Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          sWQqBWWP43vFJ485trdZr6H4dbs7ZeJFlFF1MdUzLik=
Subject key identifier:   01:CA:59:04:77:93:8C:09:76:3D:BA:95:49:FC:52:34:15:5F:84:E3
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0197B6A203EDAC4E31A5E9FB19A60EC49F83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:40 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:40 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:40 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: 9UnlkGAEkeeYdRZxsVr70EmqdwCgvaAlihaJ5zQxnRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:03:ed:ac:4e:31:a5:e9:fb:19:a6:0e:c4:9f:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Jun 28 13:02:40 2025 GMT
            Not After : Jun 29 13:02:40 2025 GMT
        Subject: CN=01ca590477938c09763dba9549fc5234155f84e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:98:fb:86:29:a1:41:06:f1:82:fd:c2:18:ee:
                    b3:33:4e:49:52:36:b5:36:56:2e:08:ab:02:da:f0:
                    c9:0c:14:9c:10:52:13:50:23:82:a5:3a:4f:22:21:
                    bc:71:7f:25:94:cd:25:e9:5a:b2:e4:8d:98:ea:3a:
                    08:f9:db:71:00:9a:f1:6a:89:c1:e4:98:4f:67:e4:
                    93:b0:a6:50:44:bd:9b:b7:c7:6c:41:0a:be:10:c2:
                    25:4d:98:8d:01:91:a1:92:a7:cf:c6:bf:de:a6:d7:
                    3a:6e:8b:1e:72:5c:08:02:53:19:06:7a:d2:dc:bd:
                    ce:4b:87:ea:72:d0:29:71:4e:93:74:80:b9:3e:cf:
                    a7:69:c5:b3:0b:7b:20:44:2f:29:15:2a:41:0d:36:
                    e4:f3:5e:cb:b2:85:b8:cb:03:ec:73:1e:f7:90:a2:
                    b7:56:20:3b:f3:cd:f5:71:b4:03:5e:b5:0b:dc:f4:
                    68:e1:fe:c8:f4:11:91:b4:0e:6c:25:94:25:72:51:
                    a9:77:ef:03:7c:70:56:e9:7b:6f:6c:6e:36:de:c3:
                    b8:1f:cb:38:3f:3e:7e:e0:60:8b:fc:04:4c:17:01:
                    15:e5:0d:57:f1:02:76:11:01:0f:e8:49:a7:8c:10:
                    74:fd:53:63:71:9d:92:b8:c6:b2:97:92:c6:9a:9a:
                    f6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:CA:59:04:77:93:8C:09:76:3D:BA:95:49:FC:52:34:15:5F:84:E3
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:bb:81:b0:58:5a:0d:38:5f:c9:f5:13:88:60:e5:e6:f9:a0:
         48:58:e2:c2:e4:43:c7:20:e0:04:d0:67:fb:89:19:a5:aa:75:
         63:69:03:28:bd:06:20:e9:8a:40:6a:e3:97:c3:9e:74:0d:be:
         5a:51:15:ee:26:95:6d:1b:08:b9:4b:30:24:ea:2f:c7:a7:02:
         55:6a:e9:12:79:61:c5:e7:11:e4:aa:23:2f:27:85:66:4d:02:
         ee:07:2a:c6:4e:fb:e2:c3:09:a0:a3:5a:07:db:96:98:4c:da:
         ca:ab:b2:d0:a7:54:82:9c:0d:dd:e9:a0:71:a5:83:02:f7:10:
         a5:55:5d:f1:0f:e2:a9:1a:d1:81:ef:08:75:48:19:70:9a:53:
         79:ad:6b:91:91:db:4b:92:8f:c5:25:d1:70:2f:a4:e9:de:e5:
         0e:5a:64:71:e6:15:79:7d:43:5e:d2:f0:8d:ec:ad:41:9c:98:
         ba:1a:61:52:b7:fe:dd:58:af:82:b9:5d:5c:e3:f2:4e:b9:dd:
         8d:59:7c:cf:29:a0:19:63:94:75:09:2d:a4:9d:f6:df:96:d6:
         95:c2:b2:cd:18:b8:40:3b:9a:de:e9:52:4a:ff:36:c7:31:db:
         85:be:b5:ec:e0:c2:e3:dc:c0:32:d0:bb:2b:c1:2f:76:92:93:
         42:44:38:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ogPtrE4xpen7GaYOxJ+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwNjI4MTMwMjQwWhcNMjUwNjI5MTMwMjQwWjAzMTEwLwYDVQQD
EygwMWNhNTkwNDc3OTM4YzA5NzYzZGJhOTU0OWZjNTIzNDE1NWY4NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJj7himhQQbxgv3CGO6zM05JUja1
NlYuCKsC2vDJDBScEFITUCOCpTpPIiG8cX8llM0l6Vqy5I2Y6joI+dtxAJrxaonB
5JhPZ+STsKZQRL2bt8dsQQq+EMIlTZiNAZGhkqfPxr/eptc6boseclwIAlMZBnrS
3L3OS4fqctApcU6TdIC5Ps+nacWzC3sgRC8pFSpBDTbk817LsoW4ywPscx73kKK3
ViA78831cbQDXrUL3PRo4f7I9BGRtA5sJZQlclGpd+8DfHBW6XtvbG423sO4H8s4
Pz5+4GCL/ARMFwEV5Q1X8QJ2EQEP6EmnjBB0/VNjcZ2SuMayl5LGmpr2EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHKWQR3k4wJdj26lUn8UjQVX4TjMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZruBsFha
DThfyfUTiGDl5vmgSFjiwuRDxyDgBNBn+4kZpap1Y2kDKL0GIOmKQGrjl8OedA2+
WlEV7iaVbRsIuUswJOovx6cCVWrpEnlhxecR5KojLyeFZk0C7gcqxk774sMJoKNa
B9uWmEzayquy0KdUgpwN3emgcaWDAvcQpVVd8Q/iqRrRge8IdUgZcJpTea1rkZHb
S5KPxSXRcC+k6d7lDlpkceYVeX1DXtLwjeytQZyYuhphUrf+3VivgrldXOPyTrnd
jVl8zymgGWOUdQktpJ3235bWlcKyzRi4QDua3ulSSv82xzHbhb617ODC49zAMtC7
K8EvdpKTQkQ4/A==
-----END CERTIFICATE-----