Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          i3/9oQdg4JWcYzKl3mSe+yueUMNZsQrMVyXJgdnwp2Q=
Subject key identifier:   79:06:51:63:1B:B9:CF:39:D4:1F:70:45:DC:F7:A8:1F:FD:4D:1B:7E
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       0196C5033061DE4EE1D1DF6CB67445E036EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          1535
Signing time:             Mon 12 May 2025 15:00:42 +0000
Manifest this update:     Mon 12 May 2025 15:00:42 +0000
Manifest next update:     Tue 13 May 2025 15:00:42 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: lUgYZxKKmKInV01bpy1c1BptqXtGrcAD5ZqQmMSUA5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:03:30:61:de:4e:e1:d1:df:6c:b6:74:45:e0:36:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: May 12 15:00:42 2025 GMT
            Not After : May 13 15:00:42 2025 GMT
        Subject: CN=790651631bb9cf39d41f7045dcf7a81ffd4d1b7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:76:bf:e3:28:cb:a5:0d:ae:df:f1:38:d9:68:
                    bc:8c:d7:a7:3a:2a:03:5c:d4:f7:81:7c:c2:0e:14:
                    68:a4:a6:28:f6:d9:8c:17:72:5e:12:08:a5:c1:88:
                    2e:e7:de:da:5a:0a:9d:b9:a4:e4:58:82:fe:4e:43:
                    c4:1a:c3:f6:9d:12:71:ad:a8:6e:ea:06:a3:17:91:
                    b5:38:b0:b5:ed:bb:e9:80:6c:18:4c:2a:e7:5a:b0:
                    cc:64:50:94:26:31:68:bc:ab:48:6a:d0:0b:ef:9d:
                    1f:db:03:b3:ee:e0:0f:58:f8:0d:cd:89:43:6a:0d:
                    a5:b7:bc:f3:52:cf:6e:45:6c:1a:5b:7c:23:58:f8:
                    a1:51:dd:d0:19:5f:b1:ef:bf:f7:5b:87:20:2e:a7:
                    60:ba:7f:98:6c:3d:82:78:7d:fc:f0:6a:17:5f:ba:
                    43:10:9b:fd:3f:de:7c:eb:f8:d8:5a:1b:08:ee:c5:
                    f0:02:c5:8d:d7:2a:8f:5e:4a:cd:ff:8a:75:ae:0f:
                    37:7e:2f:f8:d1:61:bf:81:91:70:0b:25:1f:e6:52:
                    0b:b9:b7:c9:6e:a0:8e:fb:72:7d:c6:26:52:1b:98:
                    61:6c:f7:ca:91:35:76:d1:c9:54:8e:08:16:03:d5:
                    82:6d:48:71:8a:73:c1:aa:dc:b0:79:10:29:0a:8c:
                    c9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:06:51:63:1B:B9:CF:39:D4:1F:70:45:DC:F7:A8:1F:FD:4D:1B:7E
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:7e:8d:6c:ee:9c:e5:7d:fd:6e:ee:b0:6a:d8:d7:1a:47:f7:
         63:1d:43:0c:66:a3:d9:1e:1e:ea:44:8d:f1:3f:ba:24:93:de:
         fc:7b:3e:34:1a:11:7d:bc:c9:ae:87:9b:f9:e6:25:60:97:83:
         9e:df:f8:98:ad:4e:6b:27:86:17:f3:c5:d1:34:01:54:e4:93:
         e1:13:0e:58:fa:a1:b8:3d:20:30:94:c5:68:e1:54:48:a5:fa:
         46:57:21:ba:30:95:fb:75:c4:47:af:6a:82:a0:31:3c:83:4a:
         9e:14:60:83:65:4d:24:5d:f3:d1:19:ff:2a:39:fa:0d:5b:5d:
         87:26:dc:af:37:ab:f2:8f:ae:00:6b:2e:56:56:98:69:9c:a5:
         df:bd:eb:f1:2f:75:de:34:46:e8:6b:b8:12:55:99:e6:fd:36:
         56:b2:62:a7:cc:81:fe:b6:99:ad:09:ad:8b:70:0d:f8:24:6b:
         cf:c4:68:2e:94:71:ed:0c:98:bc:f8:a1:44:6c:6e:80:87:05:
         56:6a:79:ce:c2:88:8e:0c:c9:b0:eb:7b:b5:46:ff:e0:a6:bd:
         f6:10:78:51:79:37:69:a3:20:11:c7:aa:b1:0f:5a:65:0c:d9:
         ca:7b:13:b6:3d:18:8a:ce:80:ff:0d:0a:10:be:aa:42:0c:78:
         70:ff:29:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFAzBh3k7h0d9stnRF4DbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjUwNTEyMTUwMDQyWhcNMjUwNTEzMTUwMDQyWjAzMTEwLwYDVQQD
Eyg3OTA2NTE2MzFiYjljZjM5ZDQxZjcwNDVkY2Y3YTgxZmZkNGQxYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnna/4yjLpQ2u3/E42Wi8jNenOioD
XNT3gXzCDhRopKYo9tmMF3JeEgilwYgu597aWgqduaTkWIL+TkPEGsP2nRJxrahu
6gajF5G1OLC17bvpgGwYTCrnWrDMZFCUJjFovKtIatAL750f2wOz7uAPWPgNzYlD
ag2lt7zzUs9uRWwaW3wjWPihUd3QGV+x77/3W4cgLqdgun+YbD2CeH388GoXX7pD
EJv9P9586/jYWhsI7sXwAsWN1yqPXkrN/4p1rg83fi/40WG/gZFwCyUf5lILubfJ
bqCO+3J9xiZSG5hhbPfKkTV20clUjggWA9WCbUhxinPBqtyweRApCozJRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkGUWMbuc851B9wRdz3qB/9TRt+MB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkH6NbO6c
5X39bu6watjXGkf3Yx1DDGaj2R4e6kSN8T+6JJPe/Hs+NBoRfbzJroeb+eYlYJeD
nt/4mK1OayeGF/PF0TQBVOST4RMOWPqhuD0gMJTFaOFUSKX6RlchujCV+3XER69q
gqAxPINKnhRgg2VNJF3z0Rn/Kjn6DVtdhybcrzer8o+uAGsuVlaYaZyl373r8S91
3jRG6Gu4ElWZ5v02VrJip8yB/raZrQmti3AN+CRrz8RoLpRx7QyYvPihRGxugIcF
Vmp5zsKIjgzJsOt7tUb/4Ka99hB4UXk3aaMgEceqsQ9aZQzZynsTtj0Yis6A/w0K
EL6qQgx4cP8p8Q==
-----END CERTIFICATE-----