Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          BfZYYcnarUMC6KJ2ZfwWH7q84kuOh4FGZhXOJIbkjDI=
Subject key identifier:   F0:0E:75:9E:0A:38:17:1A:11:91:31:4C:48:8A:93:E5:24:35:1B:74
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       0196771EB61B21AF282CEA8F50E7DA306FF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          0491
Signing time:             Sun 27 Apr 2025 12:00:23 +0000
Manifest this update:     Sun 27 Apr 2025 12:00:23 +0000
Manifest next update:     Mon 28 Apr 2025 12:00:23 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: 9Xr8gtaz4Ai7XmwFV7wC6XagV2K0irfDnyaVxFHOT+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:1e:b6:1b:21:af:28:2c:ea:8f:50:e7:da:30:6f:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Apr 27 12:00:23 2025 GMT
            Not After : Apr 28 12:00:23 2025 GMT
        Subject: CN=f00e759e0a38171a1191314c488a93e524351b74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:df:1c:a4:53:c9:cd:ba:d6:24:db:e7:ed:0f:
                    bb:4e:0f:05:80:6f:01:ac:6e:0c:ed:1d:ad:6e:d0:
                    a7:be:4f:72:5c:cf:14:7b:cf:28:f2:98:d0:58:12:
                    93:e4:16:84:cf:e9:5c:3b:d3:1c:ab:fd:d7:0d:66:
                    88:4d:0b:f0:33:0a:42:4f:4a:61:cc:79:02:c9:ea:
                    4d:25:81:ca:60:b1:b5:59:47:c5:48:43:9a:20:aa:
                    e5:7f:ba:c7:4d:ee:3b:f0:71:e1:ba:8e:e3:86:2a:
                    f7:9a:8f:4e:c8:39:fd:78:3a:43:06:89:7d:24:cc:
                    fd:79:49:a2:44:a4:5e:85:6a:66:50:c5:e2:a9:77:
                    4f:5f:d8:98:57:96:be:64:91:37:ad:b5:9f:91:10:
                    d0:44:2c:92:55:ab:7c:6b:8d:52:88:8a:29:a7:e7:
                    28:8d:f5:6e:80:f8:1f:c0:eb:71:03:4e:ad:14:c3:
                    45:c6:af:09:08:f5:e9:37:2c:55:87:11:3f:09:25:
                    01:35:2a:f6:cb:01:5c:a5:6c:0f:f7:7a:cd:57:9f:
                    13:55:04:07:0a:91:fb:ff:78:49:08:70:e8:e0:ca:
                    d6:a5:b9:54:6e:b7:02:05:ee:ee:86:d8:23:cf:f6:
                    40:fb:27:a5:02:42:0d:46:ec:be:a7:44:f9:b1:b7:
                    91:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:0E:75:9E:0A:38:17:1A:11:91:31:4C:48:8A:93:E5:24:35:1B:74
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:60:14:ff:d9:58:f3:e7:1e:72:fe:a3:4d:9e:77:4f:67:71:
         cf:22:cc:91:e9:61:13:83:e6:ef:81:da:2a:4c:2e:9c:22:1e:
         90:de:37:8f:0a:74:6e:98:0a:7e:07:e9:23:dd:c5:b3:39:90:
         64:6c:de:45:41:7d:35:e8:47:ef:4d:9a:3d:e2:c3:aa:6c:44:
         82:33:55:ad:a6:86:d5:01:76:54:93:0c:25:69:47:5d:35:eb:
         db:11:f2:79:64:0c:1c:6d:e6:35:61:fa:d7:94:01:f6:36:50:
         fa:69:ed:3c:8d:be:39:1f:4d:47:78:a6:82:4d:c0:71:72:bb:
         16:d9:f9:98:fe:05:63:aa:4a:ad:29:1e:57:66:5c:7f:b6:48:
         0f:fc:5a:5c:c2:f1:1e:33:9a:c9:e7:3b:97:c3:39:16:11:bb:
         ac:f9:19:1d:9a:ca:a3:db:03:d2:dd:44:2a:eb:80:61:41:0b:
         1c:d8:af:1f:eb:45:c1:ff:59:c2:08:5e:cb:16:44:7c:0d:67:
         90:af:98:a9:77:7f:7b:f1:b0:54:88:27:71:ae:76:36:b5:ed:
         b0:f4:a9:5f:74:5c:1e:6b:bf:62:e9:11:3a:f4:30:67:91:90:
         32:7e:f0:ce:3e:95:53:3a:11:07:9c:23:61:ed:74:73:fb:0e:
         94:8d:05:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3HrYbIa8oLOqPUOfaMG/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwNDI3MTIwMDIzWhcNMjUwNDI4MTIwMDIzWjAzMTEwLwYDVQQD
EyhmMDBlNzU5ZTBhMzgxNzFhMTE5MTMxNGM0ODhhOTNlNTI0MzUxYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt8cpFPJzbrWJNvn7Q+7Tg8FgG8B
rG4M7R2tbtCnvk9yXM8Ue88o8pjQWBKT5BaEz+lcO9Mcq/3XDWaITQvwMwpCT0ph
zHkCyepNJYHKYLG1WUfFSEOaIKrlf7rHTe478HHhuo7jhir3mo9OyDn9eDpDBol9
JMz9eUmiRKRehWpmUMXiqXdPX9iYV5a+ZJE3rbWfkRDQRCySVat8a41SiIopp+co
jfVugPgfwOtxA06tFMNFxq8JCPXpNyxVhxE/CSUBNSr2ywFcpWwP93rNV58TVQQH
CpH7/3hJCHDo4MrWpblUbrcCBe7uhtgjz/ZA+yelAkINRuy+p0T5sbeRswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPAOdZ4KOBcaEZExTEiKk+UkNRt0MB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgGAU/9lY
8+cecv6jTZ53T2dxzyLMkelhE4Pm74HaKkwunCIekN43jwp0bpgKfgfpI93FszmQ
ZGzeRUF9NehH702aPeLDqmxEgjNVraaG1QF2VJMMJWlHXTXr2xHyeWQMHG3mNWH6
15QB9jZQ+mntPI2+OR9NR3imgk3AcXK7Ftn5mP4FY6pKrSkeV2Zcf7ZID/xaXMLx
HjOayec7l8M5FhG7rPkZHZrKo9sD0t1EKuuAYUELHNivH+tFwf9ZwgheyxZEfA1n
kK+YqXd/e/GwVIgnca52NrXtsPSpX3RcHmu/YukROvQwZ5GQMn7wzj6VUzoRB5wj
Ye10c/sOlI0FFw==
-----END CERTIFICATE-----