Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          EcdOZXyW0yJ3pk5lwu6TdY5GBajyzL3DEi2CsUCIIp8=
Subject key identifier:   5D:AE:91:6F:32:02:E2:88:DA:7D:79:4F:41:36:54:97:B0:53:DD:39
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       0198D5839F9730DF27AE5F8530498AB3C44E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          05CB
Signing time:             Sat 23 Aug 2025 06:00:29 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:29 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:29 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: Zcz2rw0eFiIWcm0BCgPO6Z4XM0r2CZWONuxu5fdi/KM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:9f:97:30:df:27:ae:5f:85:30:49:8a:b3:c4:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Aug 23 06:00:29 2025 GMT
            Not After : Aug 24 06:00:29 2025 GMT
        Subject: CN=5dae916f3202e288da7d794f41365497b053dd39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:04:d0:32:4d:63:3e:de:97:9c:3f:73:45:49:
                    0d:eb:4f:49:fb:85:1d:f9:f4:df:a8:b3:27:78:71:
                    c9:61:c7:62:fe:3e:d9:ef:30:e6:29:08:5a:3e:14:
                    bf:c7:60:00:c5:b5:be:b7:70:63:bc:25:24:84:83:
                    64:bd:11:c3:6b:61:c1:bf:9c:63:bb:28:81:1b:bd:
                    c7:42:17:a6:e1:e4:ff:8d:d3:43:01:c4:9d:af:02:
                    89:d9:4f:da:fb:b3:aa:11:4f:c8:1b:f7:f0:7c:0b:
                    80:c6:52:ed:51:b8:d2:0e:8d:eb:28:7e:e5:ec:c8:
                    34:bd:c5:bd:6c:0a:6d:64:44:c2:81:41:74:8b:83:
                    75:b4:b5:94:e3:2c:cf:11:b7:48:64:8b:19:7c:83:
                    df:18:d0:77:b7:2e:2e:24:03:ae:5f:fb:78:6a:71:
                    04:e5:a6:4a:88:45:0b:63:6a:9b:7d:ba:71:3d:75:
                    4b:88:14:fe:a9:1d:d8:db:f8:e5:1a:be:25:cf:24:
                    76:cb:e8:fc:74:73:ff:7a:90:de:72:eb:9a:4e:fb:
                    b5:b1:af:36:85:d9:2e:5f:64:6e:99:ca:ef:9c:0e:
                    11:1f:cd:11:61:e1:c9:5c:2c:57:00:d8:db:d9:5c:
                    f9:37:4b:0a:d3:f3:12:67:11:81:1e:6b:43:67:17:
                    f3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:AE:91:6F:32:02:E2:88:DA:7D:79:4F:41:36:54:97:B0:53:DD:39
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:28:8a:9c:3b:86:7e:fe:0e:b1:55:0b:75:49:85:82:12:58:
         2a:3e:49:5c:7b:05:4c:00:c3:00:54:84:2d:48:9b:7a:d4:21:
         4e:93:1e:e6:31:d7:ed:49:b8:6e:e2:c4:d8:e1:e1:55:ca:d6:
         a8:7e:7c:45:21:3d:41:bf:df:99:2e:fe:db:a6:58:89:58:0c:
         28:85:de:c0:20:b0:e8:2b:a4:ea:0d:99:2b:4d:ba:7e:f3:32:
         55:1b:3f:73:62:32:fe:45:4a:15:b8:1f:c7:3f:a1:4a:9d:ab:
         64:47:79:b0:e8:45:1d:2d:83:90:a2:ab:a1:16:2c:53:c9:85:
         49:ac:ec:a2:a3:ed:59:44:4d:54:b9:78:1f:3a:15:55:58:e8:
         53:bc:11:4d:39:5d:a7:af:11:1f:d3:2e:33:10:ed:a9:5f:2c:
         e9:10:7f:d6:b6:9d:69:65:04:a6:59:a4:5c:d9:ab:6c:cc:ee:
         95:9a:21:ba:81:c3:06:18:f4:41:b8:5d:24:2e:48:b7:5a:cb:
         37:3d:7d:7a:b7:a5:fa:a3:2b:30:e5:8b:8a:79:41:c5:a6:1c:
         43:5e:40:7d:4e:30:21:b3:b0:e2:ff:fa:29:c6:cd:82:d2:6e:
         7b:75:1b:72:03:17:d4:93:9d:4c:46:50:17:d7:99:da:7e:f0:
         0a:38:ad:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg5+XMN8nrl+FMEmKs8ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwODIzMDYwMDI5WhcNMjUwODI0MDYwMDI5WjAzMTEwLwYDVQQD
Eyg1ZGFlOTE2ZjMyMDJlMjg4ZGE3ZDc5NGY0MTM2NTQ5N2IwNTNkZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgTQMk1jPt6XnD9zRUkN609J+4Ud
+fTfqLMneHHJYcdi/j7Z7zDmKQhaPhS/x2AAxbW+t3BjvCUkhINkvRHDa2HBv5xj
uyiBG73HQhem4eT/jdNDAcSdrwKJ2U/a+7OqEU/IG/fwfAuAxlLtUbjSDo3rKH7l
7Mg0vcW9bAptZETCgUF0i4N1tLWU4yzPEbdIZIsZfIPfGNB3ty4uJAOuX/t4anEE
5aZKiEULY2qbfbpxPXVLiBT+qR3Y2/jlGr4lzyR2y+j8dHP/epDecuuaTvu1sa82
hdkuX2RumcrvnA4RH80RYeHJXCxXANjb2Vz5N0sK0/MSZxGBHmtDZxfziwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2ukW8yAuKI2n15T0E2VJewU905MB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCiKnDuG
fv4OsVULdUmFghJYKj5JXHsFTADDAFSELUibetQhTpMe5jHX7Um4buLE2OHhVcrW
qH58RSE9Qb/fmS7+26ZYiVgMKIXewCCw6Cuk6g2ZK026fvMyVRs/c2Iy/kVKFbgf
xz+hSp2rZEd5sOhFHS2DkKKroRYsU8mFSazsoqPtWURNVLl4HzoVVVjoU7wRTTld
p68RH9MuMxDtqV8s6RB/1radaWUEplmkXNmrbMzulZohuoHDBhj0QbhdJC5It1rL
Nz19erel+qMrMOWLinlBxaYcQ15AfU4wIbOw4v/6KcbNgtJue3UbcgMX1JOdTEZQ
F9eZ2n7wCjitIw==
-----END CERTIFICATE-----