Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          nh7RpEYlyVkWMYVL+W05tIIqlUYCaKsqBsIVoVPEE3c=
Subject key identifier:   36:0D:F4:E3:A7:16:7F:FE:64:5F:43:80:37:21:66:F5:4E:F5:8A:AB
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       01976F2BA0B654C6562D87CAEF9FD6BE45C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          04D0
Signing time:             Sat 14 Jun 2025 16:00:19 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:19 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:19 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: b4RDdzVHzulsn9tkg0SHscelhXxRZX27unjhEUhPvyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:a0:b6:54:c6:56:2d:87:ca:ef:9f:d6:be:45:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Jun 14 16:00:19 2025 GMT
            Not After : Jun 15 16:00:19 2025 GMT
        Subject: CN=360df4e3a7167ffe645f4380372166f54ef58aab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c9:f0:65:2d:88:9e:d0:5f:07:dc:27:f4:f5:
                    a9:e8:c4:d3:c5:69:1b:b1:f8:dd:75:60:28:c4:64:
                    e1:53:95:73:ec:1f:40:11:c7:06:4e:83:a9:be:f2:
                    73:25:9f:90:6f:c3:2a:22:cf:b3:4f:91:5d:ab:30:
                    6c:fa:16:2c:be:69:d9:44:d7:6f:aa:9c:e8:70:cc:
                    ac:69:ab:0c:ea:85:b9:93:42:64:2e:bc:a1:0e:67:
                    02:ec:07:6b:c4:1a:a8:1b:2e:e3:61:8b:96:02:60:
                    1f:eb:07:6e:f8:b2:65:8c:cd:b0:8f:eb:f0:42:9f:
                    dc:d6:63:67:07:4c:b0:97:66:e0:41:6a:8b:f7:ec:
                    6c:c1:72:93:90:0d:3f:09:49:5a:b5:a2:48:04:2b:
                    48:41:cb:9c:d2:94:9e:13:ca:38:28:36:ff:84:5b:
                    d1:8c:51:27:bd:de:dc:91:94:1e:59:34:8b:95:20:
                    52:78:3f:e0:a7:47:8f:4f:b4:a5:73:2b:0b:c3:de:
                    28:e1:a4:82:df:83:05:80:1f:10:c2:cb:d0:2e:ae:
                    3b:67:14:45:3f:fb:be:f4:09:f0:b6:8e:83:ca:6e:
                    5b:d2:df:0a:f6:07:dc:10:20:2a:cd:36:4e:b8:0e:
                    5e:5d:bf:50:43:cc:47:cb:f5:ab:8b:26:ee:bd:df:
                    6a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:0D:F4:E3:A7:16:7F:FE:64:5F:43:80:37:21:66:F5:4E:F5:8A:AB
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:8c:45:e0:ce:25:cb:0b:9c:f2:20:40:4a:09:fa:47:16:12:
         4b:9f:b9:25:2b:73:56:31:ab:4d:96:75:0e:e7:dc:e8:6f:aa:
         56:1c:df:d8:32:2e:8f:ef:0b:08:b4:be:dd:d8:c7:93:77:61:
         68:20:ee:57:1b:85:31:62:3c:69:b0:4f:02:66:52:ad:ac:99:
         0a:88:e4:c9:5b:dd:04:57:a1:d1:47:f0:6f:cc:fd:57:2e:ec:
         be:3e:50:3c:ac:04:9d:d1:7e:81:1c:a2:d7:aa:0b:d3:b0:99:
         73:9a:df:9e:64:71:f3:28:90:9d:de:7d:c9:73:93:ae:ef:c7:
         fc:61:f6:16:c7:1f:18:0d:e9:f0:a7:08:41:f9:00:4f:aa:b8:
         28:a2:a8:72:45:dd:e8:42:b6:2e:25:85:51:52:93:94:b2:ca:
         0a:74:ec:27:ba:54:3c:49:73:8c:5a:51:e9:57:ff:95:fe:05:
         5d:c8:66:af:60:46:0e:d3:e7:93:7e:f8:90:1b:95:e5:6e:f3:
         49:29:0e:b2:69:57:82:0e:9c:1f:2c:53:5c:e3:06:1f:f5:4f:
         a4:03:43:e1:70:47:b3:a6:c9:47:0a:2a:ce:a1:5f:aa:88:e4:
         04:81:0b:7f:3f:aa:68:96:bf:46:17:4f:4d:79:af:ed:dc:79:
         b6:2d:a4:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK6C2VMZWLYfK75/WvkXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwNjE0MTYwMDE5WhcNMjUwNjE1MTYwMDE5WjAzMTEwLwYDVQQD
EygzNjBkZjRlM2E3MTY3ZmZlNjQ1ZjQzODAzNzIxNjZmNTRlZjU4YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMnwZS2IntBfB9wn9PWp6MTTxWkb
sfjddWAoxGThU5Vz7B9AEccGToOpvvJzJZ+Qb8MqIs+zT5FdqzBs+hYsvmnZRNdv
qpzocMysaasM6oW5k0JkLryhDmcC7AdrxBqoGy7jYYuWAmAf6wdu+LJljM2wj+vw
Qp/c1mNnB0ywl2bgQWqL9+xswXKTkA0/CUlataJIBCtIQcuc0pSeE8o4KDb/hFvR
jFEnvd7ckZQeWTSLlSBSeD/gp0ePT7SlcysLw94o4aSC34MFgB8QwsvQLq47ZxRF
P/u+9Anwto6Dym5b0t8K9gfcECAqzTZOuA5eXb9QQ8xHy/Wriybuvd9qZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYN9OOnFn/+ZF9DgDchZvVO9YqrMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsoxF4M4l
ywuc8iBASgn6RxYSS5+5JStzVjGrTZZ1Dufc6G+qVhzf2DIuj+8LCLS+3djHk3dh
aCDuVxuFMWI8abBPAmZSrayZCojkyVvdBFeh0Ufwb8z9Vy7svj5QPKwEndF+gRyi
16oL07CZc5rfnmRx8yiQnd59yXOTru/H/GH2FscfGA3p8KcIQfkAT6q4KKKockXd
6EK2LiWFUVKTlLLKCnTsJ7pUPElzjFpR6Vf/lf4FXchmr2BGDtPnk374kBuV5W7z
SSkOsmlXgg6cHyxTXOMGH/VPpAND4XBHs6bJRwoqzqFfqojkBIELfz+qaJa/RhdP
TXmv7dx5ti2k+A==
-----END CERTIFICATE-----