Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
File:                     OFYFj7mk9--XizgCGuFSwk6_zkA.mft (raw, json)
Hash identifier:          zIiqCTSaQctNpgl00HcZrj4j428Wd7O/n632N823jDI=
Subject key identifier:   D7:74:3C:B8:E6:08:9B:E1:1C:21:5F:68:28:39:66:41:55:C7:84:D0
Authority key identifier: 38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40
Certificate issuer:       /CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
Certificate serial:       019874194ED6014C393AFD79CF29A1D10503
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
Manifest number:          031D
Signing time:             Mon 04 Aug 2025 08:01:12 +0000
Manifest this update:     Mon 04 Aug 2025 08:01:12 +0000
Manifest next update:     Tue 05 Aug 2025 08:01:12 +0000
Files and hashes:         1: OFYFj7mk9--XizgCGuFSwk6_zkA.crl (hash: AWcRk1gASR/Vx1wIfJFKIlHjzfIsfpPAiYzhlofImU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:19:4e:d6:01:4c:39:3a:fd:79:cf:29:a1:d1:05:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
        Validity
            Not Before: Aug  4 08:01:12 2025 GMT
            Not After : Aug  5 08:01:12 2025 GMT
        Subject: CN=d7743cb8e6089be11c215f682839664155c784d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1e:a4:98:1f:f2:49:a7:e3:6d:de:bd:42:88:
                    cc:25:ea:74:c5:d6:b8:2f:38:6d:ef:bb:49:60:9c:
                    3e:06:86:7e:7e:03:2f:0b:bc:ca:24:09:c4:92:72:
                    30:80:4c:64:ce:48:3d:1e:2d:58:ca:e6:0b:1c:43:
                    59:92:79:94:2f:f9:b3:af:59:be:ab:04:a2:8c:fa:
                    29:23:f3:44:07:61:4b:fb:6d:ba:5c:ed:80:73:b3:
                    73:c5:49:3d:eb:82:d2:ee:10:8f:6f:2d:8d:63:72:
                    3f:c7:a8:0f:7e:b3:33:85:bb:da:1c:fc:3d:b9:fb:
                    1a:60:48:c4:3f:88:fb:28:90:f8:da:3d:65:bf:62:
                    f0:61:6d:1c:7d:d2:62:ed:bf:a2:f4:95:95:fc:5d:
                    e8:18:19:18:b9:34:97:74:63:5b:b9:c2:f5:eb:3f:
                    9c:e2:6c:ee:34:1c:ff:43:4e:4c:9f:63:eb:77:0d:
                    cb:13:fe:93:1d:9e:f3:cf:bc:10:01:a3:d3:6a:35:
                    1f:5d:3f:a6:8b:cf:f0:af:cb:c7:5c:36:0b:1e:cf:
                    1a:47:8d:46:68:b9:46:93:e3:0a:4c:2f:87:66:7d:
                    ff:bd:91:14:b9:d7:89:3c:62:1a:91:af:da:52:f7:
                    78:20:90:36:75:eb:87:41:2f:8f:2c:ce:d1:ee:76:
                    3c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:74:3C:B8:E6:08:9B:E1:1C:21:5F:68:28:39:66:41:55:C7:84:D0
            X509v3 Authority Key Identifier:
                keyid:38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:cc:54:df:5c:43:1d:20:84:51:ca:a3:be:1d:84:03:75:ad:
         90:36:b4:ad:a7:5e:b7:b7:69:53:07:c1:f7:96:36:b3:c0:3e:
         84:4c:e4:a7:22:3f:3f:09:12:c3:98:05:0f:98:02:14:56:80:
         a8:49:b2:78:02:6e:3d:5f:5f:55:79:47:24:ce:b1:7e:d7:a7:
         a1:de:3c:9f:38:e1:b0:3c:e6:87:0d:f2:38:e9:99:37:86:b4:
         76:6f:01:78:5d:8a:db:70:92:6f:59:58:7e:18:c7:2f:4f:61:
         37:6e:19:ab:09:2c:a2:9c:37:ee:ce:8b:46:70:c7:ec:41:3b:
         8e:25:9a:dd:48:e5:b2:7d:46:e1:b4:79:f8:71:08:18:87:f4:
         f0:29:bf:24:2c:4b:6b:c9:31:97:38:43:6b:be:99:80:24:b5:
         3f:bf:bd:ab:bb:c6:db:9f:09:a7:a3:d5:0f:c4:4e:fe:eb:46:
         d9:c1:de:83:3b:a7:ee:7b:21:93:03:93:51:8b:31:30:9a:2d:
         8d:a9:4c:b1:1d:b2:5f:41:e3:92:40:1e:5d:72:46:07:74:37:
         15:97:43:ea:5a:60:9c:5a:ec:b3:eb:b2:87:e9:e0:ff:46:45:
         cc:81:47:28:52:f0:9c:9f:b1:7a:40:7c:12:d3:55:27:2f:fe:
         22:d6:3c:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0GU7WAUw5Ov15zymh0QUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTYwNThmYjlhNGY3ZWY5NzhiMzgwMjFhZTE1MmMyNGVi
ZmNlNDAwHhcNMjUwODA0MDgwMTEyWhcNMjUwODA1MDgwMTEyWjAzMTEwLwYDVQQD
EyhkNzc0M2NiOGU2MDg5YmUxMWMyMTVmNjgyODM5NjY0MTU1Yzc4NGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx6kmB/ySafjbd69QojMJep0xda4
Lzht77tJYJw+BoZ+fgMvC7zKJAnEknIwgExkzkg9Hi1YyuYLHENZknmUL/mzr1m+
qwSijPopI/NEB2FL+226XO2Ac7NzxUk964LS7hCPby2NY3I/x6gPfrMzhbvaHPw9
ufsaYEjEP4j7KJD42j1lv2LwYW0cfdJi7b+i9JWV/F3oGBkYuTSXdGNbucL16z+c
4mzuNBz/Q05Mn2Prdw3LE/6THZ7zz7wQAaPTajUfXT+mi8/wr8vHXDYLHs8aR41G
aLlGk+MKTC+HZn3/vZEUudeJPGIaka/aUvd4IJA2deuHQS+PLM7R7nY8iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNd0PLjmCJvhHCFfaCg5ZkFVx4TQMB8GA1UdIwQY
MBaAFDhWBY+5pPfvl4s4AhrhUsJOv85AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmIt
YTVmZjE3NmQ2MWQwLzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmItYTVmZjE3NmQ2MWQw
LzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJMxU31xD
HSCEUcqjvh2EA3WtkDa0radet7dpUwfB95Y2s8A+hEzkpyI/PwkSw5gFD5gCFFaA
qEmyeAJuPV9fVXlHJM6xftenod48nzjhsDzmhw3yOOmZN4a0dm8BeF2K23CSb1lY
fhjHL09hN24Zqwksopw37s6LRnDH7EE7jiWa3Ujlsn1G4bR5+HEIGIf08Cm/JCxL
a8kxlzhDa76ZgCS1P7+9q7vG258Jp6PVD8RO/utG2cHegzun7nshkwOTUYsxMJot
jalMsR2yX0HjkkAeXXJGB3Q3FZdD6lpgnFrss+uyh+ng/0ZFzIFHKFLwnJ+xekB8
EtNVJy/+ItY8fw==
-----END CERTIFICATE-----