Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          C90kJ9pt93Qu7U3hhvDwbra9dVhKcWuB84wzQyHhDq0=
Subject key identifier:   0D:A7:29:B1:95:52:18:F5:25:94:87:58:F4:21:5C:06:26:41:77:2D
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       01976E509DC0C108E0F9F41F403719534A91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          03C2
Signing time:             Sat 14 Jun 2025 12:01:06 +0000
Manifest this update:     Sat 14 Jun 2025 12:01:06 +0000
Manifest next update:     Sun 15 Jun 2025 12:01:06 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: xgC9hKzeiQu5y2idgrB5nyJsyapbWTeAS0xxtq8LP3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:50:9d:c0:c1:08:e0:f9:f4:1f:40:37:19:53:4a:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Jun 14 12:01:06 2025 GMT
            Not After : Jun 15 12:01:06 2025 GMT
        Subject: CN=0da729b1955218f525948758f4215c062641772d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ba:b8:1b:b0:d5:2e:55:22:9a:35:8b:dc:ab:
                    8a:c0:7c:3a:2e:90:e8:56:39:6d:2a:d0:66:99:c7:
                    47:03:85:96:d0:ba:dd:8b:f4:49:53:f7:3d:7d:31:
                    6d:d8:7f:08:d2:a5:19:37:60:ad:ef:a6:a9:f2:08:
                    59:f8:6a:96:2f:b1:2e:d0:24:06:b5:78:0b:82:13:
                    6c:4c:dd:4a:94:95:e2:98:55:66:c2:e4:d1:e3:c5:
                    04:fc:8e:2b:3c:ee:d7:f0:7b:dc:c1:db:33:ef:fe:
                    1c:0c:3a:62:33:b3:9f:d9:2e:67:f4:72:49:a7:52:
                    c0:7f:02:7b:b3:c8:dd:ae:b6:eb:5d:73:20:4b:40:
                    04:22:47:84:b6:a2:b5:89:9e:99:1b:c1:75:a2:d0:
                    73:71:59:10:2e:69:0b:30:7d:7d:1f:4e:d0:69:ff:
                    d1:a4:ae:2e:f5:7e:92:f8:e4:c6:19:e4:12:3b:5d:
                    4e:87:40:39:ff:11:9b:db:a8:20:ea:ef:62:12:c2:
                    ce:ab:00:ee:3b:3f:20:1d:c4:07:35:b9:a2:d1:1b:
                    2f:44:2c:a5:c6:b4:c3:a7:00:3d:fa:c1:fc:5f:0f:
                    27:c1:e2:99:e5:48:bc:12:dd:43:47:6f:f3:28:21:
                    d9:3d:4a:54:98:8e:e1:03:fd:e8:df:11:e7:b7:74:
                    a0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A7:29:B1:95:52:18:F5:25:94:87:58:F4:21:5C:06:26:41:77:2D
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:f9:71:b9:3b:78:38:29:ec:0f:7f:c6:d6:46:fc:6f:95:11:
         39:03:21:07:55:09:f2:06:20:be:26:03:e9:58:6e:33:7a:07:
         22:42:06:f1:b9:ad:16:aa:9c:ef:c9:5e:1b:01:c3:43:5d:b0:
         d3:87:4f:4c:67:51:79:b3:65:d0:1e:a7:ae:0e:74:19:08:0a:
         83:d5:2e:30:aa:6a:ad:79:1d:28:a7:3a:27:6e:17:30:76:5c:
         2d:68:43:2d:29:a0:7c:0e:99:f4:d4:35:1b:da:a8:37:df:c3:
         bc:4a:ec:cf:64:c6:07:11:15:65:1b:02:54:2f:82:41:f4:24:
         95:b6:92:0d:f9:aa:47:f1:d2:ee:03:e8:33:c5:1e:1d:d3:63:
         82:d2:4c:8f:69:d8:02:bd:76:3d:e6:57:7f:a8:88:fb:7c:b2:
         c0:24:26:13:e9:a7:9e:5d:20:6c:5d:45:f1:e6:c8:f1:a8:38:
         5f:9b:ce:51:72:95:d5:83:c0:6a:b4:8f:9b:f9:25:2d:62:30:
         2f:d9:43:a7:d0:5e:f7:3b:36:9c:6b:34:ad:0f:74:30:ab:61:
         07:ca:ae:2b:a8:4e:1d:10:f5:c1:63:de:ae:8b:4f:f1:53:05:
         b5:b0:45:34:93:d7:11:4c:c3:64:7b:f7:9c:17:f7:f2:92:8e:
         ef:e6:51:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUJ3AwQjg+fQfQDcZU0qRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwNjE0MTIwMTA2WhcNMjUwNjE1MTIwMTA2WjAzMTEwLwYDVQQD
EygwZGE3MjliMTk1NTIxOGY1MjU5NDg3NThmNDIxNWMwNjI2NDE3NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLq4G7DVLlUimjWL3KuKwHw6LpDo
VjltKtBmmcdHA4WW0Lrdi/RJU/c9fTFt2H8I0qUZN2Ct76ap8ghZ+GqWL7Eu0CQG
tXgLghNsTN1KlJXimFVmwuTR48UE/I4rPO7X8Hvcwdsz7/4cDDpiM7Of2S5n9HJJ
p1LAfwJ7s8jdrrbrXXMgS0AEIkeEtqK1iZ6ZG8F1otBzcVkQLmkLMH19H07Qaf/R
pK4u9X6S+OTGGeQSO11Oh0A5/xGb26gg6u9iEsLOqwDuOz8gHcQHNbmi0RsvRCyl
xrTDpwA9+sH8Xw8nweKZ5Ui8Et1DR2/zKCHZPUpUmI7hA/3o3xHnt3SgMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2nKbGVUhj1JZSHWPQhXAYmQXctMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsflxuTt4
OCnsD3/G1kb8b5UROQMhB1UJ8gYgviYD6VhuM3oHIkIG8bmtFqqc78leGwHDQ12w
04dPTGdRebNl0B6nrg50GQgKg9UuMKpqrXkdKKc6J24XMHZcLWhDLSmgfA6Z9NQ1
G9qoN9/DvErsz2TGBxEVZRsCVC+CQfQklbaSDfmqR/HS7gPoM8UeHdNjgtJMj2nY
Ar12PeZXf6iI+3yywCQmE+mnnl0gbF1F8ebI8ag4X5vOUXKV1YPAarSPm/klLWIw
L9lDp9Be9zs2nGs0rQ90MKthB8quK6hOHRD1wWPerotP8VMFtbBFNJPXEUzDZHv3
nBf38pKO7+ZR7g==
-----END CERTIFICATE-----