Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          g4u7UNFnZL5xTF70t+BcfWP1RinYj0D45DJESDScH7c=
Subject key identifier:   A0:64:91:B0:85:59:D4:8E:46:32:28:B8:7A:70:4A:CB:81:33:B8:F4
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       0196C26FE9A9BC3C692939747689E5AE8DAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          0369
Signing time:             Mon 12 May 2025 03:00:36 +0000
Manifest this update:     Mon 12 May 2025 03:00:36 +0000
Manifest next update:     Tue 13 May 2025 03:00:36 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: xJJVo3MelN1NzrBkJeiSS4/1bOzUEN5ewvc46ni22e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:6f:e9:a9:bc:3c:69:29:39:74:76:89:e5:ae:8d:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: May 12 03:00:36 2025 GMT
            Not After : May 13 03:00:36 2025 GMT
        Subject: CN=a06491b08559d48e463228b87a704acb8133b8f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:6f:dc:ad:45:f6:2e:d4:71:17:7c:9f:ec:e7:
                    a4:e8:4f:62:68:e7:9b:e4:9f:bf:3e:14:f0:35:72:
                    a8:7e:43:2f:48:7e:7b:34:78:cd:df:b4:2c:88:ca:
                    3a:eb:42:fb:93:7a:58:ef:1e:ac:1a:ef:ab:26:95:
                    5a:fa:8e:47:cc:02:27:c6:42:04:f6:33:80:03:bc:
                    b3:1b:0b:c0:c6:66:9e:4d:ad:47:30:9f:ef:42:94:
                    d6:97:61:a9:4b:d3:b6:09:8d:8a:64:73:a3:fa:cc:
                    80:09:ee:69:09:98:6f:75:1a:ed:c8:68:ee:dc:33:
                    35:5b:bf:2f:10:71:c5:f4:97:44:8d:4b:f3:bb:5d:
                    46:ca:db:ec:14:a0:6b:8f:72:1d:52:b4:08:0d:63:
                    98:0b:89:94:61:67:bf:c1:fc:c5:c8:a2:08:bc:40:
                    67:ac:04:08:51:75:d7:31:2e:94:33:b8:ea:0b:9c:
                    16:7c:8c:9c:d6:9a:9f:25:c7:86:0a:3d:61:56:c3:
                    61:b2:87:48:d8:03:28:07:ba:5d:6d:47:fc:b2:d9:
                    ed:ab:7a:5d:87:ba:f4:90:98:5c:19:b5:67:11:e8:
                    9a:91:6f:c1:dc:13:ba:39:7f:ff:bb:d1:24:5a:ff:
                    a5:9f:ba:ce:3d:82:9d:13:7c:22:6d:33:3d:4a:88:
                    8b:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:64:91:B0:85:59:D4:8E:46:32:28:B8:7A:70:4A:CB:81:33:B8:F4
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:d1:b3:6c:22:49:1d:18:27:c9:47:3c:dd:1f:c4:b8:da:64:
         78:f9:78:2f:09:c4:31:9b:0e:bc:ed:31:b0:63:2e:8d:1d:ad:
         9a:48:32:77:00:5e:73:72:84:bf:69:f5:15:d2:cd:a2:ab:59:
         bc:5e:5e:7f:84:10:04:af:fe:c3:ee:e3:e7:05:88:a6:ef:a0:
         67:48:71:5b:9a:00:e0:cf:74:14:3e:3c:a6:6f:ce:5f:e1:12:
         5b:8c:07:ab:66:d4:b8:e6:eb:a6:ac:fb:96:4e:22:12:bc:71:
         95:50:45:46:11:3e:d5:65:40:d6:9e:52:de:3c:1e:23:c2:1c:
         ba:ce:39:bb:b2:10:09:23:03:65:91:ef:6e:03:dd:1a:dc:09:
         53:ff:1b:1d:29:1b:1f:03:8c:16:1d:94:87:cd:c6:7b:27:72:
         6b:30:d4:18:b5:32:b3:24:fc:48:13:d7:97:d0:47:02:f2:d7:
         a4:ca:ed:18:64:94:ab:83:c2:82:a3:7a:31:50:2d:57:4a:0a:
         93:e6:67:3a:1c:1c:96:d4:e0:01:6f:e4:8d:c6:58:c8:7b:53:
         bb:d3:fd:e9:23:9c:1a:06:64:f1:a2:c7:3a:3b:55:5c:9d:d6:
         f8:14:0b:60:af:86:3f:cf:76:30:ab:1d:4f:bc:dc:41:db:11:
         e6:7d:7c:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCb+mpvDxpKTl0donlro2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwNTEyMDMwMDM2WhcNMjUwNTEzMDMwMDM2WjAzMTEwLwYDVQQD
EyhhMDY0OTFiMDg1NTlkNDhlNDYzMjI4Yjg3YTcwNGFjYjgxMzNiOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W/crUX2LtRxF3yf7Oek6E9iaOeb
5J+/PhTwNXKofkMvSH57NHjN37QsiMo660L7k3pY7x6sGu+rJpVa+o5HzAInxkIE
9jOAA7yzGwvAxmaeTa1HMJ/vQpTWl2GpS9O2CY2KZHOj+syACe5pCZhvdRrtyGju
3DM1W78vEHHF9JdEjUvzu11GytvsFKBrj3IdUrQIDWOYC4mUYWe/wfzFyKIIvEBn
rAQIUXXXMS6UM7jqC5wWfIyc1pqfJceGCj1hVsNhsodI2AMoB7pdbUf8stntq3pd
h7r0kJhcGbVnEeiakW/B3BO6OX//u9EkWv+ln7rOPYKdE3wibTM9SoiLkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBkkbCFWdSORjIouHpwSsuBM7j0MB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACdGzbCJJ
HRgnyUc83R/EuNpkePl4LwnEMZsOvO0xsGMujR2tmkgydwBec3KEv2n1FdLNoqtZ
vF5ef4QQBK/+w+7j5wWIpu+gZ0hxW5oA4M90FD48pm/OX+ESW4wHq2bUuObrpqz7
lk4iErxxlVBFRhE+1WVA1p5S3jweI8Icus45u7IQCSMDZZHvbgPdGtwJU/8bHSkb
HwOMFh2Uh83GeydyazDUGLUysyT8SBPXl9BHAvLXpMrtGGSUq4PCgqN6MVAtV0oK
k+ZnOhwcltTgAW/kjcZYyHtTu9P96SOcGgZk8aLHOjtVXJ3W+BQLYK+GP892MKsd
T7zcQdsR5n18/A==
-----END CERTIFICATE-----