Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          8kulocLSX7me8eo8eukB424JuJAD/mdKl4TwWwwGdJc=
Subject key identifier:   1F:2C:58:53:30:E6:72:3B:93:61:55:89:48:5E:0D:3F:09:03:CE:5F
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       0197B70E8EC1AE4CE1B432CE2139A36093FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 15:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:13 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: ImCLT0AOvV9v7hOJEuv8XK1u09peinokafJFtTU7NVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:8e:c1:ae:4c:e1:b4:32:ce:21:39:a3:60:93:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Jun 28 15:01:13 2025 GMT
            Not After : Jun 29 15:01:13 2025 GMT
        Subject: CN=1f2c585330e6723b93615589485e0d3f0903ce5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:91:a9:47:3e:80:15:10:fe:ab:95:d4:2e:b5:
                    5f:36:1e:0d:f5:46:1e:e3:9c:bb:42:d0:cb:4c:24:
                    71:4f:9e:da:11:c5:b7:e7:1e:db:65:04:67:a0:79:
                    4f:e1:5d:93:ad:2a:e0:7c:ca:99:46:e8:01:db:23:
                    c1:66:1d:d3:b0:d1:b3:57:1f:b6:eb:14:20:a6:bb:
                    9a:76:99:98:87:73:6f:2a:43:a1:71:40:29:e1:de:
                    ff:3e:16:68:c7:10:cb:2f:0e:4d:e2:ac:82:80:5d:
                    f9:71:4c:36:ac:aa:57:65:73:c5:3d:5e:a8:c8:02:
                    c5:43:38:25:62:cd:e6:d2:20:7e:3a:df:0a:7d:4b:
                    d1:0c:8b:b5:c5:01:a5:cb:73:3b:e5:4b:b2:1b:0c:
                    0a:72:67:67:8b:00:73:ac:5d:9b:bc:df:30:a7:7c:
                    e2:37:a5:dd:f5:32:40:c0:4c:cb:e5:35:71:99:69:
                    af:2b:c4:0c:b9:37:89:50:bb:7b:e1:7b:90:74:d6:
                    da:9e:50:4e:ad:71:66:a0:dd:ff:0c:ac:11:cc:b8:
                    bf:8c:f7:e1:a5:8c:89:a2:75:57:d4:0f:ee:30:6d:
                    3f:d2:da:a1:82:90:6e:ad:b5:45:f6:34:66:35:28:
                    7f:20:6c:71:92:34:d3:ae:2c:ba:38:ff:20:b0:97:
                    f5:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:2C:58:53:30:E6:72:3B:93:61:55:89:48:5E:0D:3F:09:03:CE:5F
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:33:4c:6f:e6:2e:98:89:32:0e:85:6a:cb:0f:72:25:8b:1f:
         c1:83:0e:82:c5:e4:25:98:1a:0f:95:0b:b8:06:7f:a5:fc:ec:
         a5:aa:8b:6d:99:68:5f:85:cb:c4:2f:28:b3:50:c5:8a:70:9e:
         44:32:bc:f7:fc:8a:d8:e5:90:90:e2:bf:2e:ac:92:c7:d8:e9:
         c8:63:39:88:ad:a7:db:e4:75:6d:00:48:d6:05:24:54:77:cd:
         88:80:53:ae:1b:a4:11:69:18:fb:a8:47:45:94:ea:ce:a8:6c:
         8f:21:47:8f:36:dd:53:39:69:2a:32:40:5a:fb:97:21:ec:3e:
         40:b1:3e:58:10:fd:18:e3:e8:0c:4d:60:56:85:15:a2:1d:20:
         a8:27:f1:eb:4e:ec:f8:58:74:67:1a:91:70:7b:a9:f4:55:46:
         6c:de:71:36:6e:ee:71:08:58:b4:43:98:49:7c:94:6a:01:be:
         95:34:03:50:f4:43:73:0e:56:de:e8:82:b2:1e:40:7b:c9:7d:
         0b:ee:f7:10:58:df:d1:f8:22:07:1b:a4:ae:bf:bc:70:d6:c1:
         9f:0e:7c:fe:7d:c7:f4:f5:e5:74:80:54:b9:94:ca:0e:d2:b2:
         cb:02:4b:03:fb:86:a2:7a:71:42:84:ff:b7:68:a4:cd:c7:ce:
         cb:c4:e6:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Do7BrkzhtDLOITmjYJP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwNjI4MTUwMTEzWhcNMjUwNjI5MTUwMTEzWjAzMTEwLwYDVQQD
EygxZjJjNTg1MzMwZTY3MjNiOTM2MTU1ODk0ODVlMGQzZjA5MDNjZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5GpRz6AFRD+q5XULrVfNh4N9UYe
45y7QtDLTCRxT57aEcW35x7bZQRnoHlP4V2TrSrgfMqZRugB2yPBZh3TsNGzVx+2
6xQgpruadpmYh3NvKkOhcUAp4d7/PhZoxxDLLw5N4qyCgF35cUw2rKpXZXPFPV6o
yALFQzglYs3m0iB+Ot8KfUvRDIu1xQGly3M75UuyGwwKcmdniwBzrF2bvN8wp3zi
N6Xd9TJAwEzL5TVxmWmvK8QMuTeJULt74XuQdNbanlBOrXFmoN3/DKwRzLi/jPfh
pYyJonVX1A/uMG0/0tqhgpBurbVF9jRmNSh/IGxxkjTTriy6OP8gsJf13wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8sWFMw5nI7k2FViUheDT8JA85fMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyjNMb+Yu
mIkyDoVqyw9yJYsfwYMOgsXkJZgaD5ULuAZ/pfzspaqLbZloX4XLxC8os1DFinCe
RDK89/yK2OWQkOK/LqySx9jpyGM5iK2n2+R1bQBI1gUkVHfNiIBTrhukEWkY+6hH
RZTqzqhsjyFHjzbdUzlpKjJAWvuXIew+QLE+WBD9GOPoDE1gVoUVoh0gqCfx607s
+Fh0ZxqRcHup9FVGbN5xNm7ucQhYtEOYSXyUagG+lTQDUPRDcw5W3uiCsh5Ae8l9
C+73EFjf0fgiBxukrr+8cNbBnw58/n3H9PXldIBUuZTKDtKyywJLA/uGonpxQoT/
t2ikzcfOy8TmnA==
-----END CERTIFICATE-----