Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          k4t7i1Embt/bEQRq9Sbd1kS/2FGgKbjxaP7BF25hX9M=
Subject key identifier:   1F:C0:E3:96:D4:F7:E0:54:01:30:72:C4:C8:7B:CF:3D:53:3B:34:95
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       01976C2ACF7446D8F8437FA8FCE0F49ED9DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          048B
Signing time:             Sat 14 Jun 2025 02:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:34 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: WDxuTZIrGuR+zqmo7BzNG9fuy9G3sAaHyuUo42sn4eo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:cf:74:46:d8:f8:43:7f:a8:fc:e0:f4:9e:d9:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Jun 14 02:00:34 2025 GMT
            Not After : Jun 15 02:00:34 2025 GMT
        Subject: CN=1fc0e396d4f7e054013072c4c87bcf3d533b3495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f3:8b:27:3d:1e:63:24:83:c9:4b:ea:a5:99:
                    ca:7f:9b:d5:db:47:61:2d:49:9a:f0:46:9f:44:33:
                    dc:d0:0d:10:de:1e:fa:cf:d7:c2:94:5b:6d:24:9c:
                    45:1f:d0:fc:ad:30:80:f9:f9:fb:be:cd:12:39:23:
                    a8:f4:55:c8:77:ee:b6:d6:57:11:0a:89:bc:f1:76:
                    f6:c2:39:23:50:76:b6:6a:cd:89:f8:8b:20:01:c8:
                    25:2e:6d:80:ee:27:91:1e:03:2a:80:19:9e:f9:2a:
                    f4:88:a9:03:f9:01:4e:ce:e4:5e:46:fe:8c:7d:92:
                    aa:b4:59:88:15:66:9e:4e:93:c6:12:06:e4:a4:1f:
                    5c:6c:58:00:33:38:bc:07:9f:48:4b:ae:b6:20:bb:
                    28:7f:71:de:51:9f:7b:40:86:ee:38:df:06:b8:fd:
                    eb:37:09:59:18:1b:da:76:87:bd:81:53:51:23:9f:
                    9a:0f:10:af:3d:81:07:d3:6c:36:f3:81:e3:3e:b0:
                    e4:25:64:1e:e9:35:61:d8:74:a0:5e:d5:de:ee:c0:
                    80:5b:fa:bd:12:88:1a:31:cd:a5:4d:9b:f6:3c:c1:
                    3b:98:58:37:f5:f7:75:f4:36:10:37:d6:b6:f5:b3:
                    dc:69:3b:b8:49:65:a5:49:40:c1:72:16:ad:03:bd:
                    18:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:C0:E3:96:D4:F7:E0:54:01:30:72:C4:C8:7B:CF:3D:53:3B:34:95
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:84:43:9b:64:11:98:cb:d1:1f:4c:8a:b1:37:ea:ed:48:33:
         52:7a:7c:64:ec:56:3a:d3:b9:f8:12:c1:86:e9:fe:98:08:10:
         0c:02:d9:40:aa:6c:21:d8:96:3e:9c:82:8f:61:bb:f5:06:1b:
         75:86:82:23:1f:e5:6a:6c:54:79:4c:8d:6e:8d:d0:a7:bb:4f:
         c9:d3:5e:2d:6c:45:88:25:08:92:b1:11:53:04:58:bc:5d:97:
         16:1b:e1:a8:46:9c:d0:72:90:43:88:71:eb:84:a2:00:0a:58:
         4f:a7:8f:c1:4f:da:76:94:04:90:2e:9a:94:28:a4:99:dc:34:
         0b:5d:27:f7:bd:12:95:be:96:1d:b7:11:c6:66:55:c1:ac:8c:
         f8:72:c6:55:e4:c3:eb:37:23:7b:8a:20:5b:5d:6e:78:46:9b:
         64:5f:77:6b:5a:96:99:33:55:63:d4:25:77:3f:f7:66:1c:95:
         22:be:a8:43:e5:87:da:8e:0f:97:88:d4:5c:52:63:02:49:18:
         da:86:5c:6f:92:2f:aa:0b:0a:cf:53:66:cb:7c:a5:6b:8e:7d:
         05:e8:7c:04:fa:c9:c7:65:d1:fe:ec:10:9c:e7:d4:17:b0:aa:
         8e:ec:8a:26:c4:84:fe:9a:38:96:ab:4a:11:50:96:d3:00:f2:
         8f:4f:83:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKs90Rtj4Q3+o/OD0ntneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwNjE0MDIwMDM0WhcNMjUwNjE1MDIwMDM0WjAzMTEwLwYDVQQD
EygxZmMwZTM5NmQ0ZjdlMDU0MDEzMDcyYzRjODdiY2YzZDUzM2IzNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvOLJz0eYySDyUvqpZnKf5vV20dh
LUma8EafRDPc0A0Q3h76z9fClFttJJxFH9D8rTCA+fn7vs0SOSOo9FXId+621lcR
Com88Xb2wjkjUHa2as2J+IsgAcglLm2A7ieRHgMqgBme+Sr0iKkD+QFOzuReRv6M
fZKqtFmIFWaeTpPGEgbkpB9cbFgAMzi8B59IS662ILsof3HeUZ97QIbuON8GuP3r
NwlZGBvadoe9gVNRI5+aDxCvPYEH02w284HjPrDkJWQe6TVh2HSgXtXe7sCAW/q9
EogaMc2lTZv2PME7mFg39fd19DYQN9a29bPcaTu4SWWlSUDBchatA70YxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/A45bU9+BUATByxMh7zz1TOzSVMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGIRDm2QR
mMvRH0yKsTfq7UgzUnp8ZOxWOtO5+BLBhun+mAgQDALZQKpsIdiWPpyCj2G79QYb
dYaCIx/lamxUeUyNbo3Qp7tPydNeLWxFiCUIkrERUwRYvF2XFhvhqEac0HKQQ4hx
64SiAApYT6ePwU/adpQEkC6alCikmdw0C10n970Slb6WHbcRxmZVwayM+HLGVeTD
6zcje4ogW11ueEabZF93a1qWmTNVY9Qldz/3ZhyVIr6oQ+WH2o4Pl4jUXFJjAkkY
2oZcb5IvqgsKz1Nmy3yla459Beh8BPrJx2XR/uwQnOfUF7CqjuyKJsSE/po4lqtK
EVCW0wDyj0+DyA==
-----END CERTIFICATE-----