Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          ObfhdwayW2G9KQLq9/y94PmhLtObODo1HHYfDz4Pet4=
Subject key identifier:   2F:D0:3E:6F:63:5A:1B:6E:B7:19:F4:08:7B:D2:9F:67:03:36:AF:9D
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       01976F9A4EDD1C7156787617A97D7095A4D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 18:01:12 +0000
Manifest this update:     Sat 14 Jun 2025 18:01:12 +0000
Manifest next update:     Sun 15 Jun 2025 18:01:12 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: j53LG3lLg1JxGnkHsZ90kU0XRxs8+nKGQXfDNx8gqq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:9a:4e:dd:1c:71:56:78:76:17:a9:7d:70:95:a4:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: Jun 14 18:01:12 2025 GMT
            Not After : Jun 15 18:01:12 2025 GMT
        Subject: CN=2fd03e6f635a1b6eb719f4087bd29f670336af9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:32:c8:34:96:02:d1:3b:a4:96:ea:fc:a0:62:
                    5e:73:24:68:95:4b:00:0f:4f:f5:a9:4f:6f:28:a2:
                    2a:26:0d:17:9d:81:49:19:58:5c:6c:99:e5:e8:93:
                    3d:33:4f:1e:c4:59:50:50:b8:23:3f:c0:1c:ab:20:
                    c2:14:20:24:ef:78:b7:70:6b:95:ca:5c:5a:7d:ce:
                    dc:28:5d:cb:7e:0c:44:87:54:ab:02:47:a0:32:fe:
                    97:04:07:fd:02:c1:88:57:65:ab:35:1c:76:4a:a0:
                    09:48:82:9e:e5:f3:c0:c9:d8:91:ff:dd:ac:84:c2:
                    6d:3b:fe:d2:37:b7:ea:3e:cc:bf:92:32:19:74:bb:
                    75:ba:4d:cc:af:e9:f4:66:e1:20:12:2b:8c:10:9b:
                    1f:a1:bd:e2:2f:e8:c1:69:c0:c1:a3:4b:66:47:6e:
                    15:99:35:25:01:53:2d:9e:f6:88:82:b7:69:d0:37:
                    37:7e:0a:6c:86:da:80:71:34:0b:86:08:2d:2b:f4:
                    aa:49:ac:f0:04:51:27:e7:06:3b:b0:5a:f1:bf:67:
                    d2:5d:82:69:0c:d1:cd:7c:92:ab:c9:3f:ea:c9:25:
                    fb:0e:0d:d6:c7:ad:a5:3b:33:ea:57:5a:0b:d2:45:
                    59:b6:63:3d:02:45:9a:e1:ce:d9:8a:b0:62:23:82:
                    76:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:D0:3E:6F:63:5A:1B:6E:B7:19:F4:08:7B:D2:9F:67:03:36:AF:9D
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:43:ab:98:03:2c:fc:41:2f:34:7c:b6:c8:81:0b:8e:f5:0d:
         25:4e:3d:37:7e:42:1c:bd:2b:ae:02:46:e8:ef:27:f1:ea:9a:
         04:e4:d2:24:d8:fd:c0:91:e6:b3:1c:dd:70:ae:fd:a8:99:b1:
         b1:c2:67:9b:be:63:77:1d:4d:af:9c:59:f6:3a:dc:4c:54:c4:
         d2:4d:cc:12:01:81:3b:fa:0b:f0:dc:4c:ad:53:0a:c3:68:40:
         b0:ad:8e:3a:49:6b:3a:c8:72:91:1e:bb:ce:80:a3:a9:8b:7f:
         0e:64:e8:30:4c:ae:26:a1:f7:1c:27:85:c0:85:03:12:e4:84:
         19:33:cb:6d:1f:e2:92:d4:dc:47:48:05:55:bd:fc:cc:f6:fd:
         61:c0:a8:cb:8e:05:26:28:9c:c5:8d:36:3f:00:77:9d:51:ba:
         59:4b:57:fa:49:52:fb:75:0d:25:14:1e:3b:3b:ab:9f:1e:9e:
         62:7f:48:1d:f0:2f:fc:fc:a5:ab:e1:c1:ed:2f:41:e1:06:0c:
         ae:eb:e5:04:ef:f3:91:06:c8:41:ec:13:97:60:1b:85:9a:90:
         6b:db:11:ca:89:74:b2:9e:7f:a8:56:2b:67:55:5d:98:3b:bb:
         ff:72:f4:81:da:79:77:ed:71:32:e0:2f:78:31:64:2b:34:97:
         29:6d:2d:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmk7dHHFWeHYXqX1wlaTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjUwNjE0MTgwMTEyWhcNMjUwNjE1MTgwMTEyWjAzMTEwLwYDVQQD
EygyZmQwM2U2ZjYzNWExYjZlYjcxOWY0MDg3YmQyOWY2NzAzMzZhZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TLINJYC0Tuklur8oGJecyRolUsA
D0/1qU9vKKIqJg0XnYFJGVhcbJnl6JM9M08exFlQULgjP8AcqyDCFCAk73i3cGuV
ylxafc7cKF3LfgxEh1SrAkegMv6XBAf9AsGIV2WrNRx2SqAJSIKe5fPAydiR/92s
hMJtO/7SN7fqPsy/kjIZdLt1uk3Mr+n0ZuEgEiuMEJsfob3iL+jBacDBo0tmR24V
mTUlAVMtnvaIgrdp0Dc3fgpshtqAcTQLhggtK/SqSazwBFEn5wY7sFrxv2fSXYJp
DNHNfJKryT/qySX7Dg3Wx62lOzPqV1oL0kVZtmM9AkWa4c7ZirBiI4J2jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/QPm9jWhtutxn0CHvSn2cDNq+dMB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADUOrmAMs
/EEvNHy2yIELjvUNJU49N35CHL0rrgJG6O8n8eqaBOTSJNj9wJHmsxzdcK79qJmx
scJnm75jdx1Nr5xZ9jrcTFTE0k3MEgGBO/oL8NxMrVMKw2hAsK2OOklrOshykR67
zoCjqYt/DmToMEyuJqH3HCeFwIUDEuSEGTPLbR/iktTcR0gFVb38zPb9YcCoy44F
JiicxY02PwB3nVG6WUtX+klS+3UNJRQeOzurnx6eYn9IHfAv/Pylq+HB7S9B4QYM
ruvlBO/zkQbIQewTl2AbhZqQa9sRyol0sp5/qFYrZ1VdmDu7/3L0gdp5d+1xMuAv
eDFkKzSXKW0t4g==
-----END CERTIFICATE-----