Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
File:                     OFYFj7mk9--XizgCGuFSwk6_zkA.mft (raw, json)
Hash identifier:          Tp+g+kQixnJZzpmZjtmyw1SPqoLx2dJbovoL1owg+jM=
Subject key identifier:   B8:48:57:31:A4:7F:B3:1D:8F:52:EB:2B:67:17:A4:64:2F:F8:D1:37
Authority key identifier: 38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40
Certificate issuer:       /CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
Certificate serial:       0196BDB73582CC1D212FFA6093A36A0D5294
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
Manifest number:          023A
Signing time:             Sun 11 May 2025 05:00:22 +0000
Manifest this update:     Sun 11 May 2025 05:00:22 +0000
Manifest next update:     Mon 12 May 2025 05:00:22 +0000
Files and hashes:         1: OFYFj7mk9--XizgCGuFSwk6_zkA.crl (hash: urVyHlkpDNKOSmaP3/KBRFyVrYIAyyzutSBDGa2Tr9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 05:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:b7:35:82:cc:1d:21:2f:fa:60:93:a3:6a:0d:52:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3856058fb9a4f7ef978b38021ae152c24ebfce40
        Validity
            Not Before: May 11 05:00:22 2025 GMT
            Not After : May 12 05:00:22 2025 GMT
        Subject: CN=b8485731a47fb31d8f52eb2b6717a4642ff8d137
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d4:4e:ad:24:f4:33:92:dd:3b:06:5f:30:cf:
                    de:a3:d1:70:87:9e:6c:3d:0c:46:7f:56:92:6d:cd:
                    09:bf:09:d0:36:a5:7e:b9:2f:6d:52:60:bf:a0:cb:
                    52:1f:88:cb:db:cc:ff:0c:13:95:19:37:42:e1:95:
                    47:8b:af:2a:33:58:04:7b:af:a8:c2:88:ac:d3:2c:
                    4a:84:51:66:b7:9d:e7:a7:31:3b:e6:f9:69:9e:6e:
                    86:db:46:8c:3c:a8:3e:c0:a3:13:0b:50:09:01:7f:
                    07:e9:16:91:31:3b:86:a9:3f:13:9a:af:e6:dd:b1:
                    48:44:9c:b3:77:5e:4e:00:a8:61:55:d1:b8:45:b4:
                    62:58:8e:6a:0a:a0:12:67:5c:69:35:fb:9a:7a:c4:
                    58:d6:ed:1a:87:f3:78:ba:59:79:f4:b3:31:2a:38:
                    41:96:5d:ac:91:fa:09:f4:b8:8b:97:44:96:83:6f:
                    e8:cf:83:70:19:91:3c:79:5d:4c:1b:cf:73:3b:16:
                    03:2a:be:02:72:55:f4:47:df:ce:99:8d:e2:01:b6:
                    1d:04:58:ec:4b:f7:13:23:9b:1d:d0:f4:bc:de:3d:
                    c0:b2:c1:f9:bd:99:aa:30:fc:4b:64:9b:42:8b:fc:
                    31:8d:86:db:94:65:87:37:47:da:74:ac:d3:b6:b9:
                    9e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:48:57:31:A4:7F:B3:1D:8F:52:EB:2B:67:17:A4:64:2F:F8:D1:37
            X509v3 Authority Key Identifier:
