Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          I86ZXPuz32CV1ag4QG85RN7/9tf6Vc0d60dPtaUIkh8=
Subject key identifier:   64:E4:CF:3B:94:71:B5:F9:88:28:E0:69:28:C2:C3:36:30:D9:33:9B
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       01987B9BC30D2E56D4CDCFC7AFDAE23CAC6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          0577
Signing time:             Tue 05 Aug 2025 19:01:02 +0000
Manifest this update:     Tue 05 Aug 2025 19:01:02 +0000
Manifest next update:     Wed 06 Aug 2025 19:01:02 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: nTEYSxpoFLRv97DL3dhZJ0M0Hy43Q1VcFZm+xtVfZxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9b:c3:0d:2e:56:d4:cd:cf:c7:af:da:e2:3c:ac:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Aug  5 19:01:02 2025 GMT
            Not After : Aug  6 19:01:02 2025 GMT
        Subject: CN=64e4cf3b9471b5f98828e06928c2c33630d9339b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:34:58:01:2b:60:11:56:99:d6:8a:ba:da:bd:
                    9e:6f:ac:e0:a7:eb:ca:ab:b9:19:9a:ed:5e:89:8a:
                    4d:33:9d:9f:34:af:b6:44:6f:ef:1f:99:1b:24:ed:
                    0a:b4:cb:d6:ee:6b:02:e2:97:b2:b4:2a:d5:bf:2e:
                    d3:64:ce:50:01:2b:ed:6f:5e:e9:c1:73:b5:55:1b:
                    dc:73:2a:63:57:38:f8:ad:90:76:01:2b:0b:fe:45:
                    d3:50:0e:aa:31:89:aa:56:f5:83:2e:81:7f:58:72:
                    d6:4d:d7:0e:05:cc:e5:02:20:6c:06:f4:5c:44:ce:
                    84:80:20:f0:37:6c:15:b8:30:5b:cc:fb:ec:f6:c3:
                    94:4a:5e:58:ce:9b:57:4a:b1:e8:ff:8d:3d:6c:c7:
                    8c:eb:2d:20:32:18:40:31:7b:c7:4a:18:05:77:fe:
                    41:12:ac:29:64:06:34:38:d7:ea:1a:1f:21:31:fc:
                    11:25:04:d5:5b:56:dd:e9:92:30:a7:3e:a9:e5:c5:
                    c8:d4:be:4e:94:44:93:27:e9:d5:7b:df:1b:14:c4:
                    83:b1:3e:b6:60:fb:30:78:2f:3b:28:3d:4e:4f:cb:
                    55:d2:22:c6:f4:77:fe:10:6d:0f:a0:1e:73:f5:c8:
                    86:2e:cb:ad:50:54:d0:6a:a8:4a:39:b5:e6:93:8c:
                    e4:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E4:CF:3B:94:71:B5:F9:88:28:E0:69:28:C2:C3:36:30:D9:33:9B
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:33:c3:f8:17:a7:9c:b9:87:74:06:a4:00:d4:59:2c:49:4a:
         f5:b7:10:5a:db:89:73:cb:91:6f:38:25:36:de:9f:c0:74:41:
         2c:2d:97:0b:8f:ad:4a:a2:67:d2:89:f8:27:5d:73:2a:35:20:
         78:38:ca:ad:a0:a8:f9:73:e1:cf:81:ce:2b:09:d0:6e:38:56:
         fe:29:3e:c6:2f:0e:c3:5f:6f:d8:65:7e:8e:ca:9e:e5:8c:bb:
         e4:b5:9a:9d:8b:68:77:36:ad:06:0e:96:1a:95:54:f7:28:64:
         7e:cb:fb:2b:0c:5b:4d:cc:6d:9e:ac:a1:2c:0d:ed:9c:ca:9d:
         95:05:3d:e9:a9:42:16:25:af:80:82:87:71:34:0f:f2:de:c6:
         ca:0e:a6:86:b0:23:f5:b3:5e:e4:fa:13:56:1c:a4:a4:ee:1e:
         15:3c:b7:2b:3f:56:a0:45:53:6a:06:7b:99:67:57:aa:36:a7:
         5f:b7:52:7f:e1:36:cd:0e:6b:e9:83:d1:3c:09:9c:3f:0c:c3:
         24:20:ba:aa:be:98:63:a7:1c:6d:19:0a:65:f9:ee:25:2a:de:
         ba:56:ff:9a:c7:69:47:01:7a:7f:2a:54:1c:76:f2:0d:27:14:
         9f:8b:9a:f9:3e:b2:bc:74:57:d0:7e:79:ca:6d:c3:0d:76:d0:
         5f:27:2e:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7m8MNLlbUzc/Hr9riPKxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUwODA1MTkwMTAyWhcNMjUwODA2MTkwMTAyWjAzMTEwLwYDVQQD
Eyg2NGU0Y2YzYjk0NzFiNWY5ODgyOGUwNjkyOGMyYzMzNjMwZDkzMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzRYAStgEVaZ1oq62r2eb6zgp+vK
q7kZmu1eiYpNM52fNK+2RG/vH5kbJO0KtMvW7msC4peytCrVvy7TZM5QASvtb17p
wXO1VRvccypjVzj4rZB2ASsL/kXTUA6qMYmqVvWDLoF/WHLWTdcOBczlAiBsBvRc
RM6EgCDwN2wVuDBbzPvs9sOUSl5YzptXSrHo/409bMeM6y0gMhhAMXvHShgFd/5B
EqwpZAY0ONfqGh8hMfwRJQTVW1bd6ZIwpz6p5cXI1L5OlESTJ+nVe98bFMSDsT62
YPsweC87KD1OT8tV0iLG9Hf+EG0PoB5z9ciGLsutUFTQaqhKObXmk4zk2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTkzzuUcbX5iCjgaSjCwzYw2TObMB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnDPD+Ben
nLmHdAakANRZLElK9bcQWtuJc8uRbzglNt6fwHRBLC2XC4+tSqJn0on4J11zKjUg
eDjKraCo+XPhz4HOKwnQbjhW/ik+xi8Ow19v2GV+jsqe5Yy75LWanYtodzatBg6W
GpVU9yhkfsv7KwxbTcxtnqyhLA3tnMqdlQU96alCFiWvgIKHcTQP8t7Gyg6mhrAj
9bNe5PoTVhykpO4eFTy3Kz9WoEVTagZ7mWdXqjanX7dSf+E2zQ5r6YPRPAmcPwzD
JCC6qr6YY6ccbRkKZfnuJSreulb/msdpRwF6fypUHHbyDScUn4ua+T6yvHRX0H55
ym3DDXbQXycuGQ==
-----END CERTIFICATE-----