Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          fHeA4Wc7N9fstxwjDtLki63L/eEOY20/KlWxOWG4EgA=
Subject key identifier:   80:F0:0E:C5:F2:79:15:9F:A6:45:20:08:54:B0:3D:C4:36:57:68:FB
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       0198D47385F7A6A48AA8769F94867350DB95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          0589
Signing time:             Sat 23 Aug 2025 01:03:17 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:17 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:17 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: UD6ZeTS9STxdE91UKx5VG/82N9Vbla2kdyL5LMyWB6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:85:f7:a6:a4:8a:a8:76:9f:94:86:73:50:db:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Aug 23 01:03:17 2025 GMT
            Not After : Aug 24 01:03:17 2025 GMT
        Subject: CN=80f00ec5f279159fa645200854b03dc4365768fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:cb:9b:61:78:e1:a8:f7:a5:d9:a9:93:4b:e3:
                    b6:78:b2:0e:de:f2:89:aa:15:71:1c:3e:10:4a:cd:
                    59:6e:72:a6:ce:32:c9:94:75:2c:4d:17:e7:9e:bb:
                    19:42:2f:ca:e8:a9:3f:b0:46:4e:37:90:95:0b:70:
                    93:80:d3:50:f5:ce:81:eb:f4:a1:05:95:36:ac:3e:
                    e3:85:ff:ae:a9:5a:9d:ba:64:da:98:e6:ff:fd:52:
                    e4:72:7e:8a:6b:2f:34:9f:0d:8c:49:dc:0d:03:24:
                    59:34:9c:02:cc:bc:d2:e9:8e:a0:bd:80:a6:a9:a1:
                    a0:3e:df:8a:65:d7:31:6d:9b:02:d9:12:fd:b9:e2:
                    27:68:ab:ac:6d:4b:21:16:b5:b7:f0:67:d5:a0:46:
                    78:4e:b2:ff:6f:ff:89:83:cf:f8:71:2c:40:7e:61:
                    b8:49:f6:2e:cb:d4:cf:e8:6e:a1:0a:bb:ed:67:92:
                    a2:60:c8:a7:9d:bb:b9:4d:8c:2a:dc:61:21:1e:ca:
                    fd:09:3b:b3:4e:b8:c0:df:59:67:b9:8f:88:ac:85:
                    f0:12:a1:99:a2:73:74:35:46:8e:52:e1:1e:26:f2:
                    aa:69:93:4f:43:9b:4e:59:98:8a:7f:50:0c:09:d8:
                    65:28:2d:12:e9:48:14:69:3e:95:55:91:11:40:74:
                    7a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:F0:0E:C5:F2:79:15:9F:A6:45:20:08:54:B0:3D:C4:36:57:68:FB
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:7c:b1:9f:5f:ac:cb:0e:0e:6f:b0:29:f4:53:1f:42:1d:d3:
         54:f2:cf:8a:e2:64:27:8a:24:4d:6e:8d:ea:80:36:35:e4:54:
         ee:03:70:b6:72:f7:c0:8f:fb:46:3e:a5:fe:cd:38:18:d1:bd:
         d1:bd:75:52:8f:16:33:f5:ab:78:03:1a:00:7e:92:9b:18:bb:
         8c:b5:8a:cd:82:88:d9:a4:26:28:c9:dc:f6:d7:7a:af:61:c1:
         9e:80:3f:4d:18:87:94:96:9a:20:12:a7:36:20:28:5f:3b:a1:
         26:21:c6:40:f0:44:82:7c:27:0a:2f:1a:ea:80:e7:1e:e0:90:
         77:28:31:92:0f:ef:03:fa:83:90:91:36:60:88:be:26:e6:16:
         2d:8b:dc:74:4a:8a:e0:39:fe:df:36:d8:9b:8f:92:44:07:df:
         69:dc:8f:26:48:4d:fe:1c:ee:5e:2e:af:c8:ed:0d:3a:6f:f0:
         02:44:2f:53:3e:cf:3c:bf:8e:03:ba:45:ff:e6:5d:ee:55:2d:
         03:71:a2:10:df:fc:d5:31:52:19:9d:78:03:10:ca:bd:a4:ab:
         1c:f4:b9:aa:0e:0c:fc:8d:f2:3f:cd:e1:f0:93:6b:6d:10:18:
         94:80:89:85:4f:71:d2:d6:58:24:69:29:b2:7a:60:df:ae:fd:
         ee:a1:99:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc4X3pqSKqHaflIZzUNuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwODIzMDEwMzE3WhcNMjUwODI0MDEwMzE3WjAzMTEwLwYDVQQD
Eyg4MGYwMGVjNWYyNzkxNTlmYTY0NTIwMDg1NGIwM2RjNDM2NTc2OGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MubYXjhqPel2amTS+O2eLIO3vKJ
qhVxHD4QSs1ZbnKmzjLJlHUsTRfnnrsZQi/K6Kk/sEZON5CVC3CTgNNQ9c6B6/Sh
BZU2rD7jhf+uqVqdumTamOb//VLkcn6Kay80nw2MSdwNAyRZNJwCzLzS6Y6gvYCm
qaGgPt+KZdcxbZsC2RL9ueInaKusbUshFrW38GfVoEZ4TrL/b/+Jg8/4cSxAfmG4
SfYuy9TP6G6hCrvtZ5KiYMinnbu5TYwq3GEhHsr9CTuzTrjA31lnuY+IrIXwEqGZ
onN0NUaOUuEeJvKqaZNPQ5tOWZiKf1AMCdhlKC0S6UgUaT6VVZERQHR6cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDwDsXyeRWfpkUgCFSwPcQ2V2j7MB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo3yxn1+s
yw4Ob7Ap9FMfQh3TVPLPiuJkJ4okTW6N6oA2NeRU7gNwtnL3wI/7Rj6l/s04GNG9
0b11Uo8WM/WreAMaAH6Smxi7jLWKzYKI2aQmKMnc9td6r2HBnoA/TRiHlJaaIBKn
NiAoXzuhJiHGQPBEgnwnCi8a6oDnHuCQdygxkg/vA/qDkJE2YIi+JuYWLYvcdEqK
4Dn+3zbYm4+SRAffadyPJkhN/hzuXi6vyO0NOm/wAkQvUz7PPL+OA7pF/+Zd7lUt
A3GiEN/81TFSGZ14AxDKvaSrHPS5qg4M/I3yP83h8JNrbRAYlICJhU9x0tZYJGkp
snpg36797qGZfA==
-----END CERTIFICATE-----