Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          GufXj6QTmtW0042FilYWT5CanctCzRDBTvUDYSQW4j0=
Subject key identifier:   6F:01:56:6D:DA:6F:7F:9C:EF:FA:60:AB:8F:32:93:9A:F5:1A:9F:49
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0198D66146BD0CC4914F481FCE573A2A2CBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:02:35 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:35 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:35 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: RVvTjztGPIIRtb3gYnuNIre/oKEtJZXHYXHHHnpjXow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:46:bd:0c:c4:91:4f:48:1f:ce:57:3a:2a:2c:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Aug 23 10:02:35 2025 GMT
            Not After : Aug 24 10:02:35 2025 GMT
        Subject: CN=6f01566dda6f7f9ceffa60ab8f32939af51a9f49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:3e:92:ce:f1:66:80:89:45:68:d5:99:92:f5:
                    4e:25:c2:02:d7:d5:be:eb:62:c4:6c:74:eb:0a:71:
                    80:a2:87:df:ea:be:69:be:bd:12:d2:0d:24:ce:54:
                    aa:e0:23:6b:2b:44:3d:e3:ff:62:fb:40:b2:52:7a:
                    08:d3:74:bf:4b:71:c7:22:41:e5:69:c6:e0:c2:43:
                    a9:ce:b4:71:02:e1:58:f5:5b:ba:a5:c1:28:84:76:
                    77:35:b5:38:b2:69:90:e4:37:71:61:b4:6a:33:7d:
                    de:69:bf:ae:25:7b:d4:d3:af:5a:67:48:03:74:59:
                    37:b3:61:d4:55:ab:12:79:54:01:ea:3d:03:bb:ee:
                    e7:3e:72:30:8b:bf:73:79:b5:eb:02:1e:28:11:80:
                    e2:bf:3d:fe:0f:3e:d5:f0:34:f9:51:fa:9e:ac:04:
                    2e:97:3d:e3:47:84:17:68:81:c0:81:7d:71:dc:ce:
                    ab:18:13:86:eb:cb:65:36:58:da:24:31:01:ca:5d:
                    9e:19:fc:34:53:8e:e4:54:54:cd:57:a2:fd:81:46:
                    ed:b6:d0:a8:5f:2c:da:ef:6e:14:0e:23:c8:cc:5e:
                    a0:32:fd:d4:cb:15:fc:4d:12:5f:6a:1e:a7:c2:3b:
                    de:f2:65:27:ad:34:44:3a:07:60:71:04:24:88:d1:
                    0f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:01:56:6D:DA:6F:7F:9C:EF:FA:60:AB:8F:32:93:9A:F5:1A:9F:49
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:d8:27:92:d9:eb:7d:ad:be:66:fa:fb:fc:84:12:97:1e:c1:
         dc:05:55:92:1a:a0:a7:10:33:ed:f9:3f:56:d4:11:0f:2e:aa:
         7d:cf:62:ce:90:f4:63:e2:3a:bf:de:2c:dc:70:39:1a:7e:5f:
         11:be:d4:17:a0:af:51:ac:5d:28:12:74:4e:fd:5a:47:9f:9e:
         b8:ae:19:d4:77:68:a5:6f:a9:9b:15:d4:01:cb:0e:5b:0b:87:
         50:b4:2f:be:2b:91:84:96:3c:63:af:2d:0c:1a:d9:d4:fc:80:
         c0:2d:2e:7f:26:3d:3a:c5:0a:d4:41:bb:a8:63:2d:17:44:9b:
         b8:75:71:12:fb:90:3e:b0:17:9f:41:6f:d5:46:c7:8a:ac:87:
         25:c3:91:a4:62:99:9c:e6:ab:6e:18:c9:f3:e6:c5:35:6a:88:
         3f:da:d8:45:e4:71:1b:08:8f:02:00:c2:79:20:16:7e:bc:d3:
         d3:d9:5b:2e:3a:10:75:7d:b6:6b:64:5d:41:55:8f:3d:6a:55:
         2f:29:5f:19:01:9f:86:ab:d6:2c:96:02:1b:17:6a:38:66:a6:
         32:9c:10:13:37:e5:18:2e:2b:2a:ce:06:2f:e9:68:2d:c7:ff:
         7f:c0:2c:ac:13:2b:ac:2c:9a:51:a2:f7:e2:27:c9:f8:91:92:
         17:bc:a3:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYUa9DMSRT0gfzlc6Kiy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwODIzMTAwMjM1WhcNMjUwODI0MTAwMjM1WjAzMTEwLwYDVQQD
Eyg2ZjAxNTY2ZGRhNmY3ZjljZWZmYTYwYWI4ZjMyOTM5YWY1MWE5ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD6SzvFmgIlFaNWZkvVOJcIC19W+
62LEbHTrCnGAooff6r5pvr0S0g0kzlSq4CNrK0Q94/9i+0CyUnoI03S/S3HHIkHl
acbgwkOpzrRxAuFY9Vu6pcEohHZ3NbU4smmQ5DdxYbRqM33eab+uJXvU069aZ0gD
dFk3s2HUVasSeVQB6j0Du+7nPnIwi79zebXrAh4oEYDivz3+Dz7V8DT5UfqerAQu
lz3jR4QXaIHAgX1x3M6rGBOG68tlNljaJDEByl2eGfw0U47kVFTNV6L9gUbtttCo
Xyza724UDiPIzF6gMv3UyxX8TRJfah6nwjve8mUnrTREOgdgcQQkiNEP/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8BVm3ab3+c7/pgq48yk5r1Gp9JMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXNgnktnr
fa2+Zvr7/IQSlx7B3AVVkhqgpxAz7fk/VtQRDy6qfc9izpD0Y+I6v94s3HA5Gn5f
Eb7UF6CvUaxdKBJ0Tv1aR5+euK4Z1HdopW+pmxXUAcsOWwuHULQvviuRhJY8Y68t
DBrZ1PyAwC0ufyY9OsUK1EG7qGMtF0SbuHVxEvuQPrAXn0Fv1UbHiqyHJcORpGKZ
nOarbhjJ8+bFNWqIP9rYReRxGwiPAgDCeSAWfrzT09lbLjoQdX22a2RdQVWPPWpV
LylfGQGfhqvWLJYCGxdqOGamMpwQEzflGC4rKs4GL+loLcf/f8AsrBMrrCyaUaL3
4ifJ+JGSF7yjkQ==
-----END CERTIFICATE-----