Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          roA/QQNjYFAJ3/OOt5f8eXRmgN938zzfJ+/EalJPhUo=
Subject key identifier:   49:9D:51:14:E7:F4:47:6A:C0:BD:EE:BB:B4:8B:E9:6E:AD:2D:AC:95
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       0197B6A0705AF884EA631BC249A30692FE8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          0508
Signing time:             Sat 28 Jun 2025 13:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:57 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: QoEkQenHwfnS45gBRmsjvarB3L6LjT65P/M+qTa/UG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:70:5a:f8:84:ea:63:1b:c2:49:a3:06:92:fe:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Jun 28 13:00:57 2025 GMT
            Not After : Jun 29 13:00:57 2025 GMT
        Subject: CN=499d5114e7f4476ac0bdeebbb48be96ead2dac95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:00:4b:5b:2d:b5:aa:dc:3c:66:a6:78:34:c8:
                    49:83:9f:18:09:ef:44:69:79:47:00:60:fb:07:04:
                    57:7c:f4:94:26:f0:6c:73:b7:1f:e0:d8:db:41:77:
                    c7:d2:b9:2c:9c:83:e8:79:3d:e6:e0:e3:a4:02:ef:
                    29:cf:75:44:84:b5:00:b1:69:fa:ec:41:9b:b1:1f:
                    89:88:b3:a3:55:51:91:d6:cc:62:65:42:d7:50:ac:
                    7d:d8:e5:84:21:26:81:fc:76:94:84:ef:ff:6b:c6:
                    b4:10:dd:1c:ec:b3:0b:c2:74:fc:f8:75:bf:4b:9e:
                    8c:84:70:a1:c8:46:3f:23:9a:47:b0:77:6a:ee:2a:
                    10:ec:0a:59:d7:0c:01:ee:d1:7d:ff:7d:bb:af:9c:
                    18:05:8e:8e:09:28:3b:47:2e:fb:1c:f3:70:14:06:
                    9a:25:b4:eb:50:23:3f:ae:e1:dc:4c:f8:a1:87:d5:
                    3a:00:70:df:28:f6:89:5a:96:10:bf:2d:e7:82:fd:
                    93:1e:bf:b3:3f:c2:8a:3e:1b:00:0a:54:a4:aa:a7:
                    d8:1c:5a:e5:38:7c:d8:78:02:5f:0e:64:17:90:17:
                    39:33:c1:31:c9:3f:d6:d2:b3:ab:47:45:a1:5b:8f:
                    38:01:49:82:8b:7d:e9:36:af:5c:10:e8:2e:9e:89:
                    39:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:9D:51:14:E7:F4:47:6A:C0:BD:EE:BB:B4:8B:E9:6E:AD:2D:AC:95
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:26:52:c9:ae:32:5d:c3:c4:8a:5c:e0:45:09:b8:12:c9:43:
         dd:e9:b9:33:62:06:bb:18:62:19:a9:a2:d9:4e:95:52:0f:d4:
         eb:8e:2c:a2:ac:54:85:8c:f7:33:45:d9:cc:ae:82:f9:eb:a6:
         15:cf:d8:3b:59:07:81:78:e5:01:a1:0b:0e:14:17:31:85:f1:
         47:20:12:79:b1:bf:c8:e5:ad:17:ca:3f:24:f6:f7:3b:ce:7a:
         cc:53:81:6f:07:d1:bb:51:fc:e5:d0:35:19:5f:5b:98:6c:57:
         26:c7:db:3e:a7:16:9d:e2:c3:e7:a9:d9:48:ef:ec:ee:50:78:
         f8:9a:2e:91:2e:e4:32:a7:34:dd:79:d8:18:33:50:9f:50:5b:
         86:31:6a:ad:10:8b:81:16:94:e2:6f:e1:9e:e5:1c:b5:67:e7:
         5e:5c:3d:0e:c9:ce:63:6b:6b:22:23:bf:76:e3:8f:53:c0:06:
         0c:e5:a9:1b:5a:e4:7b:0d:ae:ef:a3:17:3c:a3:55:bd:de:1a:
         79:d1:25:42:c6:8e:dc:95:95:f2:25:9a:fa:40:14:0d:55:15:
         54:67:d7:bd:4a:dc:54:2e:c0:63:3d:e5:82:fe:76:3d:0f:fe:
         b2:3d:e6:99:27:4e:b6:fd:77:19:2a:6f:11:29:c8:5b:41:57:
         99:3a:09:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oHBa+ITqYxvCSaMGkv6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwNjI4MTMwMDU3WhcNMjUwNjI5MTMwMDU3WjAzMTEwLwYDVQQD
Eyg0OTlkNTExNGU3ZjQ0NzZhYzBiZGVlYmJiNDhiZTk2ZWFkMmRhYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwBLWy21qtw8ZqZ4NMhJg58YCe9E
aXlHAGD7BwRXfPSUJvBsc7cf4NjbQXfH0rksnIPoeT3m4OOkAu8pz3VEhLUAsWn6
7EGbsR+JiLOjVVGR1sxiZULXUKx92OWEISaB/HaUhO//a8a0EN0c7LMLwnT8+HW/
S56MhHChyEY/I5pHsHdq7ioQ7ApZ1wwB7tF9/327r5wYBY6OCSg7Ry77HPNwFAaa
JbTrUCM/ruHcTPihh9U6AHDfKPaJWpYQvy3ngv2THr+zP8KKPhsAClSkqqfYHFrl
OHzYeAJfDmQXkBc5M8ExyT/W0rOrR0WhW484AUmCi33pNq9cEOgunok59wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmdURTn9EdqwL3uu7SL6W6tLayVMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYiZSya4y
XcPEilzgRQm4EslD3em5M2IGuxhiGami2U6VUg/U644soqxUhYz3M0XZzK6C+eum
Fc/YO1kHgXjlAaELDhQXMYXxRyASebG/yOWtF8o/JPb3O856zFOBbwfRu1H85dA1
GV9bmGxXJsfbPqcWneLD56nZSO/s7lB4+JoukS7kMqc03XnYGDNQn1BbhjFqrRCL
gRaU4m/hnuUctWfnXlw9DsnOY2trIiO/duOPU8AGDOWpG1rkew2u76MXPKNVvd4a
edElQsaO3JWV8iWa+kAUDVUVVGfXvUrcVC7AYz3lgv52PQ/+sj3mmSdOtv13GSpv
ESnIW0FXmToJUA==
-----END CERTIFICATE-----