Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          hOuAc/9KzRoxxLUnKYCkJKceNvFCKz3VdCZzazphGeg=
Subject key identifier:   0B:08:69:31:60:D9:1E:B2:A4:B5:71:E8:5C:65:24:03:28:74:0D:B1
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       01969DF595D67C8135AC9AA6E5030BBC86A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0933
Signing time:             Mon 05 May 2025 01:00:39 +0000
Manifest this update:     Mon 05 May 2025 01:00:39 +0000
Manifest next update:     Tue 06 May 2025 01:00:39 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: oCjN5SmrxZOwLCC/MabUHNERKho0DV0ydwmBQvtzHdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:f5:95:d6:7c:81:35:ac:9a:a6:e5:03:0b:bc:86:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: May  5 01:00:39 2025 GMT
            Not After : May  6 01:00:39 2025 GMT
        Subject: CN=0b08693160d91eb2a4b571e85c65240328740db1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:31:55:41:d5:b7:bb:b6:04:c2:96:85:67:86:
                    7f:ca:4d:6c:7d:77:6a:0f:cf:9d:23:e7:28:9e:35:
                    b6:c1:72:6e:ac:70:5f:6d:8c:6c:0b:84:a0:d2:d7:
                    05:ec:bb:51:01:f4:d7:fe:0d:4f:b8:16:b7:fa:27:
                    c2:93:06:8c:9b:3d:ef:08:bc:66:87:dc:9f:8c:ac:
                    db:dd:d3:0a:41:69:0b:f9:9e:33:bd:8c:b9:f6:70:
                    10:be:68:66:8a:66:cd:7b:3c:6b:9f:aa:5e:21:63:
                    d0:03:59:18:f2:47:1f:0c:94:c7:cc:a8:c7:35:36:
                    fc:b5:95:f9:cd:19:cf:65:93:2d:3a:cb:56:0d:07:
                    37:77:a5:63:2a:c7:4a:77:91:8f:81:a6:5e:02:e0:
                    a7:cc:35:0a:2b:49:41:d2:d3:a9:e1:b9:9e:6a:55:
                    97:7e:13:87:a5:c7:ba:9f:20:23:5f:7b:32:43:d0:
                    75:30:7e:2d:28:ec:63:ba:54:31:c2:63:13:57:60:
                    c3:6d:d6:ed:f3:24:d8:16:d9:69:e3:1e:ad:72:c3:
                    6a:1b:02:07:03:23:95:28:1b:01:96:37:28:a6:90:
                    05:cd:09:91:f8:57:64:10:42:a6:c6:0b:77:10:2b:
                    2c:6c:15:9d:02:6f:14:84:db:15:72:9a:4c:89:7d:
                    68:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:08:69:31:60:D9:1E:B2:A4:B5:71:E8:5C:65:24:03:28:74:0D:B1
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:a5:d4:42:c0:c1:95:34:fc:08:fe:e3:0d:87:84:5d:71:ca:
         71:97:91:0d:f6:00:fb:7b:c7:d1:2b:f4:cf:5a:9f:c4:9a:a5:
         5c:1d:e2:4b:0f:de:97:ef:ea:c9:ee:8c:a6:0a:81:1e:0b:98:
         e1:a8:c6:01:42:99:48:fc:a2:86:ab:e9:d9:ea:53:43:62:c5:
         3f:f3:d2:6d:64:43:ec:8f:7b:fb:0c:84:a9:b0:30:d4:da:37:
         3d:f9:fb:b8:b4:48:a2:ab:53:b1:8b:29:e7:22:f9:e8:6d:21:
         d0:fb:3e:a0:ef:73:ed:d1:10:97:53:20:9d:c0:19:31:9b:ef:
         0d:38:31:c0:d9:b1:21:9a:df:6b:ce:cb:6e:8e:5c:c6:a0:39:
         af:84:0e:61:f5:f9:d9:f3:e3:f0:75:7c:f0:1c:83:b0:8f:26:
         fc:7a:ca:50:f1:d7:af:ae:01:bd:89:c0:a4:d3:77:39:25:e5:
         0b:ec:af:ba:cc:88:da:a6:1e:76:fd:f3:98:62:b8:02:a2:37:
         65:11:b9:b6:1a:09:5e:dc:a3:21:09:5b:7e:5d:9a:e7:81:46:
         a4:95:de:d1:d0:1e:ef:32:4a:72:bc:04:a5:ef:0c:27:cb:d1:
         00:02:f9:cb:1f:f7:80:37:ed:51:c7:85:8e:7e:75:a6:03:36:
         71:6d:da:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZad9ZXWfIE1rJqm5QMLvIanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwNTA1MDEwMDM5WhcNMjUwNTA2MDEwMDM5WjAzMTEwLwYDVQQD
EygwYjA4NjkzMTYwZDkxZWIyYTRiNTcxZTg1YzY1MjQwMzI4NzQwZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzFVQdW3u7YEwpaFZ4Z/yk1sfXdq
D8+dI+conjW2wXJurHBfbYxsC4Sg0tcF7LtRAfTX/g1PuBa3+ifCkwaMmz3vCLxm
h9yfjKzb3dMKQWkL+Z4zvYy59nAQvmhmimbNezxrn6peIWPQA1kY8kcfDJTHzKjH
NTb8tZX5zRnPZZMtOstWDQc3d6VjKsdKd5GPgaZeAuCnzDUKK0lB0tOp4bmealWX
fhOHpce6nyAjX3syQ9B1MH4tKOxjulQxwmMTV2DDbdbt8yTYFtlp4x6tcsNqGwIH
AyOVKBsBljcoppAFzQmR+FdkEEKmxgt3ECssbBWdAm8UhNsVcppMiX1orQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsIaTFg2R6ypLVx6FxlJAModA2xMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcKXUQsDB
lTT8CP7jDYeEXXHKcZeRDfYA+3vH0Sv0z1qfxJqlXB3iSw/el+/qye6MpgqBHguY
4ajGAUKZSPyihqvp2epTQ2LFP/PSbWRD7I97+wyEqbAw1No3Pfn7uLRIoqtTsYsp
5yL56G0h0Ps+oO9z7dEQl1MgncAZMZvvDTgxwNmxIZrfa87Lbo5cxqA5r4QOYfX5
2fPj8HV88ByDsI8m/HrKUPHXr64BvYnApNN3OSXlC+yvusyI2qYedv3zmGK4AqI3
ZRG5thoJXtyjIQlbfl2a54FGpJXe0dAe7zJKcrwEpe8MJ8vRAAL5yx/3gDftUceF
jn51pgM2cW3aRA==
-----END CERTIFICATE-----