Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          SOKYRPP0PmIYNfLkgr7KgT03sfHitD8QpeuJqCgqD48=
Subject key identifier:   58:F5:F7:41:C3:8C:9E:1E:75:F9:05:01:7B:45:70:EA:7A:63:32:84
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019897B7B45F8980A9D6FF436AF599229D0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          05AB
Signing time:             Mon 11 Aug 2025 06:00:55 +0000
Manifest this update:     Mon 11 Aug 2025 06:00:55 +0000
Manifest next update:     Tue 12 Aug 2025 06:00:55 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: Aps6pb8jQfvcOvjNR4KkF90lFMHmUC7SXvQbM/PuRIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:b7:b4:5f:89:80:a9:d6:ff:43:6a:f5:99:22:9d:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Aug 11 06:00:55 2025 GMT
            Not After : Aug 12 06:00:55 2025 GMT
        Subject: CN=58f5f741c38c9e1e75f905017b4570ea7a633284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b5:c6:6f:f7:3d:0d:a6:16:19:cf:64:3b:6b:
                    a3:bd:25:f6:8d:68:9e:d2:be:b9:a2:70:e0:cf:29:
                    3c:40:d8:6e:d3:6b:85:cd:cd:a1:10:eb:0e:4c:08:
                    37:3f:1d:da:39:24:54:5c:74:1c:21:5e:78:69:45:
                    42:b9:a0:1a:ee:5b:43:30:b7:de:85:0e:ee:d2:ee:
                    d3:6a:f5:b6:60:3b:ed:30:31:16:88:b1:de:d2:c5:
                    ac:70:c6:5d:fe:4f:21:31:bb:4e:c2:e2:10:54:80:
                    f1:16:35:c6:9a:b0:a8:14:54:6d:3a:28:7c:49:46:
                    90:05:92:3f:99:f0:af:13:49:68:24:79:39:67:11:
                    f1:b5:b1:a6:b7:63:e0:0c:3a:84:bc:96:83:44:64:
                    22:27:9a:ff:55:b6:b8:7d:65:f9:57:aa:9b:0a:2e:
                    21:9f:e0:84:e6:61:0f:65:fa:7b:28:58:0f:85:a3:
                    a3:1d:06:90:e1:64:c2:e3:23:a6:54:11:a5:fd:8d:
                    56:19:89:b8:15:ba:92:eb:bf:70:ed:c1:10:f4:ab:
                    e1:c3:59:46:fd:9d:36:75:76:bf:fe:6e:82:4b:08:
                    24:2e:44:74:65:85:da:52:9d:94:94:6c:34:22:c8:
                    1e:65:35:86:bb:88:83:cc:c6:c1:ce:8e:c0:b5:5b:
                    dd:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:F5:F7:41:C3:8C:9E:1E:75:F9:05:01:7B:45:70:EA:7A:63:32:84
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:02:94:44:95:35:09:e5:5c:fa:c8:fb:44:32:4f:db:a9:d1:
         90:a1:09:cd:3e:67:bc:d3:f2:08:f1:ca:54:c4:08:61:b7:7f:
         fe:0f:38:dd:f1:fd:2e:f1:d9:0b:34:a1:88:a2:ca:86:d0:df:
         1d:ef:f6:eb:d0:ee:a3:fe:9c:d5:65:ba:b2:48:74:fb:f4:d8:
         7b:1e:ac:b6:18:46:a0:64:8b:a3:90:cb:59:0a:4f:59:40:28:
         9d:60:d1:95:c6:fe:ea:5a:c7:36:2e:78:5f:5c:43:aa:96:96:
         8d:a4:9a:7d:86:bc:fc:99:9a:d4:68:a1:4e:45:8f:d3:20:5f:
         49:5e:4a:f0:dd:f9:6a:74:e6:f0:14:94:aa:6d:44:ce:f6:95:
         d4:f3:7f:41:79:8b:2a:9d:5e:05:06:a3:47:a8:78:88:6a:c8:
         95:71:32:9e:a9:09:ae:4e:7b:d6:22:a6:a9:68:0d:aa:87:bb:
         8f:07:d2:95:4d:ce:ee:4e:ac:9a:dc:36:8a:e9:07:74:35:cd:
         50:6f:f3:51:3f:77:d5:9c:db:25:57:42:34:15:13:06:c4:68:
         f3:00:3a:b5:8b:f2:de:d7:5d:c4:02:48:1b:d9:7e:93:20:35:
         21:4d:2b:3b:44:07:78:92:57:be:58:ff:ee:20:3b:77:59:a3:
         81:db:ce:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXt7RfiYCp1v9DavWZIp0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwODExMDYwMDU1WhcNMjUwODEyMDYwMDU1WjAzMTEwLwYDVQQD
Eyg1OGY1Zjc0MWMzOGM5ZTFlNzVmOTA1MDE3YjQ1NzBlYTdhNjMzMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLXGb/c9DaYWGc9kO2ujvSX2jWie
0r65onDgzyk8QNhu02uFzc2hEOsOTAg3Px3aOSRUXHQcIV54aUVCuaAa7ltDMLfe
hQ7u0u7TavW2YDvtMDEWiLHe0sWscMZd/k8hMbtOwuIQVIDxFjXGmrCoFFRtOih8
SUaQBZI/mfCvE0loJHk5ZxHxtbGmt2PgDDqEvJaDRGQiJ5r/Vba4fWX5V6qbCi4h
n+CE5mEPZfp7KFgPhaOjHQaQ4WTC4yOmVBGl/Y1WGYm4FbqS679w7cEQ9Kvhw1lG
/Z02dXa//m6CSwgkLkR0ZYXaUp2UlGw0IsgeZTWGu4iDzMbBzo7AtVvdjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFj190HDjJ4edfkFAXtFcOp6YzKEMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYAKURJU1
CeVc+sj7RDJP26nRkKEJzT5nvNPyCPHKVMQIYbd//g843fH9LvHZCzShiKLKhtDf
He/269Duo/6c1WW6skh0+/TYex6sthhGoGSLo5DLWQpPWUAonWDRlcb+6lrHNi54
X1xDqpaWjaSafYa8/Jma1GihTkWP0yBfSV5K8N35anTm8BSUqm1EzvaV1PN/QXmL
Kp1eBQajR6h4iGrIlXEynqkJrk571iKmqWgNqoe7jwfSlU3O7k6smtw2iukHdDXN
UG/zUT931ZzbJVdCNBUTBsRo8wA6tYvy3tddxAJIG9l+kyA1IU0rO0QHeJJXvlj/
7iA7d1mjgdvOGw==
-----END CERTIFICATE-----