Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          DZcB4jCrr3uBUtxWKI/XRT5ZZ5My3QrLOq+nXzwcNS0=
Subject key identifier:   AE:46:7E:B8:57:F5:99:AB:77:9B:20:1C:8A:BC:FA:85:B8:1B:1A:64
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       01969D1A0F15DD514540437190B8AE0995B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          126E
Signing time:             Sun 04 May 2025 21:00:52 +0000
Manifest this update:     Sun 04 May 2025 21:00:52 +0000
Manifest next update:     Mon 05 May 2025 21:00:52 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: D2sGh9uyWUQcG3tfvDGYe1jkoLhFQwnNqtFqHTgIcq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 21:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:1a:0f:15:dd:51:45:40:43:71:90:b8:ae:09:95:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: May  4 21:00:52 2025 GMT
            Not After : May  5 21:00:52 2025 GMT
        Subject: CN=ae467eb857f599ab779b201c8abcfa85b81b1a64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:27:da:1d:a0:3c:e3:28:a2:6b:24:11:73:20:
                    45:9b:73:44:04:0c:d6:52:ba:d8:2d:8a:8c:f4:a7:
                    07:4c:4e:eb:ef:17:9d:45:20:df:62:1c:24:7d:c8:
                    53:df:fa:65:fc:09:87:21:de:75:5b:13:b1:65:48:
                    03:cd:5a:be:48:28:23:8d:42:11:dc:1e:6c:9a:66:
                    47:bd:70:4e:13:8c:c7:7a:54:f9:ce:0d:74:a3:f5:
                    e6:dc:a2:9e:d5:21:54:01:7f:69:36:6e:b3:b7:f3:
                    8a:8b:7f:da:bc:f8:48:ec:f0:b6:95:bc:ac:b2:a5:
                    8b:5c:d8:bf:cf:e2:92:6e:f9:8d:99:44:3d:03:9b:
                    50:0e:ff:87:65:d3:95:f0:0e:df:4a:37:e0:03:53:
                    20:ae:b9:b2:8a:65:d2:d6:8f:52:6d:dd:0e:39:3d:
                    9a:53:29:0b:38:c3:9c:db:e4:1d:70:6c:bb:aa:b6:
                    22:be:ce:0d:e6:58:34:d8:6f:82:f0:d4:97:6f:ad:
                    a7:67:2a:e8:a0:2a:45:a6:09:ad:46:bc:66:d8:3f:
                    d8:26:ff:d6:7d:13:22:a7:10:12:d2:32:be:11:c1:
                    7e:2c:df:89:e1:13:f7:f9:5a:ec:50:f4:71:96:a3:
                    6d:5b:39:9f:61:4f:65:ee:7c:13:19:58:b4:50:8b:
                    e7:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:46:7E:B8:57:F5:99:AB:77:9B:20:1C:8A:BC:FA:85:B8:1B:1A:64
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:fa:00:bc:6f:73:2f:8f:e7:28:db:4e:b4:f7:ea:2f:33:b6:
         aa:9e:68:09:81:a5:fa:e1:0e:16:b4:0b:3d:3a:bd:b7:34:79:
         6a:51:a4:85:aa:25:7c:65:fc:5e:91:c3:23:de:dc:25:bd:37:
         29:c5:ac:75:13:17:22:9d:4b:14:b1:fe:92:73:ee:24:40:a2:
         8a:4f:2d:00:94:cb:e2:aa:96:f4:e8:f3:ad:67:b3:8a:32:56:
         14:b9:16:9a:00:09:3b:b4:98:fb:6b:39:b6:7e:79:79:50:2c:
         08:c6:fe:ca:70:0a:31:eb:a7:33:31:29:b5:cf:c0:cd:51:d2:
         4c:13:a8:6b:b3:71:1c:00:cd:e2:96:c0:d2:5d:de:0a:82:8c:
         17:cc:6b:7c:5c:2d:14:a2:96:96:28:52:e1:49:7d:7a:64:fd:
         8a:3f:71:2b:b4:9b:46:28:51:09:70:4a:26:fd:7c:18:73:ae:
         7f:41:9a:9e:b5:70:82:d6:2e:d1:cc:a7:b8:d5:18:80:58:b0:
         59:28:82:7a:f2:0b:24:00:5b:68:b1:7f:fd:4a:9f:fb:11:50:
         b2:22:8f:15:bf:c8:15:70:7a:46:f9:63:4b:af:be:62:a1:1f:
         70:29:1e:2d:6d:82:0d:ca:77:c4:23:43:d7:ad:6c:1e:be:a9:
         57:ea:32:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadGg8V3VFFQENxkLiuCZW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwNTA0MjEwMDUyWhcNMjUwNTA1MjEwMDUyWjAzMTEwLwYDVQQD
EyhhZTQ2N2ViODU3ZjU5OWFiNzc5YjIwMWM4YWJjZmE4NWI4MWIxYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuifaHaA84yiiayQRcyBFm3NEBAzW
UrrYLYqM9KcHTE7r7xedRSDfYhwkfchT3/pl/AmHId51WxOxZUgDzVq+SCgjjUIR
3B5smmZHvXBOE4zHelT5zg10o/Xm3KKe1SFUAX9pNm6zt/OKi3/avPhI7PC2lbys
sqWLXNi/z+KSbvmNmUQ9A5tQDv+HZdOV8A7fSjfgA1MgrrmyimXS1o9Sbd0OOT2a
UykLOMOc2+QdcGy7qrYivs4N5lg02G+C8NSXb62nZyrooCpFpgmtRrxm2D/YJv/W
fRMipxAS0jK+EcF+LN+J4RP3+VrsUPRxlqNtWzmfYU9l7nwTGVi0UIvncwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5GfrhX9Zmrd5sgHIq8+oW4GxpkMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOPoAvG9z
L4/nKNtOtPfqLzO2qp5oCYGl+uEOFrQLPTq9tzR5alGkhaolfGX8XpHDI97cJb03
KcWsdRMXIp1LFLH+knPuJECiik8tAJTL4qqW9OjzrWezijJWFLkWmgAJO7SY+2s5
tn55eVAsCMb+ynAKMeunMzEptc/AzVHSTBOoa7NxHADN4pbA0l3eCoKMF8xrfFwt
FKKWlihS4Ul9emT9ij9xK7SbRihRCXBKJv18GHOuf0GanrVwgtYu0cynuNUYgFiw
WSiCevILJABbaLF//Uqf+xFQsiKPFb/IFXB6RvljS6++YqEfcCkeLW2CDcp3xCND
161sHr6pV+oy+Q==
-----END CERTIFICATE-----