Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
File:                     O5pBDtUm-GwybZG2KApEGhbAxnY.mft (raw, json)
Hash identifier:          kehB57/BcXUDw3vZOVcfp1EBy3xR/vFEsFCNesYisHg=
Subject key identifier:   5A:97:20:04:38:AA:11:CF:59:D5:08:77:AA:33:31:C3:2A:13:55:89
Authority key identifier: 3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76
Certificate issuer:       /CN=3b9a410ed526f86c326d91b6280a441a16c0c676
Certificate serial:       0196BFDCB2BDBE2D18508F3BF806FF7CF2B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
Manifest number:          069F
Signing time:             Sun 11 May 2025 15:00:33 +0000
Manifest this update:     Sun 11 May 2025 15:00:33 +0000
Manifest next update:     Mon 12 May 2025 15:00:33 +0000
Files and hashes:         1: O5pBDtUm-GwybZG2KApEGhbAxnY.crl (hash: bO0Zj+JS0Zwws9wUwFHebrqfyUdzrVCJ3UZMfJKDVXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 15:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:dc:b2:bd:be:2d:18:50:8f:3b:f8:06:ff:7c:f2:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b9a410ed526f86c326d91b6280a441a16c0c676
        Validity
            Not Before: May 11 15:00:33 2025 GMT
            Not After : May 12 15:00:33 2025 GMT
        Subject: CN=5a97200438aa11cf59d50877aa3331c32a135589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:38:a6:89:30:f3:e2:f4:98:6f:5f:99:d9:77:
                    86:80:a3:ec:e3:31:a9:66:bd:e7:3d:31:b5:8a:7a:
                    93:be:55:1b:24:b4:cf:34:3c:11:e0:96:f5:fe:53:
                    ff:92:8a:d8:99:0d:90:a5:69:0d:a4:44:8f:35:68:
                    5f:40:7a:cf:45:a6:fb:fe:39:48:f2:41:e8:f9:a1:
                    75:eb:3b:e0:fe:bc:08:dd:71:c8:b4:21:39:f4:a5:
                    06:41:f7:7b:73:22:36:c1:b6:e6:d2:e1:e0:38:35:
                    eb:41:96:64:ac:6c:5d:e2:e8:05:8f:e0:9c:f6:56:
                    5a:1c:44:d8:29:02:3d:42:5a:8c:d8:0d:22:84:38:
                    ab:ca:62:ef:ea:da:b7:3b:f4:78:fe:c1:ea:6f:1e:
                    54:08:a2:4e:23:3d:4a:ca:da:d0:cc:cd:b8:9a:a6:
                    4e:66:b4:ca:a4:19:41:13:60:10:4f:24:dd:1c:f6:
                    21:8b:11:42:92:d5:d1:44:0d:c8:9e:21:80:f9:37:
                    e8:81:ab:60:6e:ac:b1:43:c1:b4:d5:22:5c:f9:0f:
                    02:6f:dc:42:f3:ff:0c:1f:e2:39:27:d7:d7:39:ac:
                    24:eb:fa:9a:95:cb:82:06:87:48:39:9f:e2:05:01:
                    7f:21:72:c7:fc:95:c2:9c:da:06:82:58:05:78:e4:
                    0a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:97:20:04:38:AA:11:CF:59:D5:08:77:AA:33:31:C3:2A:13:55:89
            X509v3 Authority Key Identifier:
                keyid:3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:cf:99:92:1e:66:d8:34:50:1c:cd:15:3a:88:2e:8a:0c:96:
         f7:ac:db:13:26:2e:da:be:30:cf:eb:9c:9f:20:e3:54:8c:3b:
         b2:23:fc:e3:44:01:ed:62:23:8d:9f:ee:b1:33:e2:74:29:19:
         21:80:6c:1a:56:e5:41:83:d1:64:d5:8a:50:39:45:ef:7e:a9:
         88:16:a1:57:90:0b:74:49:bb:5e:f0:ac:0b:32:f4:fd:27:cc:
         5f:10:16:a9:81:ed:67:30:e8:ea:00:15:ae:f1:c3:33:cd:d0:
         a2:37:d7:23:9a:7f:25:63:2d:66:f3:f4:85:12:f5:89:01:6d:
         71:77:86:74:b4:49:6b:31:57:00:40:24:82:3e:1f:90:b3:e3:
         9e:57:b1:5e:af:55:8d:5c:b9:90:6f:64:5d:6f:0e:53:e0:f8:
         0c:28:43:49:17:66:b9:c6:8e:78:d4:0e:ae:bd:15:e7:b6:71:
         2b:df:54:f4:2b:3d:17:a3:b8:d6:8a:28:bc:75:6b:84:a6:64:
         9d:5b:d9:20:4f:58:4c:4b:a5:83:27:26:b5:ca:41:0c:2a:7b:
         51:4d:6f:6d:19:57:3d:9c:b7:d4:9a:53:3b:77:10:cd:0c:4f:
         d8:8d:e7:89:ff:ab:72:31:3c:b9:52:36:4c:e9:56:e6:29:01:
         22:4f:39:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3LK9vi0YUI87+Ab/fPKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOWE0MTBlZDUyNmY4NmMzMjZkOTFiNjI4MGE0NDFhMTZj
MGM2NzYwHhcNMjUwNTExMTUwMDMzWhcNMjUwNTEyMTUwMDMzWjAzMTEwLwYDVQQD
Eyg1YTk3MjAwNDM4YWExMWNmNTlkNTA4NzdhYTMzMzFjMzJhMTM1NTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DimiTDz4vSYb1+Z2XeGgKPs4zGp
Zr3nPTG1inqTvlUbJLTPNDwR4Jb1/lP/korYmQ2QpWkNpESPNWhfQHrPRab7/jlI
8kHo+aF16zvg/rwI3XHItCE59KUGQfd7cyI2wbbm0uHgODXrQZZkrGxd4ugFj+Cc
9lZaHETYKQI9QlqM2A0ihDirymLv6tq3O/R4/sHqbx5UCKJOIz1KytrQzM24mqZO
ZrTKpBlBE2AQTyTdHPYhixFCktXRRA3IniGA+TfogatgbqyxQ8G01SJc+Q8Cb9xC
8/8MH+I5J9fXOawk6/qalcuCBodIOZ/iBQF/IXLH/JXCnNoGglgFeOQKGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqXIAQ4qhHPWdUId6ozMcMqE1WJMB8GA1UdIwQY
MBaAFDuaQQ7VJvhsMm2RtigKRBoWwMZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjct
ZGYwYTZkYzI4MmEwLzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjctZGYwYTZkYzI4MmEw
LzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8+Zkh5m
2DRQHM0VOoguigyW96zbEyYu2r4wz+ucnyDjVIw7siP840QB7WIjjZ/usTPidCkZ
IYBsGlblQYPRZNWKUDlF736piBahV5ALdEm7XvCsCzL0/SfMXxAWqYHtZzDo6gAV
rvHDM83QojfXI5p/JWMtZvP0hRL1iQFtcXeGdLRJazFXAEAkgj4fkLPjnlexXq9V
jVy5kG9kXW8OU+D4DChDSRdmucaOeNQOrr0V57ZxK99U9Cs9F6O41ooovHVrhKZk
nVvZIE9YTEulgycmtcpBDCp7UU1vbRlXPZy31JpTO3cQzQxP2I3nif+rcjE8uVI2
TOlW5ikBIk85iQ==
-----END CERTIFICATE-----