Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
File:                     OFYFj7mk9--XizgCGuFSwk6_zkA.mft (raw, json)
Hash identifier:          CO59veZziAtw8WYiG86e3L+QG0sA/vl0KKXujOYbyXU=
Subject key identifier:   9F:D7:A0:EB:D0:3F:C3:D9:3B:CC:BC:2F:3D:2E:9B:D8:C7:27:D9:8C
Authority key identifier: 38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40
Certificate issuer:       /CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
Certificate serial:       0197B6D75478830DD478598E3914DED75808
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
Manifest number:          02BB
Signing time:             Sat 28 Jun 2025 14:00:54 +0000
Manifest this update:     Sat 28 Jun 2025 14:00:54 +0000
Manifest next update:     Sun 29 Jun 2025 14:00:54 +0000
Files and hashes:         1: OFYFj7mk9--XizgCGuFSwk6_zkA.crl (hash: XXpDqrLbKaiPl+JlqlSuoFvlZEn9Mpl2V3d/pudwSlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:54:78:83:0d:d4:78:59:8e:39:14:de:d7:58:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
        Validity
            Not Before: Jun 28 14:00:54 2025 GMT
            Not After : Jun 29 14:00:54 2025 GMT
        Subject: CN=9fd7a0ebd03fc3d93bccbc2f3d2e9bd8c727d98c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:44:66:fc:7a:49:ea:2f:e4:53:3a:9d:d4:40:
                    ac:cd:47:76:a7:ae:83:27:c0:67:35:07:f9:ad:27:
                    d8:01:ba:48:34:ed:44:2e:a0:e3:63:13:47:85:f4:
                    b4:72:24:17:ad:c1:f0:ab:0a:de:50:06:25:ad:65:
                    e9:46:dd:3d:d8:a3:2b:b7:c5:a3:75:56:c8:d7:82:
                    b5:3e:1d:5f:88:85:55:c8:ae:e4:29:75:76:f6:49:
                    20:cb:19:dc:a0:9d:43:ac:c6:c4:a5:f8:4d:d2:94:
                    b2:88:61:32:fe:55:a1:9c:62:10:52:3c:24:5e:80:
                    46:1f:6a:2c:8a:11:ec:a8:12:f8:e5:30:76:55:95:
                    ed:48:9a:7d:84:b0:55:f3:25:f2:50:af:ab:8c:db:
                    4d:06:fc:4f:aa:6c:6f:04:07:a6:2f:e9:46:41:af:
                    f0:3a:53:d3:9a:d8:47:2d:38:b1:20:f8:00:c2:f9:
                    b8:1f:6d:9e:cc:71:86:75:0e:f5:b1:44:02:e1:05:
                    fe:92:13:95:e2:f4:c4:f2:d4:f1:7b:95:2a:b4:83:
                    55:78:28:69:f7:13:94:f3:73:a4:f1:c8:70:df:e9:
                    b8:02:99:2b:43:c4:9e:98:bd:ff:ae:fa:73:0e:ce:
                    3d:a0:18:c9:0f:71:24:17:ef:0c:6b:ae:17:5d:c7:
                    c3:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:D7:A0:EB:D0:3F:C3:D9:3B:CC:BC:2F:3D:2E:9B:D8:C7:27:D9:8C
            X509v3 Authority Key Identifier:
                keyid:38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:03:90:74:fb:10:1e:24:3e:e6:5f:df:2f:95:5e:95:83:52:
         85:34:34:89:2f:04:56:6f:19:db:8c:68:92:b8:be:c4:94:09:
         cc:9a:1b:33:8b:5c:2c:07:aa:83:bb:f3:d2:91:1a:c1:11:0a:
         55:9b:36:38:b2:9a:5f:2d:a8:4e:03:3c:a9:77:e7:08:bd:8b:
         ca:f1:b0:f2:d6:93:76:ad:99:be:6c:4c:5c:3a:43:c2:c5:f6:
         b0:e0:62:98:7d:fd:0a:bd:37:a8:ff:90:65:58:e0:2c:82:60:
         8d:ba:53:6d:53:8f:1d:39:44:1c:7d:40:32:9a:bc:e7:ca:ff:
         18:85:71:26:c0:57:6d:46:2d:3a:91:43:39:05:4f:0b:3d:9a:
         f6:64:80:05:e0:26:96:52:8c:52:6c:11:85:31:3a:39:62:b0:
         13:f4:ff:e9:a5:de:0e:d9:e3:b0:06:ba:1d:c2:dc:20:80:c5:
         50:0f:4b:46:65:82:a2:06:54:9f:ca:bc:8f:79:c7:bc:59:23:
         86:66:7e:f0:36:15:3c:da:3c:19:28:e1:43:bb:41:50:c6:43:
         fc:57:c6:c8:da:13:cc:60:54:62:87:53:ec:12:c1:7c:46:fb:
         c6:5b:90:80:81:1e:e6:91:e5:8c:49:0c:a8:b6:e5:b8:69:c6:
         17:6c:22:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe211R4gw3UeFmOORTe11gIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTYwNThmYjlhNGY3ZWY5NzhiMzgwMjFhZTE1MmMyNGVi
ZmNlNDAwHhcNMjUwNjI4MTQwMDU0WhcNMjUwNjI5MTQwMDU0WjAzMTEwLwYDVQQD
Eyg5ZmQ3YTBlYmQwM2ZjM2Q5M2JjY2JjMmYzZDJlOWJkOGM3MjdkOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvURm/HpJ6i/kUzqd1ECszUd2p66D
J8BnNQf5rSfYAbpINO1ELqDjYxNHhfS0ciQXrcHwqwreUAYlrWXpRt092KMrt8Wj
dVbI14K1Ph1fiIVVyK7kKXV29kkgyxncoJ1DrMbEpfhN0pSyiGEy/lWhnGIQUjwk
XoBGH2osihHsqBL45TB2VZXtSJp9hLBV8yXyUK+rjNtNBvxPqmxvBAemL+lGQa/w
OlPTmthHLTixIPgAwvm4H22ezHGGdQ71sUQC4QX+khOV4vTE8tTxe5UqtINVeChp
9xOU83Ok8chw3+m4ApkrQ8SemL3/rvpzDs49oBjJD3EkF+8Ma64XXcfDkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/XoOvQP8PZO8y8Lz0um9jHJ9mMMB8GA1UdIwQY
MBaAFDhWBY+5pPfvl4s4AhrhUsJOv85AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmIt
YTVmZjE3NmQ2MWQwLzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmItYTVmZjE3NmQ2MWQw
LzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATwOQdPsQ
HiQ+5l/fL5VelYNShTQ0iS8EVm8Z24xokri+xJQJzJobM4tcLAeqg7vz0pEawREK
VZs2OLKaXy2oTgM8qXfnCL2LyvGw8taTdq2ZvmxMXDpDwsX2sOBimH39Cr03qP+Q
ZVjgLIJgjbpTbVOPHTlEHH1AMpq858r/GIVxJsBXbUYtOpFDOQVPCz2a9mSABeAm
llKMUmwRhTE6OWKwE/T/6aXeDtnjsAa6HcLcIIDFUA9LRmWCogZUn8q8j3nHvFkj
hmZ+8DYVPNo8GSjhQ7tBUMZD/FfGyNoTzGBUYodT7BLBfEb7xluQgIEe5pHljEkM
qLbluGnGF2wiZA==
-----END CERTIFICATE-----