Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
File:                     OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft (raw, json)
Hash identifier:          t/LDQuGn+tUe+FvzODZld3KD5Ae4lMv6/4nF9QsL42Q=
Subject key identifier:   5F:DA:DE:9B:40:8C:0C:01:88:94:D4:56:66:8D:C4:AD:7D:61:DE:ED
Authority key identifier: 3B:2A:A7:20:56:81:71:62:0E:9B:C9:B9:7D:AD:CC:74:B5:13:39:4F
Certificate issuer:       /CN=3b2aa720568171620e9bc9b97dadcc74b513394f
Certificate serial:       019856453624560863B75AA81A16D34227FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
Manifest number:          063A
Signing time:             Tue 29 Jul 2025 13:00:33 +0000
Manifest this update:     Tue 29 Jul 2025 13:00:33 +0000
Manifest next update:     Wed 30 Jul 2025 13:00:33 +0000
Files and hashes:         1: OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl (hash: Da3gLZMgIIt1N46HmvnQXdimrOytc6F+hdNDEX0QvlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Jul 2025 08:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:56:45:36:24:56:08:63:b7:5a:a8:1a:16:d3:42:27:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b2aa720568171620e9bc9b97dadcc74b513394f
        Validity
            Not Before: Jul 29 13:00:33 2025 GMT
            Not After : Jul 30 13:00:33 2025 GMT
        Subject: CN=5fdade9b408c0c018894d456668dc4ad7d61deed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c5:9f:f2:b4:c1:a5:e8:e9:9e:73:2a:3c:41:
                    b2:41:d3:92:38:d9:1b:b6:9e:6b:77:11:cf:27:65:
                    fa:fa:e2:e0:80:90:cc:5f:9d:a6:05:31:8d:d0:75:
                    55:3c:59:0b:79:8e:a7:8e:0d:51:70:bc:29:4d:4c:
                    33:ff:15:ed:41:4c:09:8b:10:7d:97:7b:18:82:d3:
                    d7:bb:95:55:71:7a:c7:61:a9:3a:7d:6b:15:ec:94:
                    e5:57:76:36:05:43:1d:39:fe:7d:64:d8:32:3e:d4:
                    0f:84:fe:e0:b4:60:f9:5c:04:81:8e:e6:d5:7a:58:
                    da:fa:2d:52:84:55:c6:df:95:58:f7:0f:91:ab:4f:
                    15:68:1d:84:94:2b:32:99:fe:0b:7f:26:65:1c:65:
                    b6:f2:d2:f0:6c:7d:3d:b3:56:da:79:e3:5a:dd:ac:
                    c8:0f:a9:d4:b9:07:56:5c:25:d5:67:a0:40:e1:b7:
                    99:b7:97:41:6b:05:0d:d0:38:4b:e8:09:2d:a9:eb:
                    28:ca:fa:52:3a:fe:b8:b0:31:6c:2c:36:b7:cc:ab:
                    65:c1:0b:bf:47:ea:f1:1b:16:c0:bb:38:21:d2:01:
                    b0:82:8d:4e:f9:dd:ea:82:b9:20:ca:e0:ac:81:77:
                    c6:fd:5b:61:97:de:13:cf:2b:10:44:ab:ba:da:18:
                    2e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:DA:DE:9B:40:8C:0C:01:88:94:D4:56:66:8D:C4:AD:7D:61:DE:ED
