Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          MU6wXfQuYYHZV/rGMJPkeagK1cSDYrEJIL885aWBTYM=
Subject key identifier:   CC:1C:A9:5B:31:C6:AC:ED:66:A5:F0:B8:4F:36:5B:93:45:A9:F6:FB
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       0197B6A1F2877282B4DA080B6EC1A4C1EFF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0D0F
Signing time:             Sat 28 Jun 2025 13:02:35 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:35 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:35 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: DtJ007LTHU/pRZH29u6/mlM9csbJ2H9b9ntY8dGZnqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:f2:87:72:82:b4:da:08:0b:6e:c1:a4:c1:ef:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Jun 28 13:02:35 2025 GMT
            Not After : Jun 29 13:02:35 2025 GMT
        Subject: CN=cc1ca95b31c6aced66a5f0b84f365b9345a9f6fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f4:07:f5:9c:4a:5d:13:02:10:f8:ad:b3:5e:
                    b5:05:1c:b1:fc:20:37:0d:b5:dd:e2:9f:c6:7e:f2:
                    01:48:53:45:89:e9:b5:54:e1:1d:46:82:2b:14:c4:
                    cd:1c:31:56:86:db:3d:cb:77:be:80:83:84:e8:a9:
                    92:c5:96:fa:6c:30:83:80:0d:6e:a1:bb:7b:7b:d3:
                    c3:66:29:d3:91:a4:f3:32:1f:51:29:2a:93:34:c0:
                    3f:b0:1b:2e:08:7c:50:00:f1:ee:61:96:89:20:5d:
                    00:0b:bd:51:2b:ab:12:66:b2:ef:36:4d:4b:c0:9b:
                    84:2c:5a:f7:6b:7b:bf:92:c2:f8:53:ef:ad:74:ac:
                    03:37:21:5e:cc:1a:80:2d:8e:58:5f:ae:b9:08:f5:
                    5f:67:17:ec:fc:31:92:4a:2a:55:bb:56:99:ea:67:
                    7e:dc:69:cd:31:2a:b8:0b:14:bf:06:6c:02:b6:1d:
                    d7:73:f0:cb:68:51:0b:91:4d:d1:dc:fd:f1:7b:94:
                    ce:6d:21:a2:82:c6:e4:f6:7b:a0:b5:01:34:32:c0:
                    04:f0:3f:ec:ee:c0:39:4b:bc:86:b2:3a:e4:92:87:
                    df:01:a2:59:c9:b6:19:83:b6:44:f5:1a:ba:4e:91:
                    ae:73:10:be:dd:a3:2f:5b:07:4a:d0:ad:b3:5d:a5:
                    b6:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:1C:A9:5B:31:C6:AC:ED:66:A5:F0:B8:4F:36:5B:93:45:A9:F6:FB
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:62:c1:df:9a:89:54:cd:f4:01:35:a7:9f:ee:e5:f2:24:93:
         3a:00:18:85:c0:d3:0e:f5:c4:1e:de:ee:ed:d1:e9:c9:0c:74:
         5d:26:df:32:0b:b1:28:0e:0c:2a:41:4a:21:30:b3:1f:fb:42:
         75:f9:19:a8:33:30:fd:6e:c4:06:55:1c:11:13:0a:a4:95:db:
         ea:23:0f:dd:d1:be:08:04:c8:8f:b3:dc:ac:b8:49:75:5c:ce:
         45:75:21:19:a4:52:de:c5:3d:35:1c:a7:01:a7:7b:29:a0:98:
         b4:7f:02:bd:00:af:9a:71:8a:ea:55:db:f7:b4:1e:ca:e4:54:
         b9:66:e1:64:48:d3:f0:ac:e4:cb:6c:9c:7c:c8:30:b2:57:d2:
         a2:a1:60:59:85:fc:df:db:25:17:98:5a:d8:87:c5:4f:57:3d:
         10:b9:aa:a4:de:49:11:21:1e:bd:cb:24:8c:75:8b:fb:4d:6d:
         68:51:9d:8f:58:2d:b9:01:f2:42:07:ad:03:3f:ca:17:0a:ad:
         da:93:c9:41:54:49:a3:96:a9:46:dc:df:7f:19:42:8d:2b:7e:
         43:4f:5f:b1:52:d2:10:eb:5f:8f:91:c3:fb:6f:4a:88:94:39:
         13:7d:58:0b:3e:c2:52:ed:63:8e:f6:da:4e:ea:42:3e:12:a4:
         ac:64:3e:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ofKHcoK02ggLbsGkwe/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjUwNjI4MTMwMjM1WhcNMjUwNjI5MTMwMjM1WjAzMTEwLwYDVQQD
EyhjYzFjYTk1YjMxYzZhY2VkNjZhNWYwYjg0ZjM2NWI5MzQ1YTlmNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfQH9ZxKXRMCEPits161BRyx/CA3
DbXd4p/GfvIBSFNFiem1VOEdRoIrFMTNHDFWhts9y3e+gIOE6KmSxZb6bDCDgA1u
obt7e9PDZinTkaTzMh9RKSqTNMA/sBsuCHxQAPHuYZaJIF0AC71RK6sSZrLvNk1L
wJuELFr3a3u/ksL4U++tdKwDNyFezBqALY5YX665CPVfZxfs/DGSSipVu1aZ6md+
3GnNMSq4CxS/BmwCth3Xc/DLaFELkU3R3P3xe5TObSGigsbk9nugtQE0MsAE8D/s
7sA5S7yGsjrkkoffAaJZybYZg7ZE9Rq6TpGucxC+3aMvWwdK0K2zXaW2rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwcqVsxxqztZqXwuE82W5NFqfb7MB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGLB35qJ
VM30ATWnn+7l8iSTOgAYhcDTDvXEHt7u7dHpyQx0XSbfMguxKA4MKkFKITCzH/tC
dfkZqDMw/W7EBlUcERMKpJXb6iMP3dG+CATIj7PcrLhJdVzORXUhGaRS3sU9NRyn
Aad7KaCYtH8CvQCvmnGK6lXb97QeyuRUuWbhZEjT8Kzky2ycfMgwslfSoqFgWYX8
39slF5ha2IfFT1c9ELmqpN5JESEevcskjHWL+01taFGdj1gtuQHyQgetAz/KFwqt
2pPJQVRJo5apRtzffxlCjSt+Q09fsVLSEOtfj5HD+29KiJQ5E31YCz7CUu1jjvba
TupCPhKkrGQ+2A==
-----END CERTIFICATE-----