Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          7KHw+z2MyxP361eXIHQFDCTMG8Jcd6TiuHJ5mTA9ojc=
Subject key identifier:   D8:83:0B:9B:C0:7E:8E:60:85:07:4E:60:4C:69:96:E8:49:B0:61:51
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       0197BA7E6D56490B1195E5CB538A0095C3AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          15B4
Signing time:             Sun 29 Jun 2025 07:02:17 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:17 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:17 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: hIaGFsukyOhCX9Agyeusnc3AiWYzhwtwWQhx+7LwvSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:6d:56:49:0b:11:95:e5:cb:53:8a:00:95:c3:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Jun 29 07:02:17 2025 GMT
            Not After : Jun 30 07:02:17 2025 GMT
        Subject: CN=d8830b9bc07e8e6085074e604c6996e849b06151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:62:b7:1e:15:38:53:55:f1:b8:2f:cb:2e:c2:
                    b1:5b:1c:88:d6:0c:ad:49:b6:99:cd:a5:f0:e7:fd:
                    e6:f5:f7:43:e1:48:fd:02:2d:d6:ec:87:97:58:2b:
                    d0:01:20:ab:66:9f:04:17:bb:f8:5e:61:f4:cf:6d:
                    1a:ae:6d:6a:33:e9:55:92:7f:7f:53:56:10:7a:a0:
                    75:c9:1a:2a:c3:87:8e:21:f9:54:80:21:de:53:00:
                    17:11:67:53:4d:27:e1:68:ad:cb:54:7c:41:4f:de:
                    56:83:17:d5:42:4b:45:63:43:86:69:de:a2:ad:f0:
                    80:04:bf:12:41:34:4c:d5:44:c7:8a:ea:8a:72:43:
                    af:d1:47:61:e5:97:54:94:f4:6c:46:e4:5c:fe:75:
                    5e:08:0f:d4:03:45:68:cc:76:00:e8:05:36:08:21:
                    6a:c1:45:fc:b6:15:94:5e:9a:d7:cd:63:16:e2:4f:
                    f2:5f:80:58:92:6c:64:0c:64:11:44:8d:b6:ec:05:
                    74:4b:45:87:ba:2e:97:93:4d:a8:1c:50:a0:b1:be:
                    54:a2:21:3e:2d:b2:da:e8:45:45:a2:b5:b8:f2:dc:
                    01:4c:62:ce:30:a5:0d:1a:40:22:5c:e7:e8:aa:a2:
                    ce:dd:b8:57:36:7f:fe:e0:a1:d0:17:63:f4:c0:aa:
                    a4:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:83:0B:9B:C0:7E:8E:60:85:07:4E:60:4C:69:96:E8:49:B0:61:51
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:81:8c:2b:d5:23:10:f2:65:05:f7:c9:94:c3:30:61:35:9e:
         65:e2:96:19:83:f3:c1:06:ff:77:13:99:3d:19:1e:28:78:71:
         83:d9:20:a7:f6:0b:5e:3e:94:f0:7f:ca:12:9c:6d:88:ae:d0:
         16:59:e5:9c:2f:1a:de:08:88:19:34:b8:08:79:72:5c:52:ff:
         b6:aa:b7:05:6e:1d:9d:c7:01:57:18:e4:74:9d:c6:db:20:a9:
         ce:bb:82:9b:26:8b:9e:c4:7a:7c:e7:88:6b:88:92:e3:69:15:
         44:df:6d:47:0a:f9:9c:ef:7c:16:b5:95:6e:47:a9:ab:ee:f3:
         05:2a:55:88:a6:98:02:07:7d:17:1f:0e:44:e8:67:a9:7a:95:
         d2:34:55:d5:19:c8:ab:90:a4:09:12:4f:a2:c3:d6:cf:40:0b:
         32:6c:a3:43:af:2b:93:38:b6:82:d3:fa:b3:79:b2:1e:bd:6b:
         02:b4:d2:ca:a9:3f:01:97:ac:6e:a4:80:28:10:a5:45:d8:fa:
         42:ce:f2:26:c3:85:6d:23:f7:c5:35:97:11:9d:ca:f3:57:7a:
         4a:70:e2:79:b2:b0:7b:c4:ff:10:b9:38:66:62:44:36:aa:ba:
         bf:d8:3e:9a:12:f6:96:22:68:93:3e:5e:4b:b8:f2:a6:fe:c3:
         3d:d7:c7:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fm1WSQsRleXLU4oAlcOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUwNjI5MDcwMjE3WhcNMjUwNjMwMDcwMjE3WjAzMTEwLwYDVQQD
EyhkODgzMGI5YmMwN2U4ZTYwODUwNzRlNjA0YzY5OTZlODQ5YjA2MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGK3HhU4U1XxuC/LLsKxWxyI1gyt
SbaZzaXw5/3m9fdD4Uj9Ai3W7IeXWCvQASCrZp8EF7v4XmH0z20arm1qM+lVkn9/
U1YQeqB1yRoqw4eOIflUgCHeUwAXEWdTTSfhaK3LVHxBT95WgxfVQktFY0OGad6i
rfCABL8SQTRM1UTHiuqKckOv0Udh5ZdUlPRsRuRc/nVeCA/UA0VozHYA6AU2CCFq
wUX8thWUXprXzWMW4k/yX4BYkmxkDGQRRI227AV0S0WHui6Xk02oHFCgsb5UoiE+
LbLa6EVForW48twBTGLOMKUNGkAiXOfoqqLO3bhXNn/+4KHQF2P0wKqkkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiDC5vAfo5ghQdOYExpluhJsGFRMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATYGMK9Uj
EPJlBffJlMMwYTWeZeKWGYPzwQb/dxOZPRkeKHhxg9kgp/YLXj6U8H/KEpxtiK7Q
FlnlnC8a3giIGTS4CHlyXFL/tqq3BW4dnccBVxjkdJ3G2yCpzruCmyaLnsR6fOeI
a4iS42kVRN9tRwr5nO98FrWVbkepq+7zBSpViKaYAgd9Fx8OROhnqXqV0jRV1RnI
q5CkCRJPosPWz0ALMmyjQ68rkzi2gtP6s3myHr1rArTSyqk/AZesbqSAKBClRdj6
Qs7yJsOFbSP3xTWXEZ3K81d6SnDiebKwe8T/ELk4ZmJENqq6v9g+mhL2liJokz5e
S7jypv7DPdfHyg==
-----END CERTIFICATE-----