Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          6bT/Ft+cUxJp+maiQ51/Kfw6cVL8pNy/hxcNDy//ev0=
Subject key identifier:   94:49:A6:4F:EC:C5:98:BE:F0:4B:11:4D:6F:84:F5:AE:D1:30:C8:57
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       019873E2826E41D555614ED27DBC77721058
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          056A
Signing time:             Mon 04 Aug 2025 07:01:21 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:21 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:21 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: Kuzq2u2ELTs6riIm2xClH45h0Kg31O6qBVpl2xn6hI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:82:6e:41:d5:55:61:4e:d2:7d:bc:77:72:10:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Aug  4 07:01:21 2025 GMT
            Not After : Aug  5 07:01:21 2025 GMT
        Subject: CN=9449a64fecc598bef04b114d6f84f5aed130c857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:72:68:91:c8:6f:b0:03:c7:25:da:d3:5e:ef:
                    cc:d8:74:63:4f:26:7c:77:0f:e7:2d:5a:c4:21:e8:
                    d1:5f:2c:c9:2c:b3:1a:99:5b:ad:13:53:65:4f:08:
                    ed:50:99:86:e6:5f:a8:78:ea:3b:2a:73:2c:b4:22:
                    d9:9b:9c:fe:12:9f:fa:58:03:ee:b8:d5:84:e9:db:
                    ed:57:25:05:09:78:95:78:50:0d:4a:44:9c:5e:2b:
                    41:2c:82:66:1a:69:fe:ab:c0:86:d0:7a:7c:1d:1d:
                    37:91:b6:1e:ff:de:f9:b7:8c:57:3d:79:19:87:ce:
                    b5:ff:00:12:a3:58:df:6b:95:d8:23:4b:a6:ab:aa:
                    72:8f:e3:f9:12:3f:52:9c:0c:c0:36:eb:85:3d:fa:
                    5b:db:5d:b2:fe:00:9d:e0:be:6c:90:bf:b7:75:24:
                    f1:32:94:73:3e:e5:39:37:f0:5e:d2:c9:d8:9e:c9:
                    9b:65:4f:fd:8d:b7:d5:7e:70:3a:62:9d:77:20:a6:
                    2f:23:1e:ce:cb:64:ff:7c:fc:fb:e6:ad:de:7f:08:
                    cc:d8:d8:b9:f3:25:8b:0d:cf:84:8d:7f:af:7b:38:
                    dd:4a:6f:c4:99:ac:89:bb:3a:e6:79:1f:28:0e:5d:
                    f0:b6:55:1f:bc:b4:64:86:19:da:ed:f2:34:74:b9:
                    22:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:49:A6:4F:EC:C5:98:BE:F0:4B:11:4D:6F:84:F5:AE:D1:30:C8:57
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:3f:08:d7:fe:65:e5:e5:29:eb:4f:53:0b:c5:13:28:54:38:
         86:fa:6d:57:f3:be:91:8b:a4:b6:42:ae:05:90:a4:c0:e1:93:
         4e:9c:95:50:83:53:59:31:8b:2c:60:ce:14:3a:68:39:45:de:
         7a:81:0a:c7:2f:d1:27:d5:0f:ad:f8:6f:a9:04:d2:ec:64:0c:
         96:d8:33:7b:33:68:70:5e:e2:0c:b4:6e:95:9d:b3:f9:6c:c0:
         6e:7a:5b:f3:ca:a1:de:7e:5f:3b:62:49:4b:9e:81:00:9f:fc:
         bc:9b:c5:db:f4:a8:ec:45:bb:1a:4f:e3:e1:3c:d4:31:9f:47:
         db:e3:c8:a3:4f:e3:d2:6f:24:7f:01:ff:d9:cf:7b:fd:f3:fb:
         6f:9c:84:9d:7c:06:ca:34:a5:d0:62:5b:5f:2b:ca:b1:fb:6a:
         58:d2:1c:6c:e7:1f:e7:11:c8:ab:20:7e:ee:ea:e0:be:99:09:
         df:5d:19:f4:85:63:e9:91:67:97:0e:ab:e3:dd:97:be:50:b8:
         74:4d:f3:36:8b:1c:b4:14:10:ff:54:3d:07:c9:91:b3:8d:65:
         40:e1:3d:0f:86:12:a5:ac:f3:6b:2b:dc:41:7c:c1:da:89:57:
         a4:c7:41:94:d2:f0:9f:c0:d3:94:e0:d5:82:1e:d7:c7:44:c9:
         e3:8f:25:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4oJuQdVVYU7Sfbx3chBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwODA0MDcwMTIxWhcNMjUwODA1MDcwMTIxWjAzMTEwLwYDVQQD
Eyg5NDQ5YTY0ZmVjYzU5OGJlZjA0YjExNGQ2Zjg0ZjVhZWQxMzBjODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonJokchvsAPHJdrTXu/M2HRjTyZ8
dw/nLVrEIejRXyzJLLMamVutE1NlTwjtUJmG5l+oeOo7KnMstCLZm5z+Ep/6WAPu
uNWE6dvtVyUFCXiVeFANSkScXitBLIJmGmn+q8CG0Hp8HR03kbYe/975t4xXPXkZ
h861/wASo1jfa5XYI0umq6pyj+P5Ej9SnAzANuuFPfpb212y/gCd4L5skL+3dSTx
MpRzPuU5N/Be0snYnsmbZU/9jbfVfnA6Yp13IKYvIx7Oy2T/fPz75q3efwjM2Ni5
8yWLDc+EjX+vezjdSm/EmayJuzrmeR8oDl3wtlUfvLRkhhna7fI0dLkixQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRJpk/sxZi+8EsRTW+E9a7RMMhXMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWT8I1/5l
5eUp609TC8UTKFQ4hvptV/O+kYuktkKuBZCkwOGTTpyVUINTWTGLLGDOFDpoOUXe
eoEKxy/RJ9UPrfhvqQTS7GQMltgzezNocF7iDLRulZ2z+WzAbnpb88qh3n5fO2JJ
S56BAJ/8vJvF2/So7EW7Gk/j4TzUMZ9H2+PIo0/j0m8kfwH/2c97/fP7b5yEnXwG
yjSl0GJbXyvKsftqWNIcbOcf5xHIqyB+7urgvpkJ310Z9IVj6ZFnlw6r492XvlC4
dE3zNosctBQQ/1Q9B8mRs41lQOE9D4YSpazzayvcQXzB2olXpMdBlNLwn8DTlODV
gh7Xx0TJ448lGg==
-----END CERTIFICATE-----