                keyid:38:56:05:8F:B9:A4:F7:EF:97:8B:38:02:1A:E1:52:C2:4E:BF:CE:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFYFj7mk9--XizgCGuFSwk6_zkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2094b0-5a57-4a36-b5fb-a5ff176d61d0/1/OFYFj7mk9--XizgCGuFSwk6_zkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:52:1b:92:2f:ec:47:d3:0d:9e:77:96:11:df:90:4c:b2:a0:
         d1:2e:5c:00:46:fa:94:94:bf:aa:b9:45:99:1b:ac:77:ab:c2:
         6b:8f:76:32:07:fd:57:1f:c2:24:5f:31:66:17:dd:cd:42:52:
         da:31:58:5f:33:13:75:4f:4f:d3:64:fb:29:b2:bd:a7:91:81:
         c9:ff:83:79:58:06:44:8f:79:f4:61:59:6f:84:eb:4f:24:7b:
         77:98:63:fe:8d:6c:cc:97:04:9a:7c:51:2b:7e:6b:05:11:67:
         4b:22:ab:44:d7:02:6d:2a:0f:08:62:49:66:9a:8c:73:31:c4:
         69:11:b7:af:c7:3e:6e:90:da:a7:75:08:eb:39:04:4e:56:c6:
         bf:83:c1:70:bd:8d:6a:06:56:ac:4c:6e:69:9d:e8:20:c5:ac:
         91:6d:38:ad:c5:d8:04:52:3b:ad:ad:9c:7a:d0:2e:14:8c:40:
         71:92:3a:00:c7:3f:54:be:ee:17:e5:8b:57:bd:a3:8a:04:fe:
         b0:e2:4b:65:95:12:40:92:e9:84:64:e2:91:c0:b3:fe:f8:5f:
         13:1f:1c:bb:a2:ef:fa:55:ff:c6:6f:da:13:26:28:84:64:86:
         24:ba:f9:b6:e7:f6:b1:4b:c1:e5:96:70:8a:e7:73:a8:2c:fa:
         e4:7c:76:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9tzWCzB0hL/pgk6NqDVKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTYwNThmYjlhNGY3ZWY5NzhiMzgwMjFhZTE1MmMyNGVi
ZmNlNDAwHhcNMjUwNTExMDUwMDIyWhcNMjUwNTEyMDUwMDIyWjAzMTEwLwYDVQQD
EyhiODQ4NTczMWE0N2ZiMzFkOGY1MmViMmI2NzE3YTQ2NDJmZjhkMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9ROrST0M5LdOwZfMM/eo9Fwh55s
PQxGf1aSbc0JvwnQNqV+uS9tUmC/oMtSH4jL28z/DBOVGTdC4ZVHi68qM1gEe6+o
wois0yxKhFFmt53npzE75vlpnm6G20aMPKg+wKMTC1AJAX8H6RaRMTuGqT8Tmq/m
3bFIRJyzd15OAKhhVdG4RbRiWI5qCqASZ1xpNfuaesRY1u0ah/N4ull59LMxKjhB
ll2skfoJ9LiLl0SWg2/oz4NwGZE8eV1MG89zOxYDKr4CclX0R9/OmY3iAbYdBFjs
S/cTI5sd0PS83j3AssH5vZmqMPxLZJtCi/wxjYbblGWHN0fadKzTtrmeaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhIVzGkf7Mdj1LrK2cXpGQv+NE3MB8GA1UdIwQY
MBaAFDhWBY+5pPfvl4s4AhrhUsJOv85AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmIt
YTVmZjE3NmQ2MWQwLzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yMDk0YjAtNWE1Ny00YTM2LWI1ZmItYTVmZjE3NmQ2MWQw
LzEvT0ZZRmo3bWs5LS1YaXpnQ0d1RlN3azZfemtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlIbki/s
R9MNnneWEd+QTLKg0S5cAEb6lJS/qrlFmRusd6vCa492Mgf9Vx/CJF8xZhfdzUJS
2jFYXzMTdU9P02T7KbK9p5GByf+DeVgGRI959GFZb4TrTyR7d5hj/o1szJcEmnxR
K35rBRFnSyKrRNcCbSoPCGJJZpqMczHEaRG3r8c+bpDap3UI6zkETlbGv4PBcL2N
agZWrExuaZ3oIMWskW04rcXYBFI7ra2cetAuFIxAcZI6AMc/VL7uF+WLV72jigT+
sOJLZZUSQJLphGTikcCz/vhfEx8cu6Lv+lX/xm/aEyYohGSGJLr5tuf2sUvB5ZZw
iudzqCz65Hx2Gw==
-----END CERTIFICATE-----