Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          R8OWvbuOQSKRjSwX1e8pvVCrXSYHp0++mvEm2zMqHn0=
Subject key identifier:   46:CE:3C:3D:6B:76:DF:4B:B6:97:8F:E5:28:A4:BE:E5:FD:57:10:24
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       0197B70E6DB9E0CBF83D43277E2A595B5237
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          1300
Signing time:             Sat 28 Jun 2025 15:01:05 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:05 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:05 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: TzOyO+PamEiysJeMRKl8pD5OXkKSRBm0hj7U1SqDPyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:6d:b9:e0:cb:f8:3d:43:27:7e:2a:59:5b:52:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Jun 28 15:01:05 2025 GMT
            Not After : Jun 29 15:01:05 2025 GMT
        Subject: CN=46ce3c3d6b76df4bb6978fe528a4bee5fd571024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bc:bc:8b:3e:8b:45:93:d7:f1:d0:b9:77:53:
                    a9:f8:2f:39:69:89:2c:75:7b:38:9a:d5:c9:e7:5e:
                    2d:6a:3a:3d:cc:91:da:8d:f1:ed:5d:1e:c6:54:9b:
                    97:4d:e8:ff:e0:49:46:3f:a6:56:26:bf:b1:0e:53:
                    07:9b:63:fa:b6:0d:01:1e:83:24:4c:7d:25:d2:af:
                    58:00:52:da:d4:fc:fc:bc:f3:2a:f6:00:68:01:c2:
                    20:12:69:b7:a0:52:4f:43:27:f0:90:7a:cf:0b:65:
                    bd:40:90:9f:23:f8:d4:e4:f9:9f:0f:76:9f:71:06:
                    b2:87:29:dd:c8:e9:93:01:08:47:45:57:47:9d:37:
                    a8:bf:0f:e7:59:64:49:a1:25:ed:f4:47:59:f2:bc:
                    86:14:61:7b:62:1e:b7:9d:3a:a9:aa:11:97:f1:29:
                    c0:b1:75:21:b2:9e:1b:9c:93:97:09:07:f3:0d:2e:
                    83:86:be:70:0b:d4:ce:00:ef:bf:af:32:29:8e:97:
                    d4:fd:e7:c6:e8:11:fe:2c:e3:a5:dc:c5:e4:39:54:
                    e4:96:88:9b:f6:9b:9c:f7:ff:b4:eb:35:8e:c4:7a:
                    e5:9e:b4:ac:ab:10:89:60:bf:02:04:a8:67:3b:a0:
                    97:eb:08:f9:3d:63:dc:e1:71:d2:cc:2d:61:46:61:
                    0a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:CE:3C:3D:6B:76:DF:4B:B6:97:8F:E5:28:A4:BE:E5:FD:57:10:24
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:05:9e:4a:c8:91:fb:28:11:f5:4c:c3:92:97:96:af:fd:a5:
         09:2f:d1:f3:31:02:45:ec:10:59:f6:48:b0:6e:e1:08:ee:a7:
         b6:61:28:7c:45:82:e3:df:88:f1:88:59:86:a7:1a:ac:e4:1d:
         30:f3:f1:05:3a:4a:13:59:8b:bf:98:0c:39:b6:54:ca:7b:27:
         9b:39:d3:42:3d:c5:5a:2e:43:f1:23:50:b3:a1:df:93:cc:f4:
         75:57:56:8f:b4:c2:86:5d:f2:68:f4:bb:fd:04:a4:7f:9c:db:
         8a:20:d3:99:96:64:8e:0b:8a:b7:ea:03:b8:bd:ab:90:2e:25:
         39:c0:8c:95:af:7f:ce:32:73:03:b7:8c:87:96:f3:a7:18:d5:
         30:45:5f:d1:7c:85:e9:dc:06:94:ec:01:27:9d:34:05:4f:e5:
         69:f5:44:02:ba:0a:ff:52:3a:7f:5b:0e:40:50:6b:8a:b5:bc:
         75:01:30:c0:4b:bc:f5:00:62:b7:11:0a:3d:43:d1:9b:d4:74:
         ff:a3:81:f0:1a:6e:91:f7:4f:e8:fe:95:db:dd:90:aa:36:2a:
         1a:21:d6:a3:98:f9:1b:f2:00:7b:9b:af:fe:c0:f1:b3:a8:08:
         b1:f2:30:f3:a6:d6:d3:a4:94:c3:10:9a:29:1f:ae:66:ff:35:
         41:6f:17:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dm254Mv4PUMnfipZW1I3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwNjI4MTUwMTA1WhcNMjUwNjI5MTUwMTA1WjAzMTEwLwYDVQQD
Eyg0NmNlM2MzZDZiNzZkZjRiYjY5NzhmZTUyOGE0YmVlNWZkNTcxMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApry8iz6LRZPX8dC5d1Op+C85aYks
dXs4mtXJ514tajo9zJHajfHtXR7GVJuXTej/4ElGP6ZWJr+xDlMHm2P6tg0BHoMk
TH0l0q9YAFLa1Pz8vPMq9gBoAcIgEmm3oFJPQyfwkHrPC2W9QJCfI/jU5PmfD3af
cQayhyndyOmTAQhHRVdHnTeovw/nWWRJoSXt9EdZ8ryGFGF7Yh63nTqpqhGX8SnA
sXUhsp4bnJOXCQfzDS6Dhr5wC9TOAO+/rzIpjpfU/efG6BH+LOOl3MXkOVTkloib
9puc9/+06zWOxHrlnrSsqxCJYL8CBKhnO6CX6wj5PWPc4XHSzC1hRmEKVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbOPD1rdt9LtpeP5SikvuX9VxAkMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACQWeSsiR
+ygR9UzDkpeWr/2lCS/R8zECRewQWfZIsG7hCO6ntmEofEWC49+I8YhZhqcarOQd
MPPxBTpKE1mLv5gMObZUynsnmznTQj3FWi5D8SNQs6Hfk8z0dVdWj7TChl3yaPS7
/QSkf5zbiiDTmZZkjguKt+oDuL2rkC4lOcCMla9/zjJzA7eMh5bzpxjVMEVf0XyF
6dwGlOwBJ500BU/lafVEAroK/1I6f1sOQFBrirW8dQEwwEu89QBitxEKPUPRm9R0
/6OB8BpukfdP6P6V292QqjYqGiHWo5j5G/IAe5uv/sDxs6gIsfIw86bW06SUwxCa
KR+uZv81QW8XqQ==
-----END CERTIFICATE-----