Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          Nj+BSpQnpWYnX5/RmK2hvHQI92PhQqZfYfQAUylw7Bk=
Subject key identifier:   FB:6A:53:33:14:DF:D2:4F:24:3C:71:1C:2B:9C:D0:EE:43:61:15:C3
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       0197B7B35BEB7F4C62E10CBE3C99BFE9ED4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          03E8
Signing time:             Sat 28 Jun 2025 18:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:14 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: ao1w8F1rkiz5m+CIUS3no8ebmcrgk385gSJMsssulrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:5b:eb:7f:4c:62:e1:0c:be:3c:99:bf:e9:ed:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Jun 28 18:01:14 2025 GMT
            Not After : Jun 29 18:01:14 2025 GMT
        Subject: CN=fb6a533314dfd24f243c711c2b9cd0ee436115c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f6:a3:02:4b:f0:d3:ff:68:9b:fd:6b:8c:02:
                    7d:49:ed:94:86:a8:fb:3a:1c:44:ae:48:2c:48:56:
                    31:8b:5d:9a:2e:e7:9a:0a:f8:1a:57:d5:73:a2:ce:
                    f2:fc:6c:3d:12:b1:5c:b9:e4:d8:58:20:61:ad:bb:
                    dc:bd:07:9e:69:1a:c9:8d:84:f8:31:e5:8d:a1:3e:
                    7c:79:9a:f5:1c:6a:33:d4:1b:c4:36:02:b7:d5:25:
                    b1:5d:0d:76:88:20:e0:4d:a6:18:aa:35:df:ac:c4:
                    b1:4a:9a:d9:27:a7:49:f2:ff:53:21:b0:92:11:4a:
                    e0:1c:e0:e3:89:84:d3:82:a9:29:29:54:a6:f8:44:
                    93:28:f3:56:75:fb:4d:15:c3:f1:95:ae:e1:0b:16:
                    c8:09:b5:44:6d:26:ac:dc:0f:8c:9f:aa:53:f1:c2:
                    2e:7b:8f:49:ae:4b:55:a1:89:49:02:28:f6:77:c0:
                    71:89:a7:f3:a4:49:6f:94:8d:61:e7:95:d2:20:5e:
                    fd:0f:15:3c:89:c8:01:57:7f:16:9a:67:01:9e:a6:
                    79:d2:30:3c:4b:bf:4a:9b:19:7c:01:9f:f7:62:b4:
                    bf:ae:2e:4a:db:7f:58:9a:b5:a2:ef:c3:60:c8:05:
                    a8:5f:18:3e:12:07:e2:bb:79:2d:c7:18:a0:e7:b9:
                    9a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:6A:53:33:14:DF:D2:4F:24:3C:71:1C:2B:9C:D0:EE:43:61:15:C3
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:2f:d4:06:a7:8b:8f:8b:3e:04:0a:ac:17:7d:65:da:2d:f4:
         98:69:c5:d3:26:71:85:d3:04:73:05:fd:87:7c:74:e4:44:30:
         de:d4:3c:fd:da:ed:ac:e5:9b:06:b7:69:ae:46:e4:fd:2a:c4:
         94:bb:30:5e:4e:83:0b:8a:41:16:25:a6:62:e0:51:d2:33:a9:
         ef:d7:23:bc:80:09:d3:2e:d3:98:b2:d2:14:41:d3:d3:c0:ef:
         68:ae:ec:f7:04:ef:d4:ea:e7:a7:5c:cd:0a:ca:88:9c:b1:16:
         06:8c:bd:86:ca:61:af:12:78:ca:fe:a0:7f:ca:4e:58:92:f9:
         7d:12:8e:bb:25:6d:bb:b0:19:44:83:a4:80:bb:67:1f:ae:76:
         f4:8e:05:2c:42:fa:71:57:d8:16:29:34:88:40:39:bc:84:f4:
         b6:d9:03:d3:1a:51:e7:4d:74:be:93:19:fa:c6:2a:b4:53:28:
         1a:f0:1c:7a:05:c6:1b:3f:f9:55:ab:0f:3c:73:ad:48:36:c2:
         56:c9:12:a0:bd:dc:2d:67:d1:ad:0d:73:5b:aa:ed:5a:f5:7b:
         f4:8e:e7:e4:c3:c1:96:37:83:0c:b7:33:55:65:38:3b:af:41:
         db:fc:74:bb:9d:3c:f3:33:99:07:30:7c:00:78:8a:21:14:8b:
         d2:50:a2:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s1vrf0xi4Qy+PJm/6e1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwNjI4MTgwMTE0WhcNMjUwNjI5MTgwMTE0WjAzMTEwLwYDVQQD
EyhmYjZhNTMzMzE0ZGZkMjRmMjQzYzcxMWMyYjljZDBlZTQzNjExNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ajAkvw0/9om/1rjAJ9Se2Uhqj7
OhxErkgsSFYxi12aLueaCvgaV9Vzos7y/Gw9ErFcueTYWCBhrbvcvQeeaRrJjYT4
MeWNoT58eZr1HGoz1BvENgK31SWxXQ12iCDgTaYYqjXfrMSxSprZJ6dJ8v9TIbCS
EUrgHODjiYTTgqkpKVSm+ESTKPNWdftNFcPxla7hCxbICbVEbSas3A+Mn6pT8cIu
e49JrktVoYlJAij2d8BxiafzpElvlI1h55XSIF79DxU8icgBV38WmmcBnqZ50jA8
S79Kmxl8AZ/3YrS/ri5K239YmrWi78NgyAWoXxg+Egfiu3ktxxig57manwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtqUzMU39JPJDxxHCuc0O5DYRXDMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfC/UBqeL
j4s+BAqsF31l2i30mGnF0yZxhdMEcwX9h3x05EQw3tQ8/drtrOWbBrdprkbk/SrE
lLswXk6DC4pBFiWmYuBR0jOp79cjvIAJ0y7TmLLSFEHT08DvaK7s9wTv1Ornp1zN
CsqInLEWBoy9hsphrxJ4yv6gf8pOWJL5fRKOuyVtu7AZRIOkgLtnH6529I4FLEL6
cVfYFik0iEA5vIT0ttkD0xpR5010vpMZ+sYqtFMoGvAcegXGGz/5VasPPHOtSDbC
VskSoL3cLWfRrQ1zW6rtWvV79I7n5MPBljeDDLczVWU4O69B2/x0u5088zOZBzB8
AHiKIRSL0lCiRQ==
-----END CERTIFICATE-----