            X509v3 Authority Key Identifier:
                keyid:3B:2A:A7:20:56:81:71:62:0E:9B:C9:B9:7D:AD:CC:74:B5:13:39:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:75:94:5b:13:4c:02:c6:8e:19:c6:84:37:17:1b:49:f8:70:
         32:55:89:73:08:e6:aa:b5:44:06:af:46:d5:ac:8f:fc:4a:cb:
         f7:8d:17:a3:fc:61:cf:2f:7e:55:f2:6d:22:8a:ca:a6:a7:8b:
         3c:7a:02:c1:8c:d8:b2:31:9a:3f:d6:66:4f:df:b4:72:0c:3c:
         64:c1:e1:74:61:c9:f9:ef:29:86:d1:7a:b9:a2:02:fd:d9:d5:
         d0:8d:10:37:ca:38:20:97:d7:9e:fd:23:0e:5a:9f:a1:40:bd:
         a1:68:e4:e3:c8:13:61:fa:0c:47:45:44:88:57:95:49:59:b1:
         2c:78:77:fc:0b:e2:be:8a:90:01:a9:4b:4c:5f:c7:97:fb:9c:
         eb:97:97:ae:5d:7a:5b:6e:0f:b4:03:65:f1:a0:55:3f:f2:cf:
         89:33:8f:bb:3d:23:6b:4d:97:26:99:5d:a1:d2:e5:0c:76:2e:
         c7:eb:e5:53:4e:60:e2:c1:69:c3:68:06:a3:c5:a2:50:55:ba:
         c5:27:5a:cc:ef:31:a6:21:22:2b:70:bf:e9:fe:de:f5:82:bf:
         9d:27:e3:ea:bc:09:4e:e7:f8:d1:51:f0:64:28:83:c6:8a:e7:
         e6:1a:bf:3a:52:cd:78:1c:0a:82:7c:a0:67:7a:c9:ab:68:94:
         14:89:2c:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhWRTYkVghjt1qoGhbTQif+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMmFhNzIwNTY4MTcxNjIwZTliYzliOTdkYWRjYzc0YjUx
MzM5NGYwHhcNMjUwNzI5MTMwMDMzWhcNMjUwNzMwMTMwMDMzWjAzMTEwLwYDVQQD
Eyg1ZmRhZGU5YjQwOGMwYzAxODg5NGQ0NTY2NjhkYzRhZDdkNjFkZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8Wf8rTBpejpnnMqPEGyQdOSONkb
tp5rdxHPJ2X6+uLggJDMX52mBTGN0HVVPFkLeY6njg1RcLwpTUwz/xXtQUwJixB9
l3sYgtPXu5VVcXrHYak6fWsV7JTlV3Y2BUMdOf59ZNgyPtQPhP7gtGD5XASBjubV
elja+i1ShFXG35VY9w+Rq08VaB2ElCsymf4LfyZlHGW28tLwbH09s1baeeNa3azI
D6nUuQdWXCXVZ6BA4beZt5dBawUN0DhL6AktqesoyvpSOv64sDFsLDa3zKtlwQu/
R+rxGxbAuzgh0gGwgo1O+d3qgrkgyuCsgXfG/Vthl94TzysQRKu62hguSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/a3ptAjAwBiJTUVmaNxK19Yd7tMB8GA1UdIwQY
MBaAFDsqpyBWgXFiDpvJuX2tzHS1EzlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNzc1ODktOGQ5YS00YjIyLTlhMTUt
NjA1ZGUwZWFhZWI2LzEvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNzc1ODktOGQ5YS00YjIyLTlhMTUtNjA1ZGUwZWFhZWI2
LzEvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZXWUWxNM
AsaOGcaENxcbSfhwMlWJcwjmqrVEBq9G1ayP/ErL940Xo/xhzy9+VfJtIorKpqeL
PHoCwYzYsjGaP9ZmT9+0cgw8ZMHhdGHJ+e8phtF6uaIC/dnV0I0QN8o4IJfXnv0j
DlqfoUC9oWjk48gTYfoMR0VEiFeVSVmxLHh3/AvivoqQAalLTF/Hl/uc65eXrl16
W24PtANl8aBVP/LPiTOPuz0ja02XJpldodLlDHYux+vlU05g4sFpw2gGo8WiUFW6
xSdazO8xpiEiK3C/6f7e9YK/nSfj6rwJTuf40VHwZCiDxorn5hq/OlLNeBwKgnyg
Z3rJq2iUFIksYA==
-----END CERTIFICATE-----