43:7c:69:95:60:63:
                    79:1f:fe:19:40:90:a1:dd:6c:a7:20:d3:87:ca:4d:
                    da:08:e4:75:ba:55:5c:e9:58:c6:cc:da:cb:fa:f5:
                    c7:aa:bc:2c:89:12:68:2b:2f:f0:bd:10:0e:3c:a5:
                    42:6f:b4:a9:3c:88:c6:9c:5c:24:a9:fe:3d:21:19:
                    e4:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F2:D1:A8:89:4E:B8:B8:6E:C2:15:D6:0E:1A:9C:82:77:F5:29:D0
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:e4:be:f9:f2:c6:ec:92:d1:0b:09:42:e1:a9:a3:b9:66:5b:
         9f:38:52:2f:52:63:34:6c:ff:54:e0:3e:af:16:a1:6e:d9:91:
         b0:2e:0a:f7:1e:62:d7:52:57:0c:9f:63:93:fa:7f:72:34:d9:
         5c:20:ca:ac:ae:79:34:52:73:f9:a3:2b:99:b9:4e:7a:6d:ab:
         78:ce:6d:f6:71:9f:da:3b:97:1d:5b:f6:28:b8:ad:b4:8f:40:
         a4:c1:5a:cd:4a:7d:cc:98:dd:18:96:52:82:ea:bf:bb:a8:e8:
         35:90:f8:b7:68:5a:08:a0:b2:9e:07:4b:04:2d:04:23:a9:25:
         76:95:2d:5b:f0:9a:ae:92:46:9a:36:90:a1:1b:d8:31:e2:b3:
         53:aa:21:52:f6:13:36:c1:63:41:e5:8f:0d:c6:f8:a8:d2:b0:
         50:9e:b5:6c:69:fc:d8:9e:06:06:ac:c6:80:1b:20:c5:7c:0d:
         12:ed:67:00:d6:ce:89:42:01:f0:27:2c:9c:70:28:52:ab:a2:
         32:7a:52:ea:d3:94:40:61:11:c9:26:8b:95:b6:39:cb:ce:28:
         ad:85:e9:d0:ee:6e:79:b4:55:7d:f4:c8:52:27:a9:7d:75:c3:
         42:df:bd:96:1d:67:31:ef:ae:91:22:ce:68:b3:46:f9:58:fc:
         f3:34:d2:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLBUD83wKKTnLKK0+jwJ1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUwNTEzMTkwMDQxWhcNMjUwNTE0MTkwMDQxWjAzMTEwLwYDVQQD
EygyNmYyZDFhODg5NGViOGI4NmVjMjE1ZDYwZTFhOWM4Mjc3ZjUyOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh5pRoG2dhbvVZp5j2j91csxSd+t
GcU6Q25AfP5rn/NoqV09IE4Us1WsqTl9F0PGDHdfc3vUDBtdgPytUcejvWikC7cg
Ypi5lmTsBoWGWBK6cAOboFqyYw9Rle/efql64owRq1mEwHUgJrX8Y2SUf/FQ/9Im
7ilCyaQgtg+mLD4Hac191B8Aus3M5l7mHLtDFc03K1gyKOk5qJK/QysfIiobdMit
SX4cDFjW03X+OTfqvqa90k6wQ4crmc5DfGmVYGN5H/4ZQJCh3WynINOHyk3aCOR1
ulVc6VjGzNrL+vXHqrwsiRJoKy/wvRAOPKVCb7SpPIjGnFwkqf49IRnkOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCby0aiJTri4bsIV1g4anIJ39SnQMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApuS++fLG
7JLRCwlC4amjuWZbnzhSL1JjNGz/VOA+rxahbtmRsC4K9x5i11JXDJ9jk/p/cjTZ
XCDKrK55NFJz+aMrmblOem2reM5t9nGf2juXHVv2KLittI9ApMFazUp9zJjdGJZS
guq/u6joNZD4t2haCKCyngdLBC0EI6kldpUtW/CarpJGmjaQoRvYMeKzU6ohUvYT
NsFjQeWPDcb4qNKwUJ61bGn82J4GBqzGgBsgxXwNEu1nANbOiUIB8CcsnHAoUqui
MnpS6tOUQGERySaLlbY5y84orYXp0O5uebRVffTIUiepfXXDQt+9lh1nMe+ukSLO
aLNG+Vj88zTSVg==
-----END CERTIFICATE-----