Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          hMbgfiYBYtZFSImeO3caSLMAsNiW3lJotz7bSpzUT/o=
Subject key identifier:   B4:7F:0A:B2:31:53:7F:89:D1:FD:5B:4B:FA:71:70:49:88:C3:82:C5
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       01967FB4A78C3D36A4BB2CF17BF049F4BE0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          0A0B
Signing time:             Tue 29 Apr 2025 04:01:07 +0000
Manifest this update:     Tue 29 Apr 2025 04:01:07 +0000
Manifest next update:     Wed 30 Apr 2025 04:01:07 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: i+1Zg8LdMCgEb+uidyBwnWEO6GLLOb6t2roNkcaNk0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:a7:8c:3d:36:a4:bb:2c:f1:7b:f0:49:f4:be:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Apr 29 04:01:07 2025 GMT
            Not After : Apr 30 04:01:07 2025 GMT
        Subject: CN=b47f0ab231537f89d1fd5b4bfa71704988c382c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:06:9b:62:71:23:5e:1d:95:54:76:b0:12:1c:
                    86:46:5d:ba:5d:dd:c3:61:12:fe:63:f3:3c:e1:be:
                    b3:fc:f4:da:59:3d:21:37:bc:6d:5e:f5:42:90:91:
                    65:6d:90:98:c2:3b:98:0e:4e:2b:6a:51:6c:ed:3c:
                    ee:7c:f5:a4:58:a4:ee:9d:e9:e4:f8:f0:c3:b7:bb:
                    24:3c:4e:ad:c1:82:3b:98:94:a9:eb:9b:c0:9b:22:
                    c0:32:32:30:66:29:f8:c4:02:87:ec:89:a8:65:c6:
                    6a:c5:64:5c:f7:b3:e1:b8:c8:78:5a:15:87:cb:42:
                    c6:86:63:ec:2b:19:03:de:7d:ea:7b:7b:9f:1b:de:
                    f2:2a:e0:28:e0:11:a5:20:aa:ec:1d:d7:84:90:b9:
                    6c:0f:03:7a:4b:19:1d:67:b4:52:10:62:7e:dc:a7:
                    9a:63:be:9f:f0:bd:38:46:8d:03:f4:07:9e:4f:ef:
                    af:17:0c:5c:41:a2:c2:b5:b6:de:b7:52:a3:16:25:
                    53:97:6d:ec:a0:b9:b8:16:9b:f1:31:87:48:89:a3:
                    74:c6:ed:fc:59:68:1e:e2:a2:e1:92:1e:08:1e:55:
                    7e:73:b8:ab:95:f8:86:0e:0d:df:77:f2:f3:9c:f9:
                    c2:e1:5c:15:22:6a:4f:b9:4b:da:a4:9a:3f:3b:c6:
                    08:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:7F:0A:B2:31:53:7F:89:D1:FD:5B:4B:FA:71:70:49:88:C3:82:C5
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:64:bb:c1:af:15:c0:ea:3b:7f:fe:91:40:a9:28:b3:ca:73:
         f8:aa:4b:b2:09:1c:8a:dc:47:52:f5:03:f7:42:34:92:05:d8:
         58:d8:9c:3b:16:2d:31:70:e9:b2:10:af:84:e6:de:5d:88:68:
         db:7f:29:e2:58:97:d0:54:83:91:ba:e9:72:ca:22:55:9f:11:
         3b:f8:6b:64:5b:73:23:eb:5a:8b:3a:a3:89:9f:08:0f:6c:8c:
         45:6e:df:11:16:10:f4:8d:0f:b9:5e:f1:43:ab:1b:7b:8c:59:
         83:22:17:69:26:20:b4:92:d5:49:7a:02:58:67:19:b5:99:73:
         23:41:1e:13:fc:4e:22:8e:96:18:ad:10:9f:a4:10:f5:6b:c2:
         62:d9:0d:e7:7b:44:6c:ba:a4:26:c5:a1:7b:a1:b0:08:0f:22:
         25:02:9f:93:40:08:8c:42:4a:2b:d3:5c:b6:9a:ae:5b:0e:ec:
         04:28:5d:62:a0:6f:c8:8b:8c:12:b8:f2:68:6c:de:46:32:95:
         7e:c7:63:8e:b0:17:49:23:d8:f5:15:a8:1e:82:aa:1d:9f:7d:
         9e:53:23:cd:f7:fd:e6:a8:f4:55:82:82:a0:05:13:0a:68:b2:
         57:0a:13:04:18:70:70:9d:f1:ca:57:df:f4:26:d7:ee:c5:94:
         73:c5:4c:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tKeMPTakuyzxe/BJ9L4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUwNDI5MDQwMTA3WhcNMjUwNDMwMDQwMTA3WjAzMTEwLwYDVQQD
EyhiNDdmMGFiMjMxNTM3Zjg5ZDFmZDViNGJmYTcxNzA0OTg4YzM4MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQabYnEjXh2VVHawEhyGRl26Xd3D
YRL+Y/M84b6z/PTaWT0hN7xtXvVCkJFlbZCYwjuYDk4ralFs7TzufPWkWKTunenk
+PDDt7skPE6twYI7mJSp65vAmyLAMjIwZin4xAKH7ImoZcZqxWRc97PhuMh4WhWH
y0LGhmPsKxkD3n3qe3ufG97yKuAo4BGlIKrsHdeEkLlsDwN6SxkdZ7RSEGJ+3Kea
Y76f8L04Ro0D9AeeT++vFwxcQaLCtbbet1KjFiVTl23soLm4FpvxMYdIiaN0xu38
WWge4qLhkh4IHlV+c7irlfiGDg3fd/LznPnC4VwVImpPuUvapJo/O8YIHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLR/CrIxU3+J0f1bS/pxcEmIw4LFMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANmS7wa8V
wOo7f/6RQKkos8pz+KpLsgkcitxHUvUD90I0kgXYWNicOxYtMXDpshCvhObeXYho
238p4liX0FSDkbrpcsoiVZ8RO/hrZFtzI+taizqjiZ8ID2yMRW7fERYQ9I0PuV7x
Q6sbe4xZgyIXaSYgtJLVSXoCWGcZtZlzI0EeE/xOIo6WGK0Qn6QQ9WvCYtkN53tE
bLqkJsWhe6GwCA8iJQKfk0AIjEJKK9NctpquWw7sBChdYqBvyIuMErjyaGzeRjKV
fsdjjrAXSSPY9RWoHoKqHZ99nlMjzff95qj0VYKCoAUTCmiyVwoTBBhwcJ3xylff
9CbX7sWUc8VMQA==
-----END CERTIFICATE-----