Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          Joye9mHptdXX3V85a8XHnVWuAN3cKTmj+2Zy2m+XqEE=
Subject key identifier:   B0:A3:3D:B2:E5:DC:59:28:31:BF:2C:C8:2D:17:4E:94:4A:CD:7F:2C
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       01987B9D6DE8E8BAC5B3DAC97B80EFF80E74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          055B
Signing time:             Tue 05 Aug 2025 19:02:51 +0000
Manifest this update:     Tue 05 Aug 2025 19:02:51 +0000
Manifest next update:     Wed 06 Aug 2025 19:02:51 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: trkHIg76eXFEfzruwTMKqNVb1r0uOmJghE4qAmqgSGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 19:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9d:6d:e8:e8:ba:c5:b3:da:c9:7b:80:ef:f8:0e:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Aug  5 19:02:51 2025 GMT
            Not After : Aug  6 19:02:51 2025 GMT
        Subject: CN=b0a33db2e5dc592831bf2cc82d174e944acd7f2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2a:3e:b1:d8:c8:71:6f:a2:cd:7c:70:1c:8b:
                    f2:40:6a:57:88:32:9d:9f:80:c8:db:f0:3c:5f:b0:
                    76:d8:0f:e5:a9:c2:9a:1f:f9:39:14:25:d4:d2:83:
                    21:14:cd:c7:82:ed:75:a0:3f:b2:04:c3:81:fd:0c:
                    84:f9:0a:c2:38:ed:61:67:47:1c:c3:01:fe:bd:51:
                    48:01:43:64:92:d6:ca:65:8a:4c:b5:ea:bb:f0:b2:
                    e0:ff:51:ca:cd:98:e8:28:ca:c6:1b:60:ac:54:8d:
                    18:44:5d:49:04:1a:22:da:36:49:84:9c:a9:1a:14:
                    6e:fc:54:00:d3:fd:72:ec:a0:a8:97:b2:28:ce:3b:
                    42:ea:09:71:0a:b3:cb:66:48:0a:d7:5d:0d:2d:d3:
                    fc:07:a6:68:01:7a:01:97:d6:18:de:b2:a8:6f:2c:
                    a6:15:93:9f:ca:4d:95:2d:ab:74:6b:07:f9:6f:51:
                    6e:30:14:41:15:eb:14:b1:94:6c:85:63:67:b3:da:
                    7e:3c:50:72:f0:6c:70:16:d7:bf:7e:26:95:a3:ff:
                    f0:39:f5:7d:ed:13:b4:37:b8:53:4b:08:2d:a8:2b:
                    ff:93:bb:29:fc:b8:69:de:45:63:51:8f:b4:ef:ea:
                    ad:31:1f:1f:04:47:80:3b:b6:30:4b:ba:e7:f3:b8:
                    72:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:A3:3D:B2:E5:DC:59:28:31:BF:2C:C8:2D:17:4E:94:4A:CD:7F:2C
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:40:40:2d:65:57:51:08:10:28:c2:c4:29:20:76:e5:ad:5b:
         f3:6c:54:d0:8a:50:d0:78:68:cd:50:aa:af:23:3e:5b:02:33:
         79:eb:b7:6b:1c:cb:b3:29:4a:e4:fb:7e:50:2d:63:cd:e4:87:
         87:20:c2:51:f2:ce:30:5d:d5:89:7f:5e:e2:c7:e2:f0:1d:4f:
         fc:e1:77:ec:00:32:97:0b:5f:5e:e6:b1:d9:d9:ff:f3:d2:30:
         74:fb:5d:21:eb:a3:47:d4:7a:b3:40:0d:23:fb:5c:e3:7e:46:
         ac:0f:8d:14:e6:bc:fb:12:16:75:cd:ad:af:73:df:7b:eb:62:
         2d:e3:45:9b:51:61:17:95:0d:5e:d0:13:cc:c7:f1:7f:a9:7b:
         a9:6a:71:fd:7e:e7:90:ef:6c:17:4a:b4:de:c0:d8:e6:51:73:
         67:37:d4:c5:22:74:ce:fd:6a:d6:9c:ac:66:b7:ef:8a:0a:ac:
         53:a8:69:fb:f9:1e:77:ef:d1:cf:db:8d:08:fa:1e:72:94:b7:
         99:05:98:df:23:97:91:b2:57:2c:0f:c4:37:58:21:41:2e:8a:
         21:69:e3:5b:03:51:e9:8d:79:2f:c9:27:af:3b:81:b3:1c:db:
         5d:02:38:01:7c:d3:49:fc:a9:a9:d8:fd:b4:9a:a6:44:60:64:
         0f:96:8f:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7nW3o6LrFs9rJe4Dv+A50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwODA1MTkwMjUxWhcNMjUwODA2MTkwMjUxWjAzMTEwLwYDVQQD
EyhiMGEzM2RiMmU1ZGM1OTI4MzFiZjJjYzgyZDE3NGU5NDRhY2Q3ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryo+sdjIcW+izXxwHIvyQGpXiDKd
n4DI2/A8X7B22A/lqcKaH/k5FCXU0oMhFM3Hgu11oD+yBMOB/QyE+QrCOO1hZ0cc
wwH+vVFIAUNkktbKZYpMteq78LLg/1HKzZjoKMrGG2CsVI0YRF1JBBoi2jZJhJyp
GhRu/FQA0/1y7KCol7IozjtC6glxCrPLZkgK110NLdP8B6ZoAXoBl9YY3rKobyym
FZOfyk2VLat0awf5b1FuMBRBFesUsZRshWNns9p+PFBy8GxwFte/fiaVo//wOfV9
7RO0N7hTSwgtqCv/k7sp/Lhp3kVjUY+07+qtMR8fBEeAO7YwS7rn87hyzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCjPbLl3FkoMb8syC0XTpRKzX8sMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtUBALWVX
UQgQKMLEKSB25a1b82xU0IpQ0HhozVCqryM+WwIzeeu3axzLsylK5Pt+UC1jzeSH
hyDCUfLOMF3ViX9e4sfi8B1P/OF37AAylwtfXuax2dn/89IwdPtdIeujR9R6s0AN
I/tc435GrA+NFOa8+xIWdc2tr3Pfe+tiLeNFm1FhF5UNXtATzMfxf6l7qWpx/X7n
kO9sF0q03sDY5lFzZzfUxSJ0zv1q1pysZrfvigqsU6hp+/ked+/Rz9uNCPoecpS3
mQWY3yOXkbJXLA/EN1ghQS6KIWnjWwNR6Y15L8knrzuBsxzbXQI4AXzTSfypqdj9
tJqmRGBkD5aPOA==
-----END CERTIFICATE-----