Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          qPIm+BMw/b9BrXcizA2wCbC/YpnnZY/iaw2nF8RuFPo=
Subject key identifier:   E2:87:EA:20:B3:B1:9C:51:CE:E1:53:22:1B:87:1B:83:CF:82:1C:01
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       019890DAEAC6B2E4E9B6CD9661C6E3FFFB17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          0B1D
Signing time:             Sat 09 Aug 2025 22:02:02 +0000
Manifest this update:     Sat 09 Aug 2025 22:02:02 +0000
Manifest next update:     Sun 10 Aug 2025 22:02:02 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: DLA49i8qTG8hRapbQx4quveMCWaj6q8ydgnvIPoc4xs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:da:ea:c6:b2:e4:e9:b6:cd:96:61:c6:e3:ff:fb:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Aug  9 22:02:02 2025 GMT
            Not After : Aug 10 22:02:02 2025 GMT
        Subject: CN=e287ea20b3b19c51cee153221b871b83cf821c01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:67:58:b5:f1:99:2b:f6:3f:5e:c9:ef:83:53:
                    18:4a:16:ff:d6:5c:59:a0:aa:8e:de:14:63:6a:59:
                    bd:f8:ad:07:c3:2f:76:e2:21:3b:b3:22:d8:55:b9:
                    06:de:31:37:ca:25:93:93:7c:3e:75:05:8c:c5:b2:
                    b1:f7:bd:a7:05:90:64:67:e6:ac:fb:10:9c:c5:a2:
                    79:47:d9:56:f2:1c:16:77:d1:d3:b3:ca:67:22:cc:
                    0f:ab:35:f2:6e:bf:50:43:d7:92:3c:f1:3e:8f:78:
                    cb:2b:99:0a:ef:5d:ae:62:df:53:e4:a5:6a:9e:91:
                    30:85:af:ca:73:e8:a5:a4:be:6a:4d:4c:53:eb:8e:
                    7f:b3:83:38:f5:07:5c:75:35:01:da:da:bd:32:43:
                    96:b0:eb:36:78:03:50:bb:39:a0:a9:38:68:49:48:
                    67:99:e5:a9:c8:84:1e:28:da:4c:ee:d2:68:3f:1d:
                    80:31:14:b1:2a:a9:4f:10:1b:a2:7c:77:c3:42:5a:
                    7e:b0:5a:9e:a5:9c:19:18:bf:99:af:ce:4f:3d:d2:
                    7e:18:8a:5f:56:c4:fe:45:21:6f:e6:08:86:27:a7:
                    d3:69:81:bd:7d:7d:8f:c2:3d:65:74:be:d3:a4:89:
                    8d:fb:55:4b:69:ab:2a:09:e7:b2:71:21:19:2c:2e:
                    9b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:87:EA:20:B3:B1:9C:51:CE:E1:53:22:1B:87:1B:83:CF:82:1C:01
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e2:7d:7c:cb:57:a6:fc:a8:52:18:de:89:f9:34:46:f3:05:
         61:c4:1c:0d:7e:f1:4b:2e:55:dd:4d:83:7e:14:25:50:3e:df:
         ad:9b:f8:69:c3:74:f7:ba:8f:cd:0a:3c:6d:bc:89:de:d2:8e:
         2a:bb:20:7f:c3:03:3c:da:18:5e:49:7e:32:50:bc:b1:68:92:
         dc:90:1b:58:2e:18:a3:86:71:9e:6d:43:99:e4:c7:67:7b:4c:
         ce:52:0a:48:92:a7:4d:bf:51:bd:55:9d:00:3f:a4:f9:18:f5:
         38:62:1f:d5:76:9f:aa:6a:66:c5:6c:2e:49:b2:1e:bb:08:82:
         eb:74:63:48:b2:71:5e:b2:44:ab:b8:97:81:a6:5d:37:41:92:
         d3:00:e7:e1:a3:24:d1:63:7a:9f:bb:0c:36:0d:1b:64:e8:4b:
         1e:0f:b5:e2:d7:f4:35:3e:80:6f:0a:c1:cc:79:02:ba:da:9f:
         b6:f8:06:4b:bc:e4:7e:5b:d5:cb:0a:a9:82:f9:1b:5f:e6:34:
         01:98:de:7c:9a:43:0b:9d:d1:17:c8:d0:64:b4:7f:fb:11:0a:
         4d:89:7b:fa:ee:97:2f:64:27:14:6d:58:5a:e6:9b:ad:02:fe:
         e4:25:23:3f:38:1f:bf:12:d8:48:1e:d3:06:79:5c:e6:db:f3:
         f6:d0:7f:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQ2urGsuTpts2WYcbj//sXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUwODA5MjIwMjAyWhcNMjUwODEwMjIwMjAyWjAzMTEwLwYDVQQD
EyhlMjg3ZWEyMGIzYjE5YzUxY2VlMTUzMjIxYjg3MWI4M2NmODIxYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymdYtfGZK/Y/Xsnvg1MYShb/1lxZ
oKqO3hRjalm9+K0Hwy924iE7syLYVbkG3jE3yiWTk3w+dQWMxbKx972nBZBkZ+as
+xCcxaJ5R9lW8hwWd9HTs8pnIswPqzXybr9QQ9eSPPE+j3jLK5kK712uYt9T5KVq
npEwha/Kc+ilpL5qTUxT645/s4M49QdcdTUB2tq9MkOWsOs2eANQuzmgqThoSUhn
meWpyIQeKNpM7tJoPx2AMRSxKqlPEBuifHfDQlp+sFqepZwZGL+Zr85PPdJ+GIpf
VsT+RSFv5giGJ6fTaYG9fX2Pwj1ldL7TpImN+1VLaasqCeeycSEZLC6blQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKH6iCzsZxRzuFTIhuHG4PPghwBMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuJ9fMtX
pvyoUhjeifk0RvMFYcQcDX7xSy5V3U2DfhQlUD7frZv4acN097qPzQo8bbyJ3tKO
Krsgf8MDPNoYXkl+MlC8sWiS3JAbWC4Yo4Zxnm1DmeTHZ3tMzlIKSJKnTb9RvVWd
AD+k+Rj1OGIf1XafqmpmxWwuSbIeuwiC63RjSLJxXrJEq7iXgaZdN0GS0wDn4aMk
0WN6n7sMNg0bZOhLHg+14tf0NT6AbwrBzHkCutqftvgGS7zkflvVywqpgvkbX+Y0
AZjefJpDC53RF8jQZLR/+xEKTYl7+u6XL2QnFG1YWuabrQL+5CUjPzgfvxLYSB7T
Bnlc5tvz9tB/Fw==
-----END CERTIFICATE-----