Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          Cv3BZ2wiN/32yuXJ+C4OMM6CzXfX4h/JcqJmK+GoKTQ=
Subject key identifier:   5F:3F:51:CC:BF:0D:51:0C:5E:01:B4:B3:2E:02:25:6F:2F:FB:3A:AB
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       019A4EF522A866074DA5EB9DC6AE221A2DE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          064D
Signing time:             Tue 04 Nov 2025 13:01:19 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:19 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:19 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: OSXnOOkUlX+2qhNGQtplIiTroBZMMgBq0H6ZXQnrX0U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:22:a8:66:07:4d:a5:eb:9d:c6:ae:22:1a:2d:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Nov  4 13:01:19 2025 GMT
            Not After : Nov  5 13:01:19 2025 GMT
        Subject: CN=5f3f51ccbf0d510c5e01b4b32e02256f2ffb3aab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:42:cf:79:41:f8:f4:5e:ff:36:a8:97:6b:07:
                    c1:d4:55:49:0f:83:23:46:66:6f:50:48:3d:24:d7:
                    65:8b:9a:e7:4f:c2:8f:fd:0d:d3:a4:f9:17:92:0a:
                    a6:87:c0:96:e3:d1:b4:6c:86:44:b0:80:75:92:ca:
                    25:e5:36:01:eb:eb:68:2c:5d:ff:80:4d:2f:35:4c:
                    71:54:42:01:d8:03:89:0d:e4:5f:9f:e0:d2:ec:7c:
                    d3:9e:90:9d:98:6d:7d:45:e5:96:e6:81:8b:b5:af:
                    38:20:7a:a1:37:6d:9e:ef:f0:fc:fc:8c:56:49:63:
                    b7:c1:6b:79:f0:75:32:55:1e:5b:0d:89:26:45:31:
                    45:7b:d7:5e:68:17:be:72:14:2d:c0:82:e2:5b:57:
                    2f:92:1c:82:6f:c2:78:dc:59:10:c0:55:ee:af:16:
                    1b:84:11:a1:2e:27:58:15:0f:25:a7:cf:b9:09:6c:
                    66:98:d6:52:f8:00:99:7d:01:da:80:df:8a:e1:64:
                    25:81:23:a8:5c:2c:70:9f:0f:0d:ea:02:a3:db:df:
                    f7:b5:65:8c:3b:e3:b6:97:26:9f:ce:07:04:10:f5:
                    b6:84:76:5c:9c:d9:c0:b0:d1:4e:0f:e1:f3:d3:c8:
                    83:f2:45:6b:cc:fd:75:d2:72:83:c5:e9:0d:c5:ba:
                    9c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:3F:51:CC:BF:0D:51:0C:5E:01:B4:B3:2E:02:25:6F:2F:FB:3A:AB
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:de:d9:22:5c:b0:af:df:21:3f:e3:d0:d9:9c:5c:57:58:be:
         3c:59:66:09:df:08:b0:58:38:77:3c:e8:f3:23:64:4e:f8:59:
         85:91:93:b8:ca:61:3f:77:61:88:1a:5b:10:0c:29:67:5e:78:
         b0:40:e3:d1:80:a2:5c:b7:f1:f9:02:60:ea:33:f5:06:82:52:
         ed:ec:9f:5b:e3:a8:06:dd:83:4f:38:1f:9e:01:d3:86:49:ca:
         ef:9d:68:4a:0b:56:57:40:03:49:39:f7:52:49:25:96:ff:7d:
         49:51:64:68:64:c6:9c:5a:20:a2:62:99:1b:56:9e:d2:6c:bf:
         87:77:2a:13:22:40:35:5f:8e:e1:db:75:93:8d:ec:82:3c:fe:
         f1:1a:6a:0a:4b:4e:ca:c8:5a:86:ae:f3:01:53:2a:d8:43:b0:
         d4:c5:8c:be:55:f0:d7:ee:67:f9:27:49:f1:51:41:12:4e:dd:
         15:c3:ab:b3:76:b9:74:49:1c:40:45:74:6f:a1:f0:bd:38:e6:
         cc:c1:d0:42:fd:fa:3e:70:1d:73:99:2d:02:a6:4e:4e:ae:b4:
         6d:78:6c:a1:c2:5f:90:0a:00:13:53:1a:d4:34:07:a7:6e:17:
         37:a4:d0:a5:df:b4:7c:66:84:6b:89:d5:fd:4d:53:64:f1:27:
         02:11:da:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9SKoZgdNpeudxq4iGi3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUxMTA0MTMwMTE5WhcNMjUxMTA1MTMwMTE5WjAzMTEwLwYDVQQD
Eyg1ZjNmNTFjY2JmMGQ1MTBjNWUwMWI0YjMyZTAyMjU2ZjJmZmIzYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40LPeUH49F7/NqiXawfB1FVJD4Mj
RmZvUEg9JNdli5rnT8KP/Q3TpPkXkgqmh8CW49G0bIZEsIB1ksol5TYB6+toLF3/
gE0vNUxxVEIB2AOJDeRfn+DS7HzTnpCdmG19ReWW5oGLta84IHqhN22e7/D8/IxW
SWO3wWt58HUyVR5bDYkmRTFFe9deaBe+chQtwILiW1cvkhyCb8J43FkQwFXurxYb
hBGhLidYFQ8lp8+5CWxmmNZS+ACZfQHagN+K4WQlgSOoXCxwnw8N6gKj29/3tWWM
O+O2lyafzgcEEPW2hHZcnNnAsNFOD+Hz08iD8kVrzP110nKDxekNxbqcWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8/Ucy/DVEMXgG0sy4CJW8v+zqrMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGt7ZIlyw
r98hP+PQ2ZxcV1i+PFlmCd8IsFg4dzzo8yNkTvhZhZGTuMphP3dhiBpbEAwpZ154
sEDj0YCiXLfx+QJg6jP1BoJS7eyfW+OoBt2DTzgfngHThknK751oSgtWV0ADSTn3
Ukkllv99SVFkaGTGnFogomKZG1ae0my/h3cqEyJANV+O4dt1k43sgjz+8RpqCktO
yshahq7zAVMq2EOw1MWMvlXw1+5n+SdJ8VFBEk7dFcOrs3a5dEkcQEV0b6HwvTjm
zMHQQv36PnAdc5ktAqZOTq60bXhsocJfkAoAE1Ma1DQHp24XN6TQpd+0fGaEa4nV
/U1TZPEnAhHadQ==
-----END CERTIFICATE-----