Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          DHD3fU+PuZ8PVbU0ESAwRX6pcNRN+j2UGKGep6laHnA=
Subject key identifier:   54:30:4F:01:DA:37:BF:19:90:55:D6:36:83:E4:24:09:5A:5C:BA:BC
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       019A4E18A485DEE659DD53BDB1624804D095
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          053F
Signing time:             Tue 04 Nov 2025 09:00:28 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:28 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:28 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: S3IRocP2ZHCzBiAjaNVXYPOKBLhvsVtMJRIRK85UYuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:a4:85:de:e6:59:dd:53:bd:b1:62:48:04:d0:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Nov  4 09:00:28 2025 GMT
            Not After : Nov  5 09:00:28 2025 GMT
        Subject: CN=54304f01da37bf199055d63683e424095a5cbabc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f4:86:19:fb:4f:8c:c6:98:68:21:30:8e:82:
                    a4:7c:53:17:da:bb:4c:97:5c:13:79:05:bc:84:c4:
                    90:8e:7f:40:50:0f:20:f2:32:39:b2:7b:59:46:59:
                    5b:96:bd:57:5e:56:32:59:24:98:10:07:e1:e3:96:
                    8c:35:62:9b:74:b2:0b:c8:de:9b:3d:b0:88:a3:bb:
                    e4:fa:f8:98:fe:f1:d7:ab:ba:72:98:e3:08:ef:e9:
                    84:4c:f4:84:a9:16:f2:be:43:61:11:cd:dc:17:46:
                    87:ce:48:09:4f:cb:b9:b4:4b:ed:39:5a:d6:cd:6b:
                    bc:ad:6e:4e:e3:14:45:65:8b:3a:d6:f2:58:2d:0f:
                    6c:7e:7d:d3:73:10:8c:e4:b6:88:c5:ca:42:59:2c:
                    14:1c:74:d9:03:39:47:78:fe:e0:40:1f:a3:48:78:
                    e2:18:09:e3:a2:d7:19:62:39:bc:37:cd:c1:86:17:
                    f5:69:46:99:c7:96:b6:2f:41:aa:3a:39:f6:8b:cd:
                    48:cd:5d:28:d2:18:69:c8:91:fd:6d:d1:b1:db:94:
                    59:39:97:bd:92:71:ba:f5:04:cb:18:01:9f:ec:98:
                    37:5c:40:03:5b:5e:b5:49:35:fa:c7:95:f7:98:14:
                    0b:c4:e1:c5:54:d4:76:8e:a9:38:90:2f:4d:fb:91:
                    24:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:30:4F:01:DA:37:BF:19:90:55:D6:36:83:E4:24:09:5A:5C:BA:BC
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:48:c6:04:18:fa:48:4e:c7:45:0a:e2:8a:ba:c1:ad:10:4c:
         c1:e4:4b:ee:eb:ba:86:45:6a:d8:e3:ba:f3:b3:38:87:5e:2a:
         05:b6:6e:66:ff:5b:b7:d6:95:ca:48:71:4e:5d:62:fa:49:7a:
         27:35:02:07:9d:a4:6e:e5:8c:64:f6:9a:fa:a5:12:35:85:49:
         ec:cd:cc:47:64:3f:12:4e:88:35:f2:44:09:5f:f2:4e:55:d0:
         21:34:4e:b5:61:8b:b4:e4:88:43:ea:34:bf:51:92:09:d7:5e:
         d1:27:c3:88:7e:ab:8e:37:3c:ba:1b:9f:28:bc:0a:1b:02:28:
         2b:4c:e4:ba:fb:38:b5:26:73:18:79:9b:18:9e:70:c0:14:40:
         f5:c4:e6:e5:ea:4b:90:dd:ed:92:bb:fc:86:1f:3f:bd:86:a3:
         fc:7f:6f:51:3b:20:36:a3:af:d3:58:9e:d7:50:02:02:c4:cb:
         97:73:ea:66:e0:8c:57:bf:d2:63:a7:97:7a:91:43:08:4a:72:
         94:5e:01:11:03:2f:d4:05:ad:41:6b:7f:4b:65:34:7e:05:6a:
         1f:a9:aa:ac:9d:3d:d9:7a:75:d3:8d:7e:05:42:e1:a8:74:30:
         62:38:a7:8b:60:2a:a4:7e:65:f6:bb:49:0d:2e:60:31:cb:bf:
         5d:ca:81:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGKSF3uZZ3VO9sWJIBNCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUxMTA0MDkwMDI4WhcNMjUxMTA1MDkwMDI4WjAzMTEwLwYDVQQD
Eyg1NDMwNGYwMWRhMzdiZjE5OTA1NWQ2MzY4M2U0MjQwOTVhNWNiYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPSGGftPjMaYaCEwjoKkfFMX2rtM
l1wTeQW8hMSQjn9AUA8g8jI5sntZRllblr1XXlYyWSSYEAfh45aMNWKbdLILyN6b
PbCIo7vk+viY/vHXq7pymOMI7+mETPSEqRbyvkNhEc3cF0aHzkgJT8u5tEvtOVrW
zWu8rW5O4xRFZYs61vJYLQ9sfn3TcxCM5LaIxcpCWSwUHHTZAzlHeP7gQB+jSHji
GAnjotcZYjm8N83Bhhf1aUaZx5a2L0GqOjn2i81IzV0o0hhpyJH9bdGx25RZOZe9
knG69QTLGAGf7Jg3XEADW161STX6x5X3mBQLxOHFVNR2jqk4kC9N+5EksQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQwTwHaN78ZkFXWNoPkJAlaXLq8MB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo0jGBBj6
SE7HRQriirrBrRBMweRL7uu6hkVq2OO687M4h14qBbZuZv9bt9aVykhxTl1i+kl6
JzUCB52kbuWMZPaa+qUSNYVJ7M3MR2Q/Ek6INfJECV/yTlXQITROtWGLtOSIQ+o0
v1GSCdde0SfDiH6rjjc8uhufKLwKGwIoK0zkuvs4tSZzGHmbGJ5wwBRA9cTm5epL
kN3tkrv8hh8/vYaj/H9vUTsgNqOv01ie11ACAsTLl3PqZuCMV7/SY6eXepFDCEpy
lF4BEQMv1AWtQWt/S2U0fgVqH6mqrJ092Xp1041+BULhqHQwYjini2AqpH5l9rtJ
DS5gMcu/XcqBUQ==
-----END CERTIFICATE-----