Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          IjE7jvjpcNMKLUDgS4TZxAhEZzgJTS0yz1NyzCDD1q0=
Subject key identifier:   94:5A:D7:96:18:05:C0:0B:F5:66:CF:8A:F4:C1:D4:BB:5A:DB:F2:C8
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       0197BA7D5DE51A162EE682A1025B2489A53A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          15B6
Signing time:             Sun 29 Jun 2025 07:01:07 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:07 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:07 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: 65ELqP/PZtB/QHQe+oKTphN72txstTQdtfZzFMdGa5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:5d:e5:1a:16:2e:e6:82:a1:02:5b:24:89:a5:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Jun 29 07:01:07 2025 GMT
            Not After : Jun 30 07:01:07 2025 GMT
        Subject: CN=945ad7961805c00bf566cf8af4c1d4bb5adbf2c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:de:75:ec:08:cf:cd:e0:e8:c8:f4:50:01:c3:
                    d9:cc:bf:14:ff:17:dd:7f:63:8b:18:51:c1:f8:93:
                    e8:98:42:6e:c9:30:01:ff:f1:4f:83:9a:9d:82:a5:
                    62:44:37:d8:a6:64:7c:ac:3f:b2:82:f9:55:81:24:
                    9a:70:35:89:6b:36:bc:d4:75:fd:6f:51:25:b7:cc:
                    db:37:8a:4e:3f:76:0f:80:c0:9d:1e:f4:77:97:b1:
                    78:79:d0:6a:f0:96:f2:94:57:f4:77:ff:45:73:d2:
                    d2:ec:f8:a8:a2:cb:8d:af:b7:a7:52:22:6a:66:ca:
                    93:d3:5a:ad:2b:a3:f3:21:25:67:d1:68:89:ab:0f:
                    84:35:e8:a3:15:91:2d:f0:93:26:94:57:dc:49:b8:
                    19:bc:94:0d:26:13:ff:3f:6b:b6:44:eb:43:5f:1b:
                    82:4e:ba:f4:5b:f5:77:27:dc:fb:a3:f8:07:15:60:
                    34:75:ce:2d:b2:ec:47:31:50:d2:23:27:a7:a3:f7:
                    aa:77:e2:0b:40:61:51:3b:44:af:52:ff:6b:cc:ab:
                    08:2a:97:f6:1c:4e:90:7e:13:cf:77:62:15:70:a1:
                    46:4d:54:df:5b:80:7a:69:f6:fb:99:15:0f:b9:8f:
                    5e:65:92:af:38:82:66:80:83:23:12:a4:1b:6e:09:
                    3f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:5A:D7:96:18:05:C0:0B:F5:66:CF:8A:F4:C1:D4:BB:5A:DB:F2:C8
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:fa:1f:09:b7:95:38:fc:cd:35:00:c3:6d:1a:c5:0e:09:87:
         73:1d:b7:1b:6e:68:31:bd:cf:f7:a3:a5:43:20:4b:7a:eb:73:
         e9:03:d7:95:05:b2:da:71:2f:82:b4:7d:03:99:84:35:da:8e:
         63:7d:36:59:c6:8c:d2:23:7b:ef:59:1a:18:4a:94:b5:51:6d:
         36:6c:56:70:f6:e5:4f:de:94:b4:bd:39:e0:1f:9d:b0:b9:7a:
         4c:07:c1:56:64:89:24:b4:60:3e:06:3c:c3:08:25:6d:92:26:
         af:20:c5:49:cb:4f:80:46:c2:2a:ca:a5:d5:66:27:73:f5:73:
         e7:57:00:41:78:56:a1:e9:ab:4b:59:08:5b:9d:0d:72:a7:96:
         f9:b8:cc:60:4a:d4:2f:c1:ca:95:09:6c:06:ae:97:be:af:62:
         95:23:f6:aa:6f:97:a2:25:f7:28:33:a4:58:2e:52:4d:d8:ea:
         39:e7:0a:d1:5d:20:69:07:bd:36:f7:68:5d:80:6a:c8:61:0d:
         01:89:75:cb:c9:7d:0e:c3:7e:f6:51:a2:b1:c9:21:be:b1:1e:
         21:f2:5d:f5:22:0e:5d:f2:21:21:81:03:15:92:5c:59:38:94:
         0c:22:fb:35:02:c0:d2:9a:1b:77:a3:df:7b:25:d5:54:1a:69:
         30:05:31:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fV3lGhYu5oKhAlskiaU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjUwNjI5MDcwMTA3WhcNMjUwNjMwMDcwMTA3WjAzMTEwLwYDVQQD
Eyg5NDVhZDc5NjE4MDVjMDBiZjU2NmNmOGFmNGMxZDRiYjVhZGJmMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN517AjPzeDoyPRQAcPZzL8U/xfd
f2OLGFHB+JPomEJuyTAB//FPg5qdgqViRDfYpmR8rD+ygvlVgSSacDWJaza81HX9
b1Elt8zbN4pOP3YPgMCdHvR3l7F4edBq8JbylFf0d/9Fc9LS7PioosuNr7enUiJq
ZsqT01qtK6PzISVn0WiJqw+ENeijFZEt8JMmlFfcSbgZvJQNJhP/P2u2ROtDXxuC
Trr0W/V3J9z7o/gHFWA0dc4tsuxHMVDSIyeno/eqd+ILQGFRO0SvUv9rzKsIKpf2
HE6QfhPPd2IVcKFGTVTfW4B6afb7mRUPuY9eZZKvOIJmgIMjEqQbbgk/CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRa15YYBcAL9WbPivTB1Lta2/LIMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/ofCbeV
OPzNNQDDbRrFDgmHcx23G25oMb3P96OlQyBLeutz6QPXlQWy2nEvgrR9A5mENdqO
Y302WcaM0iN771kaGEqUtVFtNmxWcPblT96UtL054B+dsLl6TAfBVmSJJLRgPgY8
wwglbZImryDFSctPgEbCKsql1WYnc/Vz51cAQXhWoemrS1kIW50NcqeW+bjMYErU
L8HKlQlsBq6Xvq9ilSP2qm+XoiX3KDOkWC5STdjqOecK0V0gaQe9NvdoXYBqyGEN
AYl1y8l9DsN+9lGisckhvrEeIfJd9SIOXfIhIYEDFZJcWTiUDCL7NQLA0pobd6Pf
eyXVVBppMAUxLg==
-----END CERTIFICATE-----