Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          laAnbABnhKfhO404vmVbLgFfWFBt7lSRt/fny7efXZY=
Subject key identifier:   C4:4F:0C:CB:7E:D0:F2:7E:48:96:3B:90:EC:F5:49:A0:AC:D0:95:5F
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       01976C62245C0606BAFE39B23D4BB6F9181B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          0510
Signing time:             Sat 14 Jun 2025 03:01:00 +0000
Manifest this update:     Sat 14 Jun 2025 03:01:00 +0000
Manifest next update:     Sun 15 Jun 2025 03:01:00 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: WwE3SyjOJ8zyvyB+w8Rhx81nwrIhanrzLDK002j7XZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:62:24:5c:06:06:ba:fe:39:b2:3d:4b:b6:f9:18:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Jun 14 03:01:00 2025 GMT
            Not After : Jun 15 03:01:00 2025 GMT
        Subject: CN=c44f0ccb7ed0f27e48963b90ecf549a0acd0955f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:91:26:c2:7d:e6:30:17:ba:a3:17:0c:a3:44:
                    7b:35:3a:83:35:30:6f:5a:44:e9:cd:d9:52:f5:82:
                    38:24:36:59:68:99:80:4f:ab:5c:d5:1f:95:73:4f:
                    69:a4:f1:65:43:5e:32:0a:81:54:55:d8:0e:01:a4:
                    9e:9a:52:de:89:d7:05:4c:d7:20:8e:19:9f:57:3a:
                    ab:36:ed:2c:2f:2f:7c:d0:fd:54:58:e2:1c:cd:48:
                    14:27:f8:64:b4:01:d9:2b:29:fe:22:39:64:ef:77:
                    b9:29:b1:c1:08:63:14:ac:1d:f6:37:39:66:de:2b:
                    76:52:98:2b:bc:d9:24:ca:00:62:36:a2:77:47:42:
                    31:85:8f:76:4f:d2:3d:8f:2b:7c:24:22:75:f7:49:
                    d8:f8:9e:5d:cf:3b:e9:7d:79:a9:72:22:ac:06:9b:
                    94:55:6a:19:be:75:a5:b6:4e:17:b4:36:24:c6:67:
                    9c:fb:26:75:da:78:48:c8:fb:63:51:89:01:b8:4a:
                    26:3b:f0:5f:1e:d6:f3:2a:b9:16:af:61:b7:78:ec:
                    3d:da:53:63:eb:69:8a:42:51:8b:14:8a:23:6e:ff:
                    14:4f:cb:55:26:bb:fa:3e:3d:ff:b1:a7:87:98:ee:
                    95:7e:75:7f:c4:3d:cb:79:7f:21:46:12:b3:4c:0d:
                    fd:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:4F:0C:CB:7E:D0:F2:7E:48:96:3B:90:EC:F5:49:A0:AC:D0:95:5F
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:37:24:7f:3e:df:97:02:02:15:44:b8:a9:25:08:6e:36:0b:
         71:32:0b:55:65:cd:68:e3:c7:74:f6:3c:b5:d9:c5:89:0d:57:
         2b:8f:32:25:4c:60:30:4c:98:b2:39:c2:4d:0f:a0:9c:3b:6e:
         2d:c2:f1:a0:5a:59:ec:21:0a:48:49:67:8b:2e:ff:05:25:47:
         ba:5a:50:6f:fd:53:61:c9:14:34:4f:64:e8:82:bd:72:15:a9:
         ae:c0:79:ee:e9:39:39:08:df:29:32:80:0e:9b:67:69:f7:00:
         65:ff:15:03:dd:7a:9c:c4:21:51:79:22:7a:ec:f3:2a:13:34:
         b1:85:b9:4a:15:92:81:8d:b3:50:f6:04:61:dd:12:73:90:11:
         32:e2:ab:7a:d7:e0:43:51:f2:b0:cc:61:84:f8:8e:6d:aa:92:
         17:d4:5e:d4:e8:40:a6:29:ba:d0:b2:62:02:a1:59:c7:3c:50:
         75:cc:c3:86:c9:64:40:05:40:c0:02:b6:b8:2a:44:4a:97:43:
         e7:01:0c:32:59:1c:32:44:c4:44:17:b1:dc:20:4a:5f:94:08:
         32:33:aa:7c:0a:09:16:2d:3c:a3:7c:79:ff:f7:85:bc:21:de:
         6c:fb:67:cf:18:04:66:d1:7d:0f:2b:89:a6:e9:cf:e2:83:ee:
         6b:a9:7c:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsYiRcBga6/jmyPUu2+RgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwNjE0MDMwMTAwWhcNMjUwNjE1MDMwMTAwWjAzMTEwLwYDVQQD
EyhjNDRmMGNjYjdlZDBmMjdlNDg5NjNiOTBlY2Y1NDlhMGFjZDA5NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJEmwn3mMBe6oxcMo0R7NTqDNTBv
WkTpzdlS9YI4JDZZaJmAT6tc1R+Vc09ppPFlQ14yCoFUVdgOAaSemlLeidcFTNcg
jhmfVzqrNu0sLy980P1UWOIczUgUJ/hktAHZKyn+Ijlk73e5KbHBCGMUrB32Nzlm
3it2UpgrvNkkygBiNqJ3R0IxhY92T9I9jyt8JCJ190nY+J5dzzvpfXmpciKsBpuU
VWoZvnWltk4XtDYkxmec+yZ12nhIyPtjUYkBuEomO/BfHtbzKrkWr2G3eOw92lNj
62mKQlGLFIojbv8UT8tVJrv6Pj3/saeHmO6VfnV/xD3LeX8hRhKzTA39uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRPDMt+0PJ+SJY7kOz1SaCs0JVfMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzckfz7f
lwICFUS4qSUIbjYLcTILVWXNaOPHdPY8tdnFiQ1XK48yJUxgMEyYsjnCTQ+gnDtu
LcLxoFpZ7CEKSElniy7/BSVHulpQb/1TYckUNE9k6IK9chWprsB57uk5OQjfKTKA
DptnafcAZf8VA916nMQhUXkieuzzKhM0sYW5ShWSgY2zUPYEYd0Sc5ARMuKretfg
Q1HysMxhhPiObaqSF9Re1OhApim60LJiAqFZxzxQdczDhslkQAVAwAK2uCpESpdD
5wEMMlkcMkTERBex3CBKX5QIMjOqfAoJFi08o3x5//eFvCHebPtnzxgEZtF9DyuJ
punP4oPua6l8zQ==
-----END CERTIFICATE-----