Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          qh+6DrHzNXYUdrpCsk/RhhiJd6SHbjNHqaxP/wE9MCQ=
Subject key identifier:   99:36:BC:1F:A2:4E:50:13:37:02:D9:57:91:C8:2F:DB:F1:A1:F1:50
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       0198D5F18FD75B8914B39E98D887BDA77279
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          0223
Signing time:             Sat 23 Aug 2025 08:00:34 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:34 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:34 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: r0ol5KDvC9o/Ye1iGArAh7XFgcPBcuI9Nu+V6K3bA9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:8f:d7:5b:89:14:b3:9e:98:d8:87:bd:a7:72:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Aug 23 08:00:34 2025 GMT
            Not After : Aug 24 08:00:34 2025 GMT
        Subject: CN=9936bc1fa24e50133702d95791c82fdbf1a1f150
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:46:18:c7:58:5a:ba:5d:f7:41:1b:b3:61:f2:
                    3d:a2:0f:f5:67:5f:1b:a7:5c:63:b0:4d:64:6d:c7:
                    7f:9e:1f:d1:a2:36:85:cf:78:06:be:8f:e1:9f:75:
                    01:7f:79:b8:86:50:78:82:a5:5e:14:db:40:e4:51:
                    39:7c:e2:17:51:80:21:d4:c8:20:82:7b:98:5c:9b:
                    1a:34:b9:7f:a6:1d:d7:ba:50:76:e3:22:a8:fb:e0:
                    de:11:b5:db:70:cf:be:45:15:2f:15:98:7d:46:13:
                    f5:d9:1c:32:9f:4f:ce:30:24:47:d6:43:80:3b:ae:
                    b2:df:2f:99:12:c3:75:f6:35:fe:6d:9f:ee:24:29:
                    a2:2e:30:ac:3c:ad:7a:72:29:55:7d:b3:ba:ce:94:
                    14:f6:9f:d6:4e:fe:25:34:03:dc:2c:52:6d:24:7f:
                    78:12:d7:5e:b7:80:0a:0b:aa:cb:f3:38:e2:09:e6:
                    86:fa:61:be:84:4f:14:03:6a:fe:43:c4:4e:5e:91:
                    a7:3d:2f:cd:25:35:10:7c:23:7c:c5:ed:ed:8d:6d:
                    56:59:aa:ee:cd:b6:b8:60:3a:02:30:20:a6:f7:12:
                    9e:7a:3e:d5:bb:90:cf:2e:eb:b4:07:be:cb:71:55:
                    c5:87:04:dd:b4:54:1d:1b:4b:05:99:0b:49:ac:5a:
                    71:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:36:BC:1F:A2:4E:50:13:37:02:D9:57:91:C8:2F:DB:F1:A1:F1:50
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:1c:75:87:34:c0:2a:e0:12:92:de:34:89:2a:47:60:62:12:
         39:d6:e7:09:10:79:ca:5e:c3:88:b0:e6:15:3a:3c:3b:ee:98:
         39:04:b9:1c:f7:1f:9f:e0:a0:a7:d4:69:5d:1b:7e:e4:e6:2e:
         9f:e1:97:c3:12:bc:32:bf:44:39:98:8f:b7:a0:f9:f0:2b:97:
         72:b1:4e:45:f2:74:9d:46:27:36:75:da:e1:40:9a:80:60:b3:
         9e:fa:0a:82:b4:8a:20:bd:79:b6:c0:8b:2c:44:81:f2:75:a9:
         ac:b5:72:08:f7:e9:99:6b:22:4e:b6:d2:0e:70:2d:c5:0f:be:
         d6:f6:67:83:e4:a9:d5:36:ad:11:55:e8:ac:1f:c2:23:ed:bf:
         a1:0d:9d:7f:19:25:db:83:b5:0b:62:47:15:cf:a4:cb:e0:27:
         88:18:7a:a2:c2:b1:57:2c:7b:09:8c:69:72:9c:16:c6:93:74:
         5e:94:20:3b:13:0a:a3:e1:18:9f:b5:68:2c:39:7f:b5:f8:08:
         5f:70:28:9b:bf:bb:d7:3e:6f:e8:5a:02:5f:40:be:0c:c7:1d:
         b2:f8:88:12:0d:eb:17:df:17:1f:58:8d:64:d1:39:43:db:71:
         78:b0:fe:12:89:a5:7d:c5:b8:4e:77:80:82:93:96:e8:ea:a4:
         53:a3:b3:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8Y/XW4kUs56Y2Ie9p3J5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwODIzMDgwMDM0WhcNMjUwODI0MDgwMDM0WjAzMTEwLwYDVQQD
Eyg5OTM2YmMxZmEyNGU1MDEzMzcwMmQ5NTc5MWM4MmZkYmYxYTFmMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UYYx1haul33QRuzYfI9og/1Z18b
p1xjsE1kbcd/nh/RojaFz3gGvo/hn3UBf3m4hlB4gqVeFNtA5FE5fOIXUYAh1Mgg
gnuYXJsaNLl/ph3XulB24yKo++DeEbXbcM++RRUvFZh9RhP12Rwyn0/OMCRH1kOA
O66y3y+ZEsN19jX+bZ/uJCmiLjCsPK16cilVfbO6zpQU9p/WTv4lNAPcLFJtJH94
Etdet4AKC6rL8zjiCeaG+mG+hE8UA2r+Q8ROXpGnPS/NJTUQfCN8xe3tjW1WWaru
zba4YDoCMCCm9xKeej7Vu5DPLuu0B77LcVXFhwTdtFQdG0sFmQtJrFpx5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJk2vB+iTlATNwLZV5HIL9vxofFQMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxx1hzTA
KuASkt40iSpHYGISOdbnCRB5yl7DiLDmFTo8O+6YOQS5HPcfn+Cgp9RpXRt+5OYu
n+GXwxK8Mr9EOZiPt6D58CuXcrFORfJ0nUYnNnXa4UCagGCznvoKgrSKIL15tsCL
LESB8nWprLVyCPfpmWsiTrbSDnAtxQ++1vZng+Sp1TatEVXorB/CI+2/oQ2dfxkl
24O1C2JHFc+ky+AniBh6osKxVyx7CYxpcpwWxpN0XpQgOxMKo+EYn7VoLDl/tfgI
X3Aom7+71z5v6FoCX0C+DMcdsviIEg3rF98XH1iNZNE5Q9txeLD+EomlfcW4TneA
gpOW6OqkU6Oz9w==
-----END CERTIFICATE-----