Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          IU57ZdGSvKh5lleB1Th6P+HnlXaRwpBvtK062Nw2hQ8=
Subject key identifier:   7D:DE:DC:CA:CC:17:2B:D4:F3:D2:30:4B:B1:4E:44:DE:F1:A0:50:17
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       0196AD31653B67F633EE086551D8825A3015
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          04AD
Signing time:             Thu 08 May 2025 00:00:17 +0000
Manifest this update:     Thu 08 May 2025 00:00:17 +0000
Manifest next update:     Fri 09 May 2025 00:00:17 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: m1VfbMB0RfnC8ZNQ3Ky1ZUhUM5EMZZJuyD+KfQb0ntU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 20:38:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ad:31:65:3b:67:f6:33:ee:08:65:51:d8:82:5a:30:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: May  8 00:00:17 2025 GMT
            Not After : May  9 00:00:17 2025 GMT
        Subject: CN=7ddedccacc172bd4f3d2304bb14e44def1a05017
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ef:81:63:ca:53:b3:6a:76:f7:cc:fd:15:62:
                    c9:e0:d5:f8:91:c3:e1:78:1d:fe:f0:44:6e:a9:1f:
                    88:ec:a7:06:a8:d8:57:4f:94:0f:05:f4:88:d5:8b:
                    7c:62:6b:a7:eb:db:4c:d7:42:61:ad:1b:54:78:03:
                    79:79:d8:e0:35:a3:dc:af:1b:ae:6d:7d:c9:7d:a0:
                    5f:10:e4:50:bc:00:14:d2:90:8a:1b:35:73:8d:4e:
                    cf:da:a4:8e:fb:88:5f:4b:c3:8d:4b:1c:11:92:e1:
                    ff:22:fb:e7:a0:6b:66:b6:91:6b:5e:c8:8b:4f:72:
                    7c:ff:8d:bc:e1:c8:e5:fa:7e:53:ba:f1:b1:25:59:
                    72:38:47:2d:5f:d3:4c:a6:98:5e:f3:a7:9f:35:8d:
                    2c:f4:da:41:65:b9:a7:15:20:62:05:08:ad:74:e5:
                    02:24:d0:78:dc:a3:8f:35:25:b5:5e:db:91:b3:0b:
                    58:1f:47:1d:a2:e4:09:a5:b4:43:39:2f:24:0f:82:
                    cf:6d:3e:c9:70:69:78:b0:10:30:b4:fd:92:43:96:
                    b4:eb:d8:6f:cb:1c:fa:6f:54:70:e0:d3:cd:96:32:
                    4a:aa:d8:64:2a:a0:22:db:82:da:2f:4c:8d:b0:f0:
                    8f:e9:97:50:fc:db:48:a5:21:49:e1:ac:eb:89:96:
                    4f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:DE:DC:CA:CC:17:2B:D4:F3:D2:30:4B:B1:4E:44:DE:F1:A0:50:17
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:7f:cc:f9:06:91:0b:ed:db:d4:9e:3b:a4:6e:ac:35:84:2e:
         21:74:43:0a:68:2b:3b:db:49:80:43:61:34:13:9e:a3:6c:11:
         b8:43:f7:a1:3d:48:f1:21:44:f8:e9:72:8f:b1:c2:ef:6e:d2:
         e2:70:54:76:00:de:88:be:e0:a5:dc:c1:65:a5:cc:60:4a:5c:
         b0:a0:77:70:4a:e6:59:f3:0f:9b:fb:13:d8:38:37:77:18:ba:
         e7:d4:1d:e9:a1:50:0a:07:0c:8a:cd:12:7b:8e:24:06:f2:67:
         7d:97:41:19:fa:30:9c:a6:22:17:38:48:80:59:0d:a0:43:b7:
         16:11:d1:4b:72:ea:2e:ea:b1:7d:eb:51:94:18:99:bf:ba:90:
         6f:10:66:28:b8:73:82:71:77:c4:75:2c:70:d8:b0:db:f9:44:
         aa:86:95:15:14:c0:1f:b1:41:b2:b8:e3:dc:90:4b:c3:d4:1a:
         24:5c:8d:36:19:91:16:cb:cb:eb:97:dd:3f:7d:54:3b:40:7f:
         34:b1:84:f3:bf:ae:b4:41:db:05:23:2b:cc:20:fe:5f:d0:47:
         1c:16:27:11:24:74:75:1c:82:91:93:86:8f:b1:0c:48:2c:1a:
         f7:45:71:bf:31:2b:b3:59:31:df:f3:29:6f:dd:a2:c4:6c:0d:
         bd:48:ca:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZatMWU7Z/Yz7ghlUdiCWjAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwNTA4MDAwMDE3WhcNMjUwNTA5MDAwMDE3WjAzMTEwLwYDVQQD
Eyg3ZGRlZGNjYWNjMTcyYmQ0ZjNkMjMwNGJiMTRlNDRkZWYxYTA1MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru+BY8pTs2p298z9FWLJ4NX4kcPh
eB3+8ERuqR+I7KcGqNhXT5QPBfSI1Yt8Ymun69tM10JhrRtUeAN5edjgNaPcrxuu
bX3JfaBfEORQvAAU0pCKGzVzjU7P2qSO+4hfS8ONSxwRkuH/IvvnoGtmtpFrXsiL
T3J8/4284cjl+n5TuvGxJVlyOEctX9NMpphe86efNY0s9NpBZbmnFSBiBQitdOUC
JNB43KOPNSW1XtuRswtYH0cdouQJpbRDOS8kD4LPbT7JcGl4sBAwtP2SQ5a069hv
yxz6b1Rw4NPNljJKqthkKqAi24LaL0yNsPCP6ZdQ/NtIpSFJ4azriZZPnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3e3MrMFyvU89IwS7FORN7xoFAXMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbX/M+QaR
C+3b1J47pG6sNYQuIXRDCmgrO9tJgENhNBOeo2wRuEP3oT1I8SFE+Olyj7HC727S
4nBUdgDeiL7gpdzBZaXMYEpcsKB3cErmWfMPm/sT2Dg3dxi659Qd6aFQCgcMis0S
e44kBvJnfZdBGfownKYiFzhIgFkNoEO3FhHRS3LqLuqxfetRlBiZv7qQbxBmKLhz
gnF3xHUscNiw2/lEqoaVFRTAH7FBsrjj3JBLw9QaJFyNNhmRFsvL65fdP31UO0B/
NLGE87+utEHbBSMrzCD+X9BHHBYnESR0dRyCkZOGj7EMSCwa90VxvzErs1kx3/Mp
b92ixGwNvUjKdg==
-----END CERTIFICATE-----