Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          VW41YHTfl+SEDKGhbVH3CA4OuEwxxArNc9rwUnzgkQk=
Subject key identifier:   A3:0B:7E:D2:F3:39:C5:47:1C:06:F3:08:88:5F:3A:95:34:AB:E9:88
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       0198D5834E3463178C8451CECBF66577CCF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          047C
Signing time:             Sat 23 Aug 2025 06:00:08 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:08 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:08 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: cOnBIjpcOcQN82iF5t5ztchYCkR+gYm6MRtdPm+LXDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:4e:34:63:17:8c:84:51:ce:cb:f6:65:77:cc:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Aug 23 06:00:08 2025 GMT
            Not After : Aug 24 06:00:08 2025 GMT
        Subject: CN=a30b7ed2f339c5471c06f308885f3a9534abe988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4f:ae:31:df:e9:15:0f:57:81:53:6f:61:49:
                    5f:ed:c4:28:c9:8b:fa:a6:f2:fb:20:49:ff:5e:df:
                    52:73:73:7a:87:41:b4:80:5a:44:4b:8a:00:4d:55:
                    89:96:ce:96:20:36:e6:68:a7:f4:89:20:dc:1c:0f:
                    ab:4b:d9:aa:33:54:59:84:34:f0:c8:06:74:f3:f0:
                    d7:cb:35:69:25:d5:b5:c1:8e:fe:9b:0d:79:2f:9b:
                    98:df:99:f7:26:92:dc:ea:2e:1e:b0:fb:f8:bc:31:
                    bc:f9:bc:0d:70:11:56:99:7c:aa:50:44:b2:f4:6f:
                    47:cc:88:d0:ff:4f:1e:bc:47:94:e1:a9:3a:00:fa:
                    e6:b9:73:2e:b3:ac:ce:dd:55:a2:c3:98:54:78:bb:
                    b8:21:aa:5d:e1:48:96:ec:9f:97:59:4f:f1:e5:a8:
                    f3:67:f3:96:e6:e2:88:a0:5e:4e:b0:54:66:6f:3f:
                    2a:89:18:2e:16:25:39:92:f1:ab:41:cc:d0:98:26:
                    9d:7a:a9:9a:2f:1a:81:d8:df:51:4c:d8:01:ad:c2:
                    2e:03:c4:1d:eb:ff:ca:3a:a9:76:db:72:d8:f3:89:
                    f9:c8:c3:71:75:ab:84:e8:41:27:35:fa:e1:6f:6d:
                    36:0b:5e:d7:cb:f4:e3:e5:fd:9d:91:eb:b6:72:e3:
                    1c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:0B:7E:D2:F3:39:C5:47:1C:06:F3:08:88:5F:3A:95:34:AB:E9:88
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:e3:f3:03:a0:82:c0:97:48:ec:2f:e7:2a:84:da:46:99:9d:
         69:a5:43:1a:7a:9d:69:4c:73:2f:36:da:4b:9a:4d:48:51:bd:
         56:13:15:16:91:3f:b2:ac:ae:56:99:ad:a9:fe:eb:8b:fb:96:
         44:b3:82:36:6d:00:c2:a8:1b:51:59:07:9d:4f:fe:0d:f9:5f:
         98:58:d5:9a:1d:8d:76:43:64:c3:69:29:ed:2c:61:94:92:53:
         52:28:3a:a9:5b:d7:b4:60:5b:6a:3b:1e:19:e3:79:d8:0b:3f:
         30:46:06:17:c8:a8:8b:be:a8:03:53:3b:94:e6:39:a3:ea:54:
         11:b7:a1:cf:2c:5b:fe:20:4a:9e:1a:5f:9d:e0:60:aa:8e:eb:
         57:ce:c9:b4:10:d8:d9:fe:86:da:a3:61:b5:ca:bf:09:e7:e1:
         b7:ca:86:2f:c4:21:92:62:f8:0e:a3:4d:4d:be:09:a0:58:ef:
         24:7b:eb:30:1b:85:3b:af:d7:92:ae:29:36:7a:a1:71:0f:ac:
         02:6b:33:c4:46:d2:83:fd:cd:43:e0:a3:46:56:82:c8:69:b4:
         5f:21:ae:1c:77:bb:3e:39:a1:b1:93:1c:73:89:8e:16:70:11:
         7b:98:56:8f:1d:54:29:74:93:75:9f:9a:e2:88:bc:f9:a3:09:
         59:bf:76:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg040YxeMhFHOy/Zld8z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwODIzMDYwMDA4WhcNMjUwODI0MDYwMDA4WjAzMTEwLwYDVQQD
EyhhMzBiN2VkMmYzMzljNTQ3MWMwNmYzMDg4ODVmM2E5NTM0YWJlOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U+uMd/pFQ9XgVNvYUlf7cQoyYv6
pvL7IEn/Xt9Sc3N6h0G0gFpES4oATVWJls6WIDbmaKf0iSDcHA+rS9mqM1RZhDTw
yAZ08/DXyzVpJdW1wY7+mw15L5uY35n3JpLc6i4esPv4vDG8+bwNcBFWmXyqUESy
9G9HzIjQ/08evEeU4ak6APrmuXMus6zO3VWiw5hUeLu4Iapd4UiW7J+XWU/x5ajz
Z/OW5uKIoF5OsFRmbz8qiRguFiU5kvGrQczQmCadeqmaLxqB2N9RTNgBrcIuA8Qd
6//KOql223LY84n5yMNxdauE6EEnNfrhb202C17Xy/Tj5f2dkeu2cuMcowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMLftLzOcVHHAbzCIhfOpU0q+mIMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb+PzA6CC
wJdI7C/nKoTaRpmdaaVDGnqdaUxzLzbaS5pNSFG9VhMVFpE/sqyuVpmtqf7ri/uW
RLOCNm0AwqgbUVkHnU/+DflfmFjVmh2NdkNkw2kp7SxhlJJTUig6qVvXtGBbajse
GeN52As/MEYGF8ioi76oA1M7lOY5o+pUEbehzyxb/iBKnhpfneBgqo7rV87JtBDY
2f6G2qNhtcq/Cefht8qGL8QhkmL4DqNNTb4JoFjvJHvrMBuFO6/Xkq4pNnqhcQ+s
AmszxEbSg/3NQ+CjRlaCyGm0XyGuHHe7PjmhsZMcc4mOFnARe5hWjx1UKXSTdZ+a
4oi8+aMJWb927w==
-----END CERTIFICATE-----