Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          h9ucj7QaM57csD6wY0XI87cRwseKvpD4/lq8y/+fJiY=
Subject key identifier:   02:86:BE:9D:CD:E3:6C:98:BB:54:EA:54:7F:96:62:29:CE:F0:E3:7B
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       0197B9D88E1FD8489CB368CAA3C86A9F058D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          09C6
Signing time:             Sun 29 Jun 2025 04:01:06 +0000
Manifest this update:     Sun 29 Jun 2025 04:01:06 +0000
Manifest next update:     Mon 30 Jun 2025 04:01:06 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: DYeFY1jSFsSX/np6srFTtPJSEaw/jZ/oToP5cEeqSNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:d8:8e:1f:d8:48:9c:b3:68:ca:a3:c8:6a:9f:05:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Jun 29 04:01:06 2025 GMT
            Not After : Jun 30 04:01:06 2025 GMT
        Subject: CN=0286be9dcde36c98bb54ea547f966229cef0e37b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:47:30:77:57:ca:16:90:f6:c1:8e:ac:93:16:
                    2e:63:3d:03:06:22:fd:bc:5e:37:45:77:c8:f5:3a:
                    73:ab:f9:b1:8c:26:61:d9:9f:03:b4:65:3e:81:c3:
                    3e:9f:50:b5:b7:bf:c3:81:49:2d:65:e5:c6:c6:ec:
                    54:fd:78:4d:d1:89:40:6d:5a:a9:27:98:aa:ea:13:
                    3c:d0:2e:59:e0:a7:68:44:6c:23:07:ac:98:16:ba:
                    18:7d:84:ca:4a:e6:57:66:97:0d:5a:5e:1c:e4:29:
                    9b:e0:82:80:3a:35:8c:5e:bb:f3:5f:18:68:8a:87:
                    f9:c0:08:ef:ac:66:3d:09:f1:83:b3:99:9a:d9:4d:
                    36:47:98:1e:0f:6a:2f:b3:04:fe:a6:d7:02:c3:f3:
                    02:bc:73:52:f5:94:4a:24:87:b7:74:48:e0:ec:4f:
                    1d:b6:d4:ec:a3:4e:85:d7:08:e7:75:bf:03:d5:60:
                    97:7e:47:4e:37:28:2f:7f:a8:3f:49:19:2a:c5:12:
                    eb:ee:54:28:0c:c7:61:21:df:e4:dc:bd:fc:1b:eb:
                    d8:c3:37:c7:31:c6:78:42:7b:36:45:fe:91:10:e0:
                    03:24:af:90:c3:f3:42:27:64:83:8a:ca:b1:19:ae:
                    bb:43:de:a2:17:29:87:7d:ee:2b:0e:6f:b4:fd:58:
                    68:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:86:BE:9D:CD:E3:6C:98:BB:54:EA:54:7F:96:62:29:CE:F0:E3:7B
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:d4:13:37:63:c5:7d:8b:85:bd:b3:a8:cf:d3:c2:ea:18:b5:
         b4:a1:71:49:22:57:e0:06:ca:ba:7e:7c:8e:41:8e:30:f1:4b:
         3c:d4:08:18:7d:4b:57:86:72:e7:f6:1a:89:b1:47:c5:19:5b:
         70:cb:6e:9a:e7:d7:8c:8d:91:4e:4c:cb:31:61:69:8c:50:9b:
         b2:74:0d:d4:40:5f:79:f4:74:3d:e5:6c:30:a5:61:81:8e:1a:
         c1:e5:62:81:39:e2:66:2c:50:fb:22:e6:4b:94:53:4a:23:67:
         7a:04:56:6f:53:08:38:0d:c2:5e:1d:b2:55:98:98:ac:65:1e:
         ee:d0:79:dc:3a:51:19:be:01:42:bd:b7:50:76:f2:99:9c:98:
         21:4a:45:9f:8c:9b:f4:d2:4c:cb:bf:85:47:e3:f6:29:cc:71:
         40:84:98:65:71:2d:3d:ef:53:bf:28:6f:1a:d7:eb:f0:eb:aa:
         47:67:5f:68:63:0d:cd:2b:32:67:9b:4c:f7:d1:82:a7:7d:12:
         e3:85:cd:4f:50:27:7e:9f:e6:b6:13:7b:6f:af:13:ea:be:91:
         7c:71:80:a9:0e:a0:b7:76:63:66:62:d9:d5:e6:6c:e2:3b:3c:
         b8:bd:3e:5f:40:0c:ae:42:55:a6:b9:d4:be:1e:40:12:43:74:
         7e:2f:bb:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe52I4f2Eics2jKo8hqnwWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwNjI5MDQwMTA2WhcNMjUwNjMwMDQwMTA2WjAzMTEwLwYDVQQD
EygwMjg2YmU5ZGNkZTM2Yzk4YmI1NGVhNTQ3Zjk2NjIyOWNlZjBlMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUcwd1fKFpD2wY6skxYuYz0DBiL9
vF43RXfI9Tpzq/mxjCZh2Z8DtGU+gcM+n1C1t7/DgUktZeXGxuxU/XhN0YlAbVqp
J5iq6hM80C5Z4KdoRGwjB6yYFroYfYTKSuZXZpcNWl4c5Cmb4IKAOjWMXrvzXxho
iof5wAjvrGY9CfGDs5ma2U02R5geD2ovswT+ptcCw/MCvHNS9ZRKJIe3dEjg7E8d
ttTso06F1wjndb8D1WCXfkdONygvf6g/SRkqxRLr7lQoDMdhId/k3L38G+vYwzfH
McZ4Qns2Rf6REOADJK+Qw/NCJ2SDisqxGa67Q96iFymHfe4rDm+0/VholwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKGvp3N42yYu1TqVH+WYinO8ON7MB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC9QTN2PF
fYuFvbOoz9PC6hi1tKFxSSJX4AbKun58jkGOMPFLPNQIGH1LV4Zy5/YaibFHxRlb
cMtumufXjI2RTkzLMWFpjFCbsnQN1EBfefR0PeVsMKVhgY4aweVigTniZixQ+yLm
S5RTSiNnegRWb1MIOA3CXh2yVZiYrGUe7tB53DpRGb4BQr23UHbymZyYIUpFn4yb
9NJMy7+FR+P2KcxxQISYZXEtPe9TvyhvGtfr8OuqR2dfaGMNzSsyZ5tM99GCp30S
44XNT1Anfp/mthN7b68T6r6RfHGAqQ6gt3ZjZmLZ1eZs4js8uL0+X0AMrkJVprnU
vh5AEkN0fi+78g==
-----END CERTIFICATE-----