Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          J0FThirES5r2Ox6B9dlPBPrf+TNOXrsdALjQMigAHFw=
Subject key identifier:   21:1E:20:1D:C3:E8:80:49:15:21:F0:1E:1F:EA:24:E9:71:2B:F2:42
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       019874F4BD17347CD0AA1F37066BB0582846
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          044A
Signing time:             Mon 04 Aug 2025 12:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 12:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 12:00:52 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: Y04nzfCN6ymHnpllLZUUndJzD9DJibmIqSZ1wPBu0ec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:f4:bd:17:34:7c:d0:aa:1f:37:06:6b:b0:58:28:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Aug  4 12:00:52 2025 GMT
            Not After : Aug  5 12:00:52 2025 GMT
        Subject: CN=211e201dc3e880491521f01e1fea24e9712bf242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:76:81:5e:47:c6:f4:e9:80:87:ba:56:b2:a3:
                    6b:32:c2:a3:33:fb:7a:dd:63:05:62:8d:ae:5f:e7:
                    bc:ac:61:66:d9:e9:b0:65:d6:74:3b:a9:56:36:17:
                    ac:1c:45:6f:f4:94:30:5e:af:13:65:b8:1e:91:24:
                    22:a7:7c:34:87:4a:2a:f8:ae:00:a3:f9:3d:64:8a:
                    4b:88:d4:85:bc:1a:30:fe:95:47:87:8f:59:da:71:
                    14:2f:db:95:36:d0:ad:5a:8f:69:88:2a:40:c2:b6:
                    bb:c6:9d:b4:a3:76:b3:84:4a:c5:f6:fd:85:95:82:
                    00:11:ae:4a:00:9a:e9:39:b9:f5:e4:18:04:cc:66:
                    13:72:5a:7a:54:68:17:6f:7c:9f:cd:4c:f9:e8:71:
                    a8:0e:de:00:ba:98:47:6b:f8:fc:06:5e:5b:5b:35:
                    50:82:95:69:09:3e:03:f5:8f:aa:34:dc:04:ca:41:
                    fc:00:ed:c7:88:33:42:2e:3c:24:34:58:39:45:56:
                    47:fc:fa:e3:7f:50:33:01:0a:7a:34:a2:c6:d6:cd:
                    e2:13:44:0f:1e:78:ca:e3:3e:cb:0c:67:37:ff:b8:
                    39:15:7c:50:27:32:4f:9c:d1:b2:47:bb:5c:3b:3e:
                    0e:bc:bf:84:52:e5:3c:8e:bb:cc:1b:c0:a2:99:59:
                    b9:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:1E:20:1D:C3:E8:80:49:15:21:F0:1E:1F:EA:24:E9:71:2B:F2:42
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:0c:53:99:e3:f3:2b:47:fc:72:1f:e4:8b:c5:07:06:a6:c3:
         4e:79:2b:1b:77:8a:42:fc:78:62:57:27:27:97:c2:2b:04:d5:
         c7:ca:f7:43:ab:08:7f:00:f2:1e:de:8a:ce:33:ec:c2:a6:7f:
         41:e9:4f:92:c5:67:27:de:ce:1b:62:af:9a:65:0c:49:8b:f6:
         75:10:fa:21:e0:b7:dd:f5:f8:5f:43:d9:c4:7c:ff:66:7c:78:
         ae:a2:e1:fa:49:d3:f0:dc:5b:3a:bb:50:3d:e0:7e:eb:ab:d0:
         b9:19:75:db:7f:d9:07:47:a0:b0:68:09:58:95:c4:ec:d5:af:
         66:0c:7e:f8:f5:48:c0:7d:05:cd:30:41:a4:a4:ec:b2:ca:2c:
         bb:be:f2:ad:a2:1c:98:e3:9d:08:b4:a9:92:85:16:77:b4:fd:
         51:7b:70:64:94:e0:02:01:db:0c:86:7c:76:fd:05:5d:90:e3:
         16:ab:9f:e8:83:a8:62:7a:a3:77:b5:c6:32:02:d0:a3:61:3a:
         ce:bb:21:cd:6f:45:ec:5a:14:3f:44:8a:f0:d3:c5:f1:52:5f:
         7d:25:9a:3a:6a:ab:75:1f:dc:2e:e4:3a:9b:c6:4b:30:93:c6:
         b0:9f:80:b3:31:5a:0f:49:6e:0f:7d:7c:0e:eb:dc:3a:dc:26:
         9f:0a:99:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09L0XNHzQqh83BmuwWChGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwODA0MTIwMDUyWhcNMjUwODA1MTIwMDUyWjAzMTEwLwYDVQQD
EygyMTFlMjAxZGMzZTg4MDQ5MTUyMWYwMWUxZmVhMjRlOTcxMmJmMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnaBXkfG9OmAh7pWsqNrMsKjM/t6
3WMFYo2uX+e8rGFm2emwZdZ0O6lWNhesHEVv9JQwXq8TZbgekSQip3w0h0oq+K4A
o/k9ZIpLiNSFvBow/pVHh49Z2nEUL9uVNtCtWo9piCpAwra7xp20o3azhErF9v2F
lYIAEa5KAJrpObn15BgEzGYTclp6VGgXb3yfzUz56HGoDt4AuphHa/j8Bl5bWzVQ
gpVpCT4D9Y+qNNwEykH8AO3HiDNCLjwkNFg5RVZH/Prjf1AzAQp6NKLG1s3iE0QP
HnjK4z7LDGc3/7g5FXxQJzJPnNGyR7tcOz4OvL+EUuU8jrvMG8CimVm5MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEeIB3D6IBJFSHwHh/qJOlxK/JCMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQgxTmePz
K0f8ch/ki8UHBqbDTnkrG3eKQvx4YlcnJ5fCKwTVx8r3Q6sIfwDyHt6KzjPswqZ/
QelPksVnJ97OG2KvmmUMSYv2dRD6IeC33fX4X0PZxHz/Znx4rqLh+knT8NxbOrtQ
PeB+66vQuRl123/ZB0egsGgJWJXE7NWvZgx++PVIwH0FzTBBpKTsssosu77yraIc
mOOdCLSpkoUWd7T9UXtwZJTgAgHbDIZ8dv0FXZDjFquf6IOoYnqjd7XGMgLQo2E6
zrshzW9F7FoUP0SK8NPF8VJffSWaOmqrdR/cLuQ6m8ZLMJPGsJ+AszFaD0luD318
DuvcOtwmnwqZAw==
-----END CERTIFICATE-----