Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          E1g78YBhjcP9hjRbMlcnRKg/mKAI8uRbht2y3pIt05s=
Subject key identifier:   F7:B3:87:7C:96:7B:10:2E:08:B8:6A:9A:34:FF:0D:60:4B:9F:BB:55
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       0197B77C006ED7DE7DB76B7AD1F01FCB935A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          04B2
Signing time:             Sat 28 Jun 2025 17:00:46 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:46 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:46 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: bpnpGj7kXJ9+SrvNZvoqNZ55QJlJQ/TJofB4o3G2Omg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:00:6e:d7:de:7d:b7:6b:7a:d1:f0:1f:cb:93:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Jun 28 17:00:46 2025 GMT
            Not After : Jun 29 17:00:46 2025 GMT
        Subject: CN=f7b3877c967b102e08b86a9a34ff0d604b9fbb55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:82:02:70:5b:9e:ec:16:5e:b6:1a:2d:cb:2d:
                    2b:53:79:24:a9:ca:76:43:9f:0b:1f:27:8b:57:99:
                    ba:1b:7a:75:b8:ab:91:9b:fc:1d:b2:7a:fd:23:f7:
                    a5:10:46:2f:8b:4b:73:43:1a:60:4b:1d:7f:44:ae:
                    00:4e:e2:42:03:37:6c:de:ba:b6:38:bb:b6:79:a3:
                    85:92:b8:0e:bc:9e:81:7f:d8:39:03:ed:73:46:e8:
                    e9:25:df:ae:01:a7:2d:e0:4b:99:38:47:0c:b2:f1:
                    93:82:b4:d4:86:2c:69:a9:57:57:eb:3b:8b:a9:6e:
                    e5:e7:4d:b0:6a:86:27:61:0e:1c:d5:30:25:ae:04:
                    03:5e:9e:6b:4e:66:8e:e1:6d:93:3e:53:47:b5:6b:
                    d1:0e:dd:33:12:aa:7f:97:d5:4a:40:1e:12:5d:ed:
                    3d:20:6c:20:75:c0:d9:ca:9a:54:0b:9f:d6:f1:5f:
                    66:7e:64:7d:fd:80:34:b0:42:0d:1a:a7:05:c5:bf:
                    5c:4f:53:fa:2f:48:c4:30:fe:7c:81:2f:f3:d6:70:
                    94:c9:cd:cc:43:b1:a4:11:24:8d:1f:42:33:68:d6:
                    f9:3b:54:7e:10:d3:99:4b:7f:1b:4a:4a:d7:cf:a7:
                    b3:e9:37:01:e3:df:e8:c2:9f:80:4f:17:35:98:2c:
                    a9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:B3:87:7C:96:7B:10:2E:08:B8:6A:9A:34:FF:0D:60:4B:9F:BB:55
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:a7:69:95:af:21:c2:eb:1c:f8:22:0a:66:eb:ff:0c:b3:cc:
         90:82:7a:4b:80:dd:97:70:f5:f6:c7:24:9b:70:1d:c9:b3:ee:
         bf:9d:28:7a:b0:03:4d:59:a2:08:ce:bd:60:0e:4e:a0:1f:06:
         93:5f:c5:0d:72:7b:77:e8:4e:19:37:58:c7:8c:ee:48:1d:e9:
         e5:61:66:54:42:b1:32:1d:ab:4a:d4:a3:fc:ca:9d:30:ba:08:
         b1:71:0d:7f:bb:f6:35:3b:f5:b3:fb:b7:4c:e7:87:6e:47:44:
         b2:fb:0c:c4:1b:9b:30:2d:47:8b:10:72:cc:c7:29:6b:84:1c:
         95:80:b0:92:e9:b0:9f:81:4d:19:6a:c3:8f:f8:ce:58:01:6f:
         b7:b9:16:8f:ec:2b:0d:43:d7:7b:49:4f:0e:4e:d9:99:a6:fe:
         6b:ab:47:b4:84:76:9a:d5:b9:b8:b2:f9:5c:5f:fd:49:ee:5e:
         e6:96:b5:d8:97:86:52:fa:06:25:b6:99:c6:6e:73:12:10:d1:
         68:c1:ae:e7:8a:f1:22:cc:23:eb:15:3b:b3:dc:71:9e:86:e6:
         6a:22:97:ee:75:88:c1:66:c4:39:65:ed:22:7a:36:95:20:d4:
         65:a4:0f:48:c6:5a:8d:41:ad:11:51:88:1a:c4:1e:45:df:37:
         ad:47:4a:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fABu1959t2t60fAfy5NaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwNjI4MTcwMDQ2WhcNMjUwNjI5MTcwMDQ2WjAzMTEwLwYDVQQD
EyhmN2IzODc3Yzk2N2IxMDJlMDhiODZhOWEzNGZmMGQ2MDRiOWZiYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoICcFue7BZethotyy0rU3kkqcp2
Q58LHyeLV5m6G3p1uKuRm/wdsnr9I/elEEYvi0tzQxpgSx1/RK4ATuJCAzds3rq2
OLu2eaOFkrgOvJ6Bf9g5A+1zRujpJd+uAact4EuZOEcMsvGTgrTUhixpqVdX6zuL
qW7l502waoYnYQ4c1TAlrgQDXp5rTmaO4W2TPlNHtWvRDt0zEqp/l9VKQB4SXe09
IGwgdcDZyppUC5/W8V9mfmR9/YA0sEINGqcFxb9cT1P6L0jEMP58gS/z1nCUyc3M
Q7GkESSNH0IzaNb5O1R+ENOZS38bSkrXz6ez6TcB49/owp+ATxc1mCypFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPezh3yWexAuCLhqmjT/DWBLn7tVMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIadpla8h
wusc+CIKZuv/DLPMkIJ6S4Ddl3D19sckm3AdybPuv50oerADTVmiCM69YA5OoB8G
k1/FDXJ7d+hOGTdYx4zuSB3p5WFmVEKxMh2rStSj/MqdMLoIsXENf7v2NTv1s/u3
TOeHbkdEsvsMxBubMC1HixByzMcpa4QclYCwkumwn4FNGWrDj/jOWAFvt7kWj+wr
DUPXe0lPDk7Zmab+a6tHtIR2mtW5uLL5XF/9Se5e5pa12JeGUvoGJbaZxm5zEhDR
aMGu54rxIswj6xU7s9xxnobmaiKX7nWIwWbEOWXtIno2lSDUZaQPSMZajUGtEVGI
GsQeRd83rUdKlA==
-----END CERTIFICATE-----