Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File:                     OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier:          QXhJuV53dHdyvxCnTGF0aMpyvOqdsK1TU1iwVyRGCE8=
Subject key identifier:   78:1C:CE:00:36:60:71:18:3F:BC:DC:4A:38:2E:34:81:F9:07:4B:FE
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer:       /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial:       0197B745A369574982E8F2D3AD9EAE5A8A72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 16:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:23 +0000
Files and hashes:         1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: ZPODs5JZlYB1/iKV0bmNHFcI7+qmg95RguMJwlgF+v0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:a3:69:57:49:82:e8:f2:d3:ad:9e:ae:5a:8a:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
        Validity
            Not Before: Jun 28 16:01:23 2025 GMT
            Not After : Jun 29 16:01:23 2025 GMT
        Subject: CN=781cce00366071183fbcdc4a382e3481f9074bfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9d:4b:95:fb:56:5f:5c:9f:37:e8:6e:37:22:
                    c5:4a:aa:70:92:7a:19:21:2f:e6:78:8f:c8:18:24:
                    c2:49:e2:1e:b6:78:fe:f2:67:2b:da:e8:69:d6:14:
                    5e:83:e7:97:0a:10:44:3e:4b:d0:4a:89:8b:a5:7c:
                    1c:a5:6c:52:97:39:85:be:eb:34:e4:08:d5:c9:73:
                    6d:e5:cd:92:88:fe:f9:35:5e:7f:f7:e3:96:4f:b7:
                    c7:72:d5:06:07:6a:9c:6d:64:10:db:cd:45:31:c0:
                    3d:3f:21:f9:8d:8a:11:3e:51:6d:43:5f:d6:2c:ec:
                    2e:e1:d2:ac:f2:b0:c6:2b:fa:61:52:8d:69:c1:7a:
                    8f:96:68:1c:b2:18:22:01:e8:8f:c4:4f:82:e6:dd:
                    66:c4:23:fd:ef:ee:37:7d:25:4e:d8:9f:c2:0c:a7:
                    16:1e:2b:94:02:b4:e0:0d:6c:bd:43:3f:67:c9:5e:
                    25:0d:89:27:87:a8:d6:46:82:25:b2:bc:ff:93:a2:
                    ce:e4:76:53:9d:a4:0e:db:69:07:13:63:af:80:fe:
                    c3:f7:dc:f8:32:43:ac:16:f9:9f:2d:1f:f3:54:7f:
                    c4:a9:4f:79:e0:2b:a0:3f:e5:c2:18:75:fc:f2:26:
                    fe:be:3b:ec:bb:80:2a:51:3d:c4:56:c6:0b:60:61:
                    ce:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:1C:CE:00:36:60:71:18:3F:BC:DC:4A:38:2E:34:81:F9:07:4B:FE
            X509v3 Authority Key Identifier:
                keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:de:36:94:8d:42:77:86:b8:74:7f:33:e0:16:57:4b:9b:21:
         33:7f:ef:99:1a:24:04:00:cb:c9:79:b3:a3:9c:68:6a:4d:2c:
         09:79:c2:dc:b0:b2:8e:bf:40:1f:95:cb:87:8c:22:89:60:e9:
         23:ca:2f:50:68:8d:c9:d8:25:04:7e:4a:c0:8a:71:39:fc:98:
         93:0d:ba:c9:2c:a1:f4:d9:62:3e:08:bf:c1:da:60:96:5f:70:
         c5:a9:ec:60:97:e6:e3:9c:f7:75:e6:c8:72:a0:1b:be:70:47:
         83:a8:6e:2c:f4:fa:ab:e9:d1:bb:d5:8a:5a:11:60:4b:bc:2d:
         b9:46:5b:63:83:47:80:ea:cf:42:e2:19:f0:18:c6:e5:01:ff:
         a1:58:d6:e1:7f:ad:25:05:a5:77:82:82:51:e6:e7:1d:81:f0:
         76:ce:9a:50:33:4e:5c:83:d7:50:69:84:81:c9:28:72:f8:2b:
         63:c8:55:13:90:dc:33:e3:9a:3a:9e:32:31:aa:24:50:d1:fa:
         f2:41:92:0e:15:bf:3b:1b:e3:a9:1e:09:81:02:d9:8e:48:b4:
         6a:fc:e8:82:3c:e1:16:c8:ec:d9:2c:89:b9:29:c7:43:c1:1c:
         d0:a8:73:d1:d2:0f:9d:37:fa:d7:5e:01:84:0e:a9:1e:e7:58:
         2e:97:a5:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RaNpV0mC6PLTrZ6uWopyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjUwNjI4MTYwMTIzWhcNMjUwNjI5MTYwMTIzWjAzMTEwLwYDVQQD
Eyg3ODFjY2UwMDM2NjA3MTE4M2ZiY2RjNGEzODJlMzQ4MWY5MDc0YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ1LlftWX1yfN+huNyLFSqpwknoZ
IS/meI/IGCTCSeIetnj+8mcr2uhp1hReg+eXChBEPkvQSomLpXwcpWxSlzmFvus0
5AjVyXNt5c2SiP75NV5/9+OWT7fHctUGB2qcbWQQ281FMcA9PyH5jYoRPlFtQ1/W
LOwu4dKs8rDGK/phUo1pwXqPlmgcshgiAeiPxE+C5t1mxCP97+43fSVO2J/CDKcW
HiuUArTgDWy9Qz9nyV4lDYknh6jWRoIlsrz/k6LO5HZTnaQO22kHE2OvgP7D99z4
MkOsFvmfLR/zVH/EqU954CugP+XCGHX88ib+vjvsu4AqUT3EVsYLYGHOzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgczgA2YHEYP7zcSjguNIH5B0v+MB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh942lI1C
d4a4dH8z4BZXS5shM3/vmRokBADLyXmzo5xoak0sCXnC3LCyjr9AH5XLh4wiiWDp
I8ovUGiNydglBH5KwIpxOfyYkw26ySyh9NliPgi/wdpgll9wxansYJfm45z3debI
cqAbvnBHg6huLPT6q+nRu9WKWhFgS7wtuUZbY4NHgOrPQuIZ8BjG5QH/oVjW4X+t
JQWld4KCUebnHYHwds6aUDNOXIPXUGmEgckocvgrY8hVE5DcM+OaOp4yMaokUNH6
8kGSDhW/OxvjqR4JgQLZjki0avzogjzhFsjs2SyJuSnHQ8Ec0Khz0dIPnTf6114B
hA6pHudYLpeluA==
-----END CERTIFICATE-----