Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          3ml5XSohPTJC76fMEQFF3Bs4EztCqX0Uz7Y1bXu64yE=
Subject key identifier:   4D:0F:82:FA:9D:3C:C4:AC:93:8A:B6:43:97:0B:B2:29:CB:CA:9B:DE
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       0197B70E502B63E94F407542F5C93041685A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          15B0
Signing time:             Sat 28 Jun 2025 15:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 15:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 15:00:57 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: nbwpLr28+tOWmRKgXPwurMFqHhy4DrSAAJaiNCEbkTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:50:2b:63:e9:4f:40:75:42:f5:c9:30:41:68:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: Jun 28 15:00:57 2025 GMT
            Not After : Jun 29 15:00:57 2025 GMT
        Subject: CN=4d0f82fa9d3cc4ac938ab643970bb229cbca9bde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f7:62:21:d4:2d:a2:b7:ef:51:ce:74:82:b9:
                    2c:3e:53:b4:da:e1:36:0d:b4:b3:03:1f:9c:41:34:
                    ba:d5:a6:b4:2b:c5:5f:f8:41:9e:a3:64:70:c1:22:
                    01:db:35:1d:46:14:74:b3:bb:6f:82:61:ae:5d:62:
                    79:84:5e:5b:17:c5:58:5d:b3:86:d3:05:53:bb:38:
                    66:d0:d9:ff:a8:67:a2:14:f1:3e:c3:d5:db:75:07:
                    7c:a9:f3:9b:25:f8:af:cf:0c:76:a2:fb:d3:d8:1a:
                    04:a1:c9:e4:08:95:11:bd:0d:77:81:b9:32:08:3d:
                    e9:25:dc:6c:7c:cf:e7:a5:5b:d1:16:0a:0c:41:f4:
                    6b:e1:81:d4:c3:81:7c:59:c0:14:ad:bc:5c:f7:30:
                    65:a6:fb:d4:be:9b:61:b4:c4:50:46:38:6f:f3:36:
                    53:9b:dc:a5:34:6e:51:8b:d7:19:fc:b0:56:31:66:
                    c0:fd:48:35:44:c4:31:67:6c:1b:b8:fb:14:05:91:
                    19:4d:d2:00:0e:ec:29:70:be:4d:91:61:b4:97:b1:
                    c3:5e:8f:20:d1:a2:6c:45:37:09:90:6c:1c:27:a6:
                    4e:15:56:d1:be:d8:a7:f4:e5:7b:4d:15:3d:12:18:
                    9f:ca:0c:10:67:bd:f3:df:12:f9:ce:27:49:e7:28:
                    0e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:0F:82:FA:9D:3C:C4:AC:93:8A:B6:43:97:0B:B2:29:CB:CA:9B:DE
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ce:ca:ab:4c:6e:db:f6:f3:0b:9c:6d:d9:72:44:71:5f:cf:
         e9:4c:67:5c:1b:db:e5:6f:bd:9b:0d:1a:bb:39:4e:ee:53:ed:
         56:a2:e7:c6:da:c0:f5:e6:65:05:1c:1c:a8:35:0e:c5:b5:89:
         5c:d1:8a:7a:87:0b:b2:c6:71:3a:6f:cc:f6:8c:4c:a2:a5:4f:
         b9:98:fb:c5:2c:ef:32:ab:79:83:b2:86:99:75:68:a6:51:38:
         92:51:12:a5:29:4a:b7:ce:3f:4c:06:39:63:6f:b6:da:08:97:
         ee:18:ea:ef:15:b2:a5:17:e3:09:cc:8c:ce:ba:c7:00:18:31:
         4c:96:69:c2:0b:f0:d7:52:36:8b:af:a7:2f:9f:eb:1a:96:c2:
         b4:83:11:84:82:c9:a0:6e:de:be:ef:32:ca:92:32:f4:41:37:
         12:f1:e4:50:ef:eb:4f:f3:62:b0:84:26:e6:57:bc:77:be:09:
         00:7e:ee:5d:22:a4:23:d6:7d:29:b2:b3:f9:b1:ce:0b:6a:46:
         eb:e5:18:ee:79:cf:90:fb:fc:a2:9e:a4:21:39:21:d7:28:0d:
         de:58:a2:14:94:8b:0c:b2:64:a0:10:57:89:fb:04:22:00:b5:
         53:1d:94:df:1a:e0:fc:6a:bb:f9:95:30:3e:05:d5:14:f4:41:
         67:25:6f:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DlArY+lPQHVC9ckwQWhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjUwNjI4MTUwMDU3WhcNMjUwNjI5MTUwMDU3WjAzMTEwLwYDVQQD
Eyg0ZDBmODJmYTlkM2NjNGFjOTM4YWI2NDM5NzBiYjIyOWNiY2E5YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPdiIdQtorfvUc50grksPlO02uE2
DbSzAx+cQTS61aa0K8Vf+EGeo2RwwSIB2zUdRhR0s7tvgmGuXWJ5hF5bF8VYXbOG
0wVTuzhm0Nn/qGeiFPE+w9XbdQd8qfObJfivzwx2ovvT2BoEocnkCJURvQ13gbky
CD3pJdxsfM/npVvRFgoMQfRr4YHUw4F8WcAUrbxc9zBlpvvUvpthtMRQRjhv8zZT
m9ylNG5Ri9cZ/LBWMWbA/Ug1RMQxZ2wbuPsUBZEZTdIADuwpcL5NkWG0l7HDXo8g
0aJsRTcJkGwcJ6ZOFVbRvtin9OV7TRU9EhifygwQZ73z3xL5zidJ5ygOTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0PgvqdPMSsk4q2Q5cLsinLypveMB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB87Kq0xu
2/bzC5xt2XJEcV/P6UxnXBvb5W+9mw0auzlO7lPtVqLnxtrA9eZlBRwcqDUOxbWJ
XNGKeocLssZxOm/M9oxMoqVPuZj7xSzvMqt5g7KGmXVoplE4klESpSlKt84/TAY5
Y2+22giX7hjq7xWypRfjCcyMzrrHABgxTJZpwgvw11I2i6+nL5/rGpbCtIMRhILJ
oG7evu8yypIy9EE3EvHkUO/rT/NisIQm5le8d74JAH7uXSKkI9Z9KbKz+bHOC2pG
6+UY7nnPkPv8op6kITkh1ygN3liiFJSLDLJkoBBXifsEIgC1Ux2U3xrg/Gq7+ZUw
PgXVFPRBZyVvXA==
-----END CERTIFICATE-----