Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
File:                     OQGfnAqym0Lg2xLprIezJ7_FWvk.mft (raw, json)
Hash identifier:          3S+VyKeSXkZPjGYBHKbCsqIHJwoQ5W3JQ68V0qyqjKY=
Subject key identifier:   58:A2:BC:AA:EC:A5:1A:38:2D:75:0A:27:A2:53:6B:94:19:CD:40:FF
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Certificate issuer:       /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial:       0196C34C870726DBD512F638BEEEC8A72263
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
Manifest number:          1534
Signing time:             Mon 12 May 2025 07:01:34 +0000
Manifest this update:     Mon 12 May 2025 07:01:34 +0000
Manifest next update:     Tue 13 May 2025 07:01:34 +0000
Files and hashes:         1: OQGfnAqym0Lg2xLprIezJ7_FWvk.crl (hash: D240DaNcKe9p1w4YP/wMB9lcQFwQgzEQP0MF9EikXq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:87:07:26:db:d5:12:f6:38:be:ee:c8:a7:22:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
        Validity
            Not Before: May 12 07:01:34 2025 GMT
            Not After : May 13 07:01:34 2025 GMT
        Subject: CN=58a2bcaaeca51a382d750a27a2536b9419cd40ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c0:86:cf:48:6b:64:d1:41:b0:cd:78:1a:cf:
                    7a:7a:48:f0:d0:5c:c8:01:f4:83:c8:fe:98:3a:d1:
                    21:d8:ce:36:f8:e3:05:7d:a8:cd:0e:7e:9f:d4:e6:
                    44:5e:95:09:de:83:ea:85:d0:98:8a:7b:04:46:38:
                    3e:b2:11:8e:29:6f:49:64:22:fe:3d:76:49:ae:db:
                    25:3c:83:30:82:84:45:f4:93:0d:7f:f7:14:fa:81:
                    c8:73:21:a4:60:9e:2c:ed:1d:18:af:62:3b:6e:66:
                    46:4b:75:f8:80:5b:53:94:4c:51:23:86:85:ea:86:
                    2b:0b:fe:96:f3:43:7b:4f:ae:01:8e:2b:c9:92:86:
                    bd:c3:fd:0f:c6:03:37:73:27:60:5e:ba:b8:64:9c:
                    3a:dc:f4:40:d8:82:ac:9c:40:7d:f0:d7:30:38:68:
                    56:4b:2f:27:2b:50:f9:f3:fe:1a:b5:33:c3:00:42:
                    cc:66:6d:5c:bb:ca:a3:98:7d:b8:77:4f:1b:30:8f:
                    5b:00:70:20:27:21:03:c6:45:1b:8e:92:e3:b4:de:
                    a8:7b:85:17:47:43:44:3f:a0:4e:95:97:bf:3e:40:
                    86:fe:19:54:be:f1:32:4b:eb:7e:da:f0:77:00:62:
                    bb:3e:26:c2:b5:31:02:6e:a2:ba:40:2e:60:cf:90:
                    74:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A2:BC:AA:EC:A5:1A:38:2D:75:0A:27:A2:53:6B:94:19:CD:40:FF
            X509v3 Authority Key Identifier:
                keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:f7:f9:41:b2:82:b2:18:7f:29:50:9b:4d:38:52:54:27:36:
         d9:d5:40:8a:ca:e4:7d:c3:e1:c6:12:a5:9a:1c:e7:d5:ec:ef:
         97:6f:25:e4:ad:1f:e7:83:04:01:4c:c8:2c:23:ed:63:da:0b:
         85:1d:65:e6:b6:5c:75:c1:ea:37:cf:e1:72:d7:c2:0a:6c:af:
         21:f1:80:59:28:3b:a1:3c:6e:b2:90:8c:99:fd:f2:52:0d:91:
         f8:c9:d9:1c:b3:e5:ad:69:d7:d4:7f:00:8c:79:a3:f3:bb:39:
         87:8b:70:ca:5c:34:66:e8:ca:95:23:6f:56:47:66:d3:7f:d6:
         22:aa:67:1b:1b:53:47:84:d5:c0:3b:93:b9:20:45:be:fd:3c:
         95:6d:db:06:ab:58:af:a2:bb:4a:69:dd:c4:9e:86:e9:e7:84:
         1c:86:f1:44:b3:2e:40:dd:94:c7:ca:6c:c6:97:45:6a:f4:34:
         14:68:ec:2f:2c:ba:9e:af:47:4c:e4:93:47:58:15:15:e8:e6:
         67:7e:a4:b2:84:d7:93:f8:41:53:b6:b2:3f:1d:a7:ff:cc:3c:
         46:9e:f3:51:65:e2:4b:84:06:51:7a:ae:0f:d9:b6:a2:cf:7f:
         a1:fd:58:0d:c3:c0:74:3e:ba:cf:eb:81:e2:c6:97:9e:3f:c1:
         d6:0b:ab:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTIcHJtvVEvY4vu7IpyJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDE5ZjljMGFiMjliNDJlMGRiMTJlOWFjODdiMzI3YmZj
NTVhZjkwHhcNMjUwNTEyMDcwMTM0WhcNMjUwNTEzMDcwMTM0WjAzMTEwLwYDVQQD
Eyg1OGEyYmNhYWVjYTUxYTM4MmQ3NTBhMjdhMjUzNmI5NDE5Y2Q0MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8CGz0hrZNFBsM14Gs96ekjw0FzI
AfSDyP6YOtEh2M42+OMFfajNDn6f1OZEXpUJ3oPqhdCYinsERjg+shGOKW9JZCL+
PXZJrtslPIMwgoRF9JMNf/cU+oHIcyGkYJ4s7R0Yr2I7bmZGS3X4gFtTlExRI4aF
6oYrC/6W80N7T64BjivJkoa9w/0PxgM3cydgXrq4ZJw63PRA2IKsnEB98NcwOGhW
Sy8nK1D58/4atTPDAELMZm1cu8qjmH24d08bMI9bAHAgJyEDxkUbjpLjtN6oe4UX
R0NEP6BOlZe/PkCG/hlUvvEyS+t+2vB3AGK7PibCtTECbqK6QC5gz5B0XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiivKrspRo4LXUKJ6JTa5QZzUD/MB8GA1UdIwQY
MBaAFDkBn5wKsptC4NsS6ayHsye/xVr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYt
Nzg4ZjVhNTgwNDRmLzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYtNzg4ZjVhNTgwNDRm
LzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATPf5QbKC
shh/KVCbTThSVCc22dVAisrkfcPhxhKlmhzn1ezvl28l5K0f54MEAUzILCPtY9oL
hR1l5rZcdcHqN8/hctfCCmyvIfGAWSg7oTxuspCMmf3yUg2R+MnZHLPlrWnX1H8A
jHmj87s5h4twylw0ZujKlSNvVkdm03/WIqpnGxtTR4TVwDuTuSBFvv08lW3bBqtY
r6K7SmndxJ6G6eeEHIbxRLMuQN2Ux8psxpdFavQ0FGjsLyy6nq9HTOSTR1gVFejm
Z36ksoTXk/hBU7ayPx2n/8w8Rp7zUWXiS4QGUXquD9m2os9/of1YDcPAdD66z+uB
4saXnj/B1gur/A==
-----END CERTIFICATE-----