Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          qDY9gE9hKBORkWae7MLyDnO4A5fPYntnc9Gxp90fsdg=
Subject key identifier:   BA:5C:21:50:57:18:38:B3:A9:CD:4E:50:CD:4C:7C:21:01:EA:44:BA
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0196CDCF571909650B90ABB8B1EFA7743CCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          04B8
Signing time:             Wed 14 May 2025 08:00:39 +0000
Manifest this update:     Wed 14 May 2025 08:00:39 +0000
Manifest next update:     Thu 15 May 2025 08:00:39 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: QcvoqEMF2DX2ackg0wmThZRyekThg+kx0+tpiquolGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cd:cf:57:19:09:65:0b:90:ab:b8:b1:ef:a7:74:3c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: May 14 08:00:39 2025 GMT
            Not After : May 15 08:00:39 2025 GMT
        Subject: CN=ba5c2150571838b3a9cd4e50cd4c7c2101ea44ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:20:c9:89:3c:e3:e8:13:2f:a7:ec:c6:4c:15:
                    f7:49:ae:be:46:04:67:5d:25:80:ae:46:3b:ac:76:
                    43:94:8d:59:d5:09:99:b1:2b:d7:a9:b8:25:dd:c8:
                    2f:de:3f:c1:b8:2d:6f:db:e5:8f:4e:02:13:d1:87:
                    e8:38:1f:42:ad:a3:b5:df:ef:cb:d6:ba:c2:70:92:
                    b4:16:9c:50:fc:0e:a1:83:68:9b:22:5b:ef:a0:76:
                    22:01:4c:68:99:f6:73:8c:b3:1b:fe:3d:f0:65:2c:
                    2f:b5:2c:69:f5:3a:d6:cf:d7:b9:75:cf:fb:e1:40:
                    26:86:aa:3c:30:ba:a9:61:2e:a1:ec:45:b6:14:c1:
                    cd:ad:96:12:df:77:16:10:5e:97:20:8e:c6:15:c9:
                    90:33:51:8e:39:a7:57:fe:0f:b6:df:8e:d3:99:8d:
                    86:4e:72:05:23:5c:41:39:2a:dd:24:05:37:06:f9:
                    53:a8:70:6e:d8:7a:5b:ff:d2:bf:e3:25:6e:6d:63:
                    1c:a0:36:9e:60:a1:90:0e:e1:96:fa:4d:91:14:bd:
                    ea:68:36:2c:a4:35:2b:db:bc:85:6c:eb:9c:6c:bd:
                    4f:a5:85:3a:e7:6d:fa:35:52:6d:89:b4:e4:0a:e6:
                    ff:fa:ce:cf:8c:69:a4:16:b3:ea:b7:05:51:15:36:
                    39:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:5C:21:50:57:18:38:B3:A9:CD:4E:50:CD:4C:7C:21:01:EA:44:BA
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:57:e7:f9:ea:20:d2:bd:90:59:e7:c8:94:0b:22:05:40:f3:
         6c:ba:6d:33:9b:4f:8d:15:b0:89:45:ad:d3:ba:19:aa:09:ff:
         18:4e:bb:f0:ab:97:81:28:cf:1b:fc:2e:f2:92:5b:d2:09:b1:
         7e:1c:e2:b7:52:bc:2c:0f:98:8c:ac:e4:a9:5c:ec:c1:ac:14:
         6a:b5:8a:07:e2:ab:cd:ef:dc:e2:5a:97:30:45:b5:c8:9b:c4:
         5a:32:47:1c:1e:c3:9d:cf:50:2c:0a:e5:4b:fe:b3:e9:79:79:
         97:bb:59:9a:14:f1:c1:cd:c4:1d:90:1f:cb:96:12:b7:5b:20:
         83:e3:0d:72:4c:b1:68:72:c7:9c:cb:43:93:77:cf:dd:d0:f8:
         60:0d:6f:49:dd:be:4a:1f:9f:8c:af:14:2a:22:7d:1f:1b:75:
         52:f5:8c:ad:f2:f4:59:5b:e9:df:d8:ce:99:d7:dc:5c:62:c3:
         5c:45:56:78:9a:f6:bb:82:2c:cc:56:f3:34:dc:7e:eb:b1:92:
         52:1d:68:36:e0:ae:d1:bf:95:db:f0:f2:08:5a:1d:93:ad:bf:
         46:b4:df:a4:73:a7:e0:3b:f1:16:09:bc:76:26:85:49:69:54:
         1c:ed:0f:50:ed:5d:a6:85:6c:ab:8f:5f:00:1c:b6:46:62:0c:
         d7:a4:a1:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbNz1cZCWULkKu4se+ndDzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUwNTE0MDgwMDM5WhcNMjUwNTE1MDgwMDM5WjAzMTEwLwYDVQQD
EyhiYTVjMjE1MDU3MTgzOGIzYTljZDRlNTBjZDRjN2MyMTAxZWE0NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCDJiTzj6BMvp+zGTBX3Sa6+RgRn
XSWArkY7rHZDlI1Z1QmZsSvXqbgl3cgv3j/BuC1v2+WPTgIT0YfoOB9CraO13+/L
1rrCcJK0FpxQ/A6hg2ibIlvvoHYiAUxomfZzjLMb/j3wZSwvtSxp9TrWz9e5dc/7
4UAmhqo8MLqpYS6h7EW2FMHNrZYS33cWEF6XII7GFcmQM1GOOadX/g+2347TmY2G
TnIFI1xBOSrdJAU3BvlTqHBu2Hpb/9K/4yVubWMcoDaeYKGQDuGW+k2RFL3qaDYs
pDUr27yFbOucbL1PpYU65236NVJtibTkCub/+s7PjGmkFrPqtwVRFTY5WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpcIVBXGDizqc1OUM1MfCEB6kS6MB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFfn+eog
0r2QWefIlAsiBUDzbLptM5tPjRWwiUWt07oZqgn/GE678KuXgSjPG/wu8pJb0gmx
fhzit1K8LA+YjKzkqVzswawUarWKB+Krze/c4lqXMEW1yJvEWjJHHB7Dnc9QLArl
S/6z6Xl5l7tZmhTxwc3EHZAfy5YSt1sgg+MNckyxaHLHnMtDk3fP3dD4YA1vSd2+
Sh+fjK8UKiJ9Hxt1UvWMrfL0WVvp39jOmdfcXGLDXEVWeJr2u4IszFbzNNx+67GS
Uh1oNuCu0b+V2/DyCFodk62/RrTfpHOn4DvxFgm8diaFSWlUHO0PUO1dpoVsq49f
ABy2RmIM16Shsg==
-----END CERTIFICATE-----