Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          /NtOXzahZeYWBY4hqNBzF8/psQ2njmCeP+pyUE6cIg4=
Subject key identifier:   47:DA:53:FE:86:1D:6B:63:96:9D:EC:32:86:2E:6F:79:8E:10:F4:ED
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       0198D473739F5F2D7AC569ED1D8EFBE4118F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          0B40
Signing time:             Sat 23 Aug 2025 01:03:12 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:12 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:12 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: Gd1PQ4HH7coLt+9PSdKIQZS7GuthUbAwNA7/UsBdoRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:73:9f:5f:2d:7a:c5:69:ed:1d:8e:fb:e4:11:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Aug 23 01:03:12 2025 GMT
            Not After : Aug 24 01:03:12 2025 GMT
        Subject: CN=47da53fe861d6b63969dec32862e6f798e10f4ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:21:cd:db:74:0a:89:fe:8b:84:e2:9c:fb:47:
                    8b:4a:1c:b2:dd:40:df:bf:be:e9:83:b4:3c:5b:27:
                    59:91:8c:77:e2:37:62:26:2a:68:0e:0e:af:1a:50:
                    02:05:58:9f:8a:bb:77:45:26:b5:b9:80:01:33:73:
                    2e:c9:36:24:7c:87:60:06:00:bf:a6:6b:2b:9f:d5:
                    ff:f5:1b:85:3a:71:36:e0:c1:65:d1:4d:29:c7:55:
                    84:f2:6b:56:9e:d5:26:fd:06:7a:c5:a5:61:2f:70:
                    3f:a7:3b:24:d2:a5:9c:ad:15:cc:05:1e:05:eb:e2:
                    9f:df:11:6b:5d:8a:cd:f3:f1:84:26:08:49:08:bb:
                    31:e0:0b:ad:57:17:1a:93:b8:5a:ad:9f:24:4b:24:
                    2d:97:88:cb:e8:15:ab:9b:22:67:d3:66:c3:cd:cf:
                    de:40:a2:64:14:00:3d:6f:b4:66:42:46:49:8f:39:
                    b6:64:1d:f8:28:2f:7f:2b:66:3a:34:4d:09:3b:80:
                    f4:bc:af:0f:7e:8e:24:c0:88:ee:6b:12:06:c8:ac:
                    e6:ce:21:0a:78:ad:7e:a0:6f:1d:0d:71:c8:49:64:
                    ae:88:04:cc:46:29:37:19:0e:da:e2:ea:e3:a3:21:
                    d8:89:c9:15:29:48:0b:00:17:1c:78:59:0d:ac:c6:
                    ed:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:DA:53:FE:86:1D:6B:63:96:9D:EC:32:86:2E:6F:79:8E:10:F4:ED
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:93:d6:cd:a0:90:19:d4:da:46:6e:f5:cf:ea:86:7d:20:00:
         6c:04:d5:c4:ed:bd:56:11:67:ea:19:17:4e:b9:0a:3d:81:d2:
         9d:b7:db:da:ab:df:82:f1:e9:09:a0:d0:b9:9e:6c:73:e9:8d:
         1c:44:09:fd:75:97:f5:d9:74:ac:fa:3f:52:29:0a:fe:66:05:
         e6:5d:6e:91:53:84:2c:1a:8c:2a:c6:f3:05:98:5c:6f:f1:eb:
         1f:fc:5f:0d:8d:ef:d0:5a:41:5c:62:4a:f4:ab:3d:8a:65:87:
         fb:7e:d0:eb:d4:36:6b:ea:82:8d:2e:6c:6a:d9:a5:a5:41:a8:
         e4:fd:60:83:dc:37:7a:14:ed:c8:d6:4a:f1:a3:4e:7b:46:4a:
         31:60:9f:e1:09:e2:dc:45:a9:69:c3:c8:1b:f1:91:0c:04:83:
         4e:6e:f3:e4:7b:5d:d4:99:88:16:84:35:53:a9:10:d3:5f:98:
         f8:33:cc:32:09:e6:92:ce:a8:07:c1:55:82:07:9c:0d:d8:8f:
         d4:5d:2c:e0:cc:84:d1:ed:22:9f:ee:b2:c2:cc:0d:81:dc:c0:
         be:73:f2:73:95:79:16:f4:f5:c5:d3:c2:8d:9f:35:ec:59:16:
         25:f5:14:0b:77:e9:78:e0:2d:b0:85:f3:e1:93:c3:a3:ac:d2:
         f1:6b:2c:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc3OfXy16xWntHY775BGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUwODIzMDEwMzEyWhcNMjUwODI0MDEwMzEyWjAzMTEwLwYDVQQD
Eyg0N2RhNTNmZTg2MWQ2YjYzOTY5ZGVjMzI4NjJlNmY3OThlMTBmNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSHN23QKif6LhOKc+0eLShyy3UDf
v77pg7Q8WydZkYx34jdiJipoDg6vGlACBVifirt3RSa1uYABM3MuyTYkfIdgBgC/
pmsrn9X/9RuFOnE24MFl0U0px1WE8mtWntUm/QZ6xaVhL3A/pzsk0qWcrRXMBR4F
6+Kf3xFrXYrN8/GEJghJCLsx4AutVxcak7harZ8kSyQtl4jL6BWrmyJn02bDzc/e
QKJkFAA9b7RmQkZJjzm2ZB34KC9/K2Y6NE0JO4D0vK8Pfo4kwIjuaxIGyKzmziEK
eK1+oG8dDXHISWSuiATMRik3GQ7a4urjoyHYickVKUgLABcceFkNrMbtlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfaU/6GHWtjlp3sMoYub3mOEPTtMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpPWzaCQ
GdTaRm71z+qGfSAAbATVxO29VhFn6hkXTrkKPYHSnbfb2qvfgvHpCaDQuZ5sc+mN
HEQJ/XWX9dl0rPo/UikK/mYF5l1ukVOELBqMKsbzBZhcb/HrH/xfDY3v0FpBXGJK
9Ks9imWH+37Q69Q2a+qCjS5satmlpUGo5P1gg9w3ehTtyNZK8aNOe0ZKMWCf4Qni
3EWpacPIG/GRDASDTm7z5Htd1JmIFoQ1U6kQ01+Y+DPMMgnmks6oB8FVggecDdiP
1F0s4MyE0e0in+6ywswNgdzAvnPyc5V5FvT1xdPCjZ817FkWJfUUC3fpeOAtsIXz
4ZPDo6zS8WsstA==
-----END CERTIFICATE-----