Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          5rlAVR2uDeQfVy6j+mjthpKVCQrhXdsjwmKS7ULdsZM=
Subject key identifier:   BA:B0:AC:79:CA:74:2F:8B:AC:A1:E1:49:74:A4:44:BA:1A:B6:F8:35
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       01988BEA48DF7789BB523FD73ED930FFE4E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0520
Signing time:             Fri 08 Aug 2025 23:00:43 +0000
Manifest this update:     Fri 08 Aug 2025 23:00:43 +0000
Manifest next update:     Sat 09 Aug 2025 23:00:43 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: vNhz1jcGYJ0xALddnbTQwRo7XH7e4dYVdIa7G6nU5wk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:48:df:77:89:bb:52:3f:d7:3e:d9:30:ff:e4:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Aug  8 23:00:43 2025 GMT
            Not After : Aug  9 23:00:43 2025 GMT
        Subject: CN=bab0ac79ca742f8baca1e14974a444ba1ab6f835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8b:1e:5e:5b:2d:a6:4e:63:25:4f:38:2f:3e:
                    da:09:5f:ba:8b:c1:c0:5a:45:10:98:70:73:58:91:
                    97:a1:ed:36:f6:f5:6e:59:18:da:1f:36:3c:08:58:
                    f4:d3:5a:f6:6e:a9:22:8b:e5:95:22:4c:6f:aa:69:
                    91:2b:37:a1:f2:79:72:39:4f:8d:dd:fe:55:a6:2c:
                    00:2a:25:84:be:fe:1c:4a:98:e6:42:35:f9:23:34:
                    30:23:26:18:c8:8a:8d:af:b4:d9:ef:c0:a4:b1:0b:
                    ea:36:be:ab:67:1b:94:82:cc:e2:32:59:2e:5c:3a:
                    2a:89:35:36:e6:09:8b:4d:91:68:cb:3d:90:c3:63:
                    e6:04:03:ed:00:e2:9f:a6:4e:cb:f1:16:a4:f0:05:
                    0d:46:80:08:b4:5f:68:e5:af:f0:8c:20:c7:5f:84:
                    0f:c1:9e:a2:e5:74:d2:7b:a2:ca:6b:a5:05:85:37:
                    11:ce:e8:7e:d4:6a:cc:28:7b:04:52:b4:82:ea:bb:
                    96:44:64:bd:37:4e:a9:0e:13:91:06:d7:01:62:2f:
                    60:2a:97:a0:b8:a8:d3:ac:8b:5e:52:0e:17:70:38:
                    d4:4b:d3:d0:da:69:84:94:1f:43:ff:0a:73:a8:4a:
                    6b:6d:28:58:57:0a:e4:b1:61:b3:32:31:d5:95:57:
                    0b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B0:AC:79:CA:74:2F:8B:AC:A1:E1:49:74:A4:44:BA:1A:B6:F8:35
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:0f:f1:8d:bc:b0:04:e7:e4:06:d1:97:8d:9d:b4:56:e1:67:
         ea:d6:4c:4d:17:e7:4b:7f:9c:33:03:f1:4a:0c:5c:c4:e2:b6:
         26:e8:a1:37:bd:48:bb:e0:b4:e3:31:e6:a9:e2:28:fc:8e:e2:
         aa:d1:2e:9d:65:ef:4c:85:07:e0:8f:05:fe:6c:24:54:6c:a0:
         e3:51:20:1e:37:ee:f2:fa:92:91:8b:d7:7d:1e:bc:d4:46:00:
         23:d9:4e:ec:0c:27:10:89:88:90:52:13:40:99:2f:44:15:6e:
         ea:00:eb:e0:35:db:91:3d:4f:84:ac:a9:58:68:d3:77:2e:bd:
         58:01:22:85:09:70:69:d7:bd:ec:a5:d4:b1:81:df:b9:80:f4:
         b1:f0:24:97:ea:59:26:51:e2:3a:70:1d:e9:49:cd:28:f7:bf:
         64:20:93:c5:c9:9c:61:9e:c1:16:8b:46:e6:19:cf:ad:2a:0c:
         80:5d:d5:d9:1f:b5:41:95:d5:ec:ec:ff:26:ef:e8:4e:0d:dd:
         be:c6:40:f4:83:61:2f:6e:aa:b9:15:7d:a4:a9:82:ee:c1:77:
         55:46:c9:83:8b:54:73:8e:d1:d3:21:f9:54:93:e3:0d:7e:e3:
         76:ba:09:46:8b:1f:8c:4d:69:4d:29:68:1b:f5:e5:8d:43:94:
         b7:96:b9:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6kjfd4m7Uj/XPtkw/+TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwODA4MjMwMDQzWhcNMjUwODA5MjMwMDQzWjAzMTEwLwYDVQQD
EyhiYWIwYWM3OWNhNzQyZjhiYWNhMWUxNDk3NGE0NDRiYTFhYjZmODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoseXlstpk5jJU84Lz7aCV+6i8HA
WkUQmHBzWJGXoe029vVuWRjaHzY8CFj001r2bqkii+WVIkxvqmmRKzeh8nlyOU+N
3f5VpiwAKiWEvv4cSpjmQjX5IzQwIyYYyIqNr7TZ78CksQvqNr6rZxuUgsziMlku
XDoqiTU25gmLTZFoyz2Qw2PmBAPtAOKfpk7L8Rak8AUNRoAItF9o5a/wjCDHX4QP
wZ6i5XTSe6LKa6UFhTcRzuh+1GrMKHsEUrSC6ruWRGS9N06pDhORBtcBYi9gKpeg
uKjTrIteUg4XcDjUS9PQ2mmElB9D/wpzqEprbShYVwrksWGzMjHVlVcLmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqwrHnKdC+LrKHhSXSkRLoatvg1MB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEw/xjbyw
BOfkBtGXjZ20VuFn6tZMTRfnS3+cMwPxSgxcxOK2JuihN71Iu+C04zHmqeIo/I7i
qtEunWXvTIUH4I8F/mwkVGyg41EgHjfu8vqSkYvXfR681EYAI9lO7AwnEImIkFIT
QJkvRBVu6gDr4DXbkT1PhKypWGjTdy69WAEihQlwade97KXUsYHfuYD0sfAkl+pZ
JlHiOnAd6UnNKPe/ZCCTxcmcYZ7BFotG5hnPrSoMgF3V2R+1QZXV7Oz/Ju/oTg3d
vsZA9INhL26quRV9pKmC7sF3VUbJg4tUc47R0yH5VJPjDX7jdroJRosfjE1pTSlo
G/XljUOUt5a5Eg==
-----END CERTIFICATE-----