Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          KdEy0WfMGSdtYvIm5Awr0w0Jl3pm5jWcx/GPhkIegII=
Subject key identifier:   3D:FE:07:31:F4:1B:06:2C:A4:A8:47:56:BB:D1:07:66:11:EB:78:B7
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       0199FBEAA9FC53626F95B401B7732E40AB66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          0BD9
Signing time:             Sun 19 Oct 2025 10:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:24 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: bzevIu90jjZMnMdFyX7SXlntFlgbWM7NgHgLt9Dh5rY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:a9:fc:53:62:6f:95:b4:01:b7:73:2e:40:ab:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Oct 19 10:01:24 2025 GMT
            Not After : Oct 20 10:01:24 2025 GMT
        Subject: CN=3dfe0731f41b062ca4a84756bbd1076611eb78b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:35:c3:15:33:22:c8:cf:d1:c9:44:38:11:f3:
                    a9:94:30:08:8f:c3:d5:ca:47:5f:41:0c:47:68:9f:
                    bf:88:e4:33:a0:6b:dc:99:0e:04:f5:8a:ce:40:a6:
                    2f:a2:95:a4:b4:cd:f5:d9:ab:5d:ab:e1:61:4d:12:
                    60:73:b0:08:89:a6:0e:d4:c9:67:1e:c2:16:8e:25:
                    3c:91:6c:32:b5:5e:9f:6f:37:b4:c5:9a:bd:43:13:
                    8c:3b:5a:75:1d:6f:f6:b5:99:d1:d1:8e:bf:68:6d:
                    0b:8e:de:60:91:b0:2a:ba:b4:73:bb:81:ae:b9:5a:
                    4a:86:c3:13:5e:74:28:a8:36:48:18:cb:2b:94:f4:
                    2a:f8:4c:20:0f:02:1d:9a:f1:64:dc:69:55:33:8c:
                    ab:96:68:08:05:d3:c4:91:81:ed:26:cd:bc:97:81:
                    98:98:e9:96:ee:3c:6c:1d:9e:12:4c:a7:76:9e:74:
                    21:9d:0a:7c:df:3f:a2:1c:9d:c6:23:d8:bf:35:28:
                    a5:4a:e2:14:d1:8c:a8:9e:39:c1:28:63:1d:1b:82:
                    5d:9e:af:24:a3:79:6b:63:17:d7:2b:2a:a0:38:47:
                    3e:f5:11:0b:e1:60:08:90:dc:e7:2e:f2:f6:ac:fc:
                    ff:c7:29:ef:f8:89:e9:36:2c:61:a8:af:9d:c8:b8:
                    8f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:FE:07:31:F4:1B:06:2C:A4:A8:47:56:BB:D1:07:66:11:EB:78:B7
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:72:39:41:1a:46:6a:d6:d9:01:93:d9:67:f7:f5:d0:97:05:
         77:12:c2:c5:ed:90:ad:db:60:03:d7:5b:e3:b8:71:cb:b7:da:
         2b:1f:c1:41:1f:9c:df:01:a9:94:4b:df:8f:51:5d:eb:04:81:
         08:30:df:c7:cd:56:70:f1:41:5f:12:53:86:68:bd:eb:f3:85:
         a3:95:ed:15:d4:da:f4:e7:a8:c0:3e:c1:b0:5c:a3:75:2c:ab:
         39:27:4d:0a:43:1f:ca:14:04:50:c5:c8:2a:36:70:5b:83:43:
         94:63:06:96:dd:1b:5e:dc:96:c1:c3:ee:f9:bc:f3:1a:7b:72:
         1a:b7:95:dd:46:21:e5:91:3f:45:2e:d8:22:32:b9:d9:c4:15:
         0c:6d:fd:6e:cb:b9:09:5c:05:99:1c:00:ed:bd:77:13:39:0c:
         f5:b2:c7:84:7c:c5:a4:fe:18:59:d7:8e:9f:46:16:94:fc:a0:
         33:03:e8:be:a5:1b:6d:d5:ad:91:81:f2:9b:e8:df:73:c4:7f:
         b9:92:2e:12:60:01:b6:90:c8:48:03:7f:f2:b7:99:6c:48:a2:
         30:4c:51:5d:f7:a3:5a:e8:95:fb:cf:e9:1b:a4:d0:7f:da:46:
         40:64:d4:3d:7c:69:52:9f:c1:b5:0e:f5:fc:a0:b1:e7:e3:57:
         16:09:55:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76qn8U2JvlbQBt3MuQKtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUxMDE5MTAwMTI0WhcNMjUxMDIwMTAwMTI0WjAzMTEwLwYDVQQD
EygzZGZlMDczMWY0MWIwNjJjYTRhODQ3NTZiYmQxMDc2NjExZWI3OGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jXDFTMiyM/RyUQ4EfOplDAIj8PV
ykdfQQxHaJ+/iOQzoGvcmQ4E9YrOQKYvopWktM312atdq+FhTRJgc7AIiaYO1Mln
HsIWjiU8kWwytV6fbze0xZq9QxOMO1p1HW/2tZnR0Y6/aG0Ljt5gkbAqurRzu4Gu
uVpKhsMTXnQoqDZIGMsrlPQq+EwgDwIdmvFk3GlVM4yrlmgIBdPEkYHtJs28l4GY
mOmW7jxsHZ4STKd2nnQhnQp83z+iHJ3GI9i/NSilSuIU0YyonjnBKGMdG4Jdnq8k
o3lrYxfXKyqgOEc+9REL4WAIkNznLvL2rPz/xynv+InpNixhqK+dyLiPaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3+BzH0GwYspKhHVrvRB2YR63i3MB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb3I5QRpG
atbZAZPZZ/f10JcFdxLCxe2QrdtgA9db47hxy7faKx/BQR+c3wGplEvfj1Fd6wSB
CDDfx81WcPFBXxJThmi96/OFo5XtFdTa9OeowD7BsFyjdSyrOSdNCkMfyhQEUMXI
KjZwW4NDlGMGlt0bXtyWwcPu+bzzGntyGreV3UYh5ZE/RS7YIjK52cQVDG39bsu5
CVwFmRwA7b13EzkM9bLHhHzFpP4YWdeOn0YWlPygMwPovqUbbdWtkYHym+jfc8R/
uZIuEmABtpDISAN/8reZbEiiMExRXfejWuiV+8/pG6TQf9pGQGTUPXxpUp/BtQ71
/KCx5+NXFglVDw==
-----END CERTIFICATE-----