Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
File:                     OFYFj7mk9--XizgCGuFSwk6_zkA.mft (raw, json)
Hash identifier:          BYVD1GRzI0Rk/HQRuJ5ffpMd36TbBepGclimV1SvzJA=
Subject key identifier:   AA:31:65:AD:F8:CD:35:F5:0D:6D:6B:78:C9:51:0B:35:A6:FB:9E:B4
Authority key identifier: 38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40
Certificate issuer:       /CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
Certificate serial:       0198D4A8333B64D5DA3B3A97EAFE88A517B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
Manifest number:          034F
Signing time:             Sat 23 Aug 2025 02:00:49 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:49 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:49 +0000
Files and hashes:         1: OFYFj7mk9--XizgCGuFSwk6_zkA.crl (hash: tImDUUdUMmMTR1dfQnjNWJQHacmUtCGFSLvCrwey3HQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a8:33:3b:64:d5:da:3b:3a:97:ea:fe:88:a5:17:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
        Validity
            Not Before: Aug 23 02:00:49 2025 GMT
            Not After : Aug 24 02:00:49 2025 GMT
        Subject: CN=aa3165adf8cd35f50d6d6b78c9510b35a6fb9eb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:3a:46:dd:48:45:8b:4d:b5:ea:d2:2f:27:60:
                    82:8f:43:7c:55:3f:01:56:c8:2b:7b:50:fd:e2:3b:
                    8e:49:8d:d9:e1:d3:aa:e6:cd:dd:c3:48:c1:12:06:
                    18:53:15:a6:b5:39:3e:e4:57:1e:f2:75:15:8d:1e:
                    24:76:da:a9:28:01:7b:35:7c:e7:0d:bf:4f:ab:42:
                    62:dd:dc:3e:ab:d4:52:96:c2:80:a2:dc:00:fe:93:
                    59:1f:4f:95:fb:a0:01:fc:5c:77:1f:44:fe:6d:20:
                    85:94:f5:b4:14:dc:bd:bf:38:4e:53:67:00:16:f2:
                    7f:2b:fb:22:23:8a:11:c1:ff:00:b4:d2:8b:3c:94:
                    10:77:a7:0e:8a:7b:b7:6d:4d:2a:3c:ac:19:c1:90:
                    f9:a8:95:e8:3a:7d:19:f0:0d:ce:3a:fc:da:83:fa:
                    34:72:95:c2:59:91:27:c0:5c:5a:a3:01:40:c9:94:
                    78:20:1e:75:df:45:72:28:b4:8a:e4:b3:4d:6e:03:
                    25:13:32:5c:df:e0:f1:3c:69:9c:ea:b4:43:fc:24:
                    5f:be:6a:5f:93:5e:fd:d8:18:f6:51:7d:7e:eb:58:
                    aa:9e:b9:99:f4:53:2e:f0:1d:f3:79:5b:40:48:eb:
                    89:29:fc:08:14:b1:ee:39:df:27:4e:52:d3:34:0e:
                    df:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:31:65:AD:F8:CD:35:F5:0D:6D:6B:78:C9:51:0B:35:A6:FB:9E:B4
            X509v3 Authority Key Identifier:
                keyid:38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:fc:67:82:66:32:53:a8:da:af:32:bf:d9:65:b3:97:6c:f7:
         21:f8:05:02:67:d7:c1:5d:a1:14:0e:94:a9:12:82:9f:0a:d7:
         36:b2:dd:82:1f:dd:00:b3:e4:ba:65:3f:e5:ad:5e:62:38:e0:
         e9:04:c1:54:eb:d5:52:5b:9b:59:a9:3e:56:0d:23:24:86:fa:
         5b:4e:24:47:ac:85:d5:bf:2d:50:76:2f:8a:9b:25:eb:58:4a:
         b7:10:67:df:b8:8e:80:1e:d7:d2:46:99:8d:47:fc:f3:2f:47:
         c9:5d:f1:43:32:34:00:40:f4:25:93:c8:b0:83:06:9c:7d:5c:
         1a:4f:93:d8:37:63:80:4b:69:24:c0:9b:c3:15:b6:32:41:58:
         16:8c:a0:58:b5:ef:9e:ce:21:d6:85:2b:0a:eb:33:19:e4:c0:
         79:1c:ed:e0:f9:e9:86:6d:e1:55:fa:60:d8:dc:b6:09:8c:7c:
         93:4e:39:76:dc:ea:0a:db:9d:a8:6e:d4:eb:91:fa:32:11:be:
         e3:64:67:a1:48:41:dd:4b:c8:c9:22:5d:7e:a4:06:4e:5b:20:
         34:ff:cf:dd:a5:64:23:c7:d8:50:4a:11:0d:be:d7:c0:1c:6f:
         1c:ae:29:60:f7:d0:a4:1d:06:b7:7a:cb:80:39:d6:74:f3:f9:
         3e:8f:14:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUqDM7ZNXaOzqX6v6IpRewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTYwNThmYjlhNGY3ZWY5NzhiMzgwMjFhZTE1MmMyNGVi
ZmNlNDAwHhcNMjUwODIzMDIwMDQ5WhcNMjUwODI0MDIwMDQ5WjAzMTEwLwYDVQQD
EyhhYTMxNjVhZGY4Y2QzNWY1MGQ2ZDZiNzhjOTUxMGIzNWE2ZmI5ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DpG3UhFi0216tIvJ2CCj0N8VT8B
Vsgre1D94juOSY3Z4dOq5s3dw0jBEgYYUxWmtTk+5Fce8nUVjR4kdtqpKAF7NXzn
Db9Pq0Ji3dw+q9RSlsKAotwA/pNZH0+V+6AB/Fx3H0T+bSCFlPW0FNy9vzhOU2cA
FvJ/K/siI4oRwf8AtNKLPJQQd6cOinu3bU0qPKwZwZD5qJXoOn0Z8A3OOvzag/o0
cpXCWZEnwFxaowFAyZR4IB5130VyKLSK5LNNbgMlEzJc3+DxPGmc6rRD/CRfvmpf
k1792Bj2UX1+61iqnrmZ9FMu8B3zeVtASOuJKfwIFLHuOd8nTlLTNA7fbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoxZa34zTX1DW1reMlRCzWm+560MB8GA1UdIwQY
MBaAFDhWBY+5pPfvl4s4AhrhUsJOv85AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmIt
YTVmZjE3NmQ2MWQwLzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmItYTVmZjE3NmQ2MWQw
LzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPxngmYy
U6jarzK/2WWzl2z3IfgFAmfXwV2hFA6UqRKCnwrXNrLdgh/dALPkumU/5a1eYjjg
6QTBVOvVUlubWak+Vg0jJIb6W04kR6yF1b8tUHYvipsl61hKtxBn37iOgB7X0kaZ
jUf88y9HyV3xQzI0AED0JZPIsIMGnH1cGk+T2DdjgEtpJMCbwxW2MkFYFoygWLXv
ns4h1oUrCuszGeTAeRzt4Pnphm3hVfpg2Ny2CYx8k045dtzqCtudqG7U65H6MhG+
42RnoUhB3UvIySJdfqQGTlsgNP/P3aVkI8fYUEoRDb7XwBxvHK4pYPfQpB0Gt3rL
gDnWdPP5Po8UkQ==
-----END CERTIFICATE-----