Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          TvJw5M53+dza6RYwOf2Igxz6fr0JkiVkil6r3AzQpNA=
Subject key identifier:   52:37:E2:F2:6C:85:46:91:5B:E4:C7:A5:C6:FE:CF:80:AE:2E:9B:74
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       0196526D7705CE479390A6D5F43F5BE5D21C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          047E
Signing time:             Sun 20 Apr 2025 09:00:27 +0000
Manifest this update:     Sun 20 Apr 2025 09:00:27 +0000
Manifest next update:     Mon 21 Apr 2025 09:00:27 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: pfM2L7VYZoRIypqgoVbD8lvpBBfDeNKIuVpQTU6DnCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:6d:77:05:ce:47:93:90:a6:d5:f4:3f:5b:e5:d2:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Apr 20 09:00:27 2025 GMT
            Not After : Apr 21 09:00:27 2025 GMT
        Subject: CN=5237e2f26c8546915be4c7a5c6fecf80ae2e9b74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:4c:f3:cb:6a:0d:25:76:1c:11:fd:12:cc:c2:
                    16:4d:c5:b5:61:65:7e:c2:64:19:5b:07:9d:00:9e:
                    0f:c5:80:02:12:c9:5d:02:20:f4:63:60:68:14:2a:
                    89:21:ae:05:b4:b5:58:ae:2a:4e:c1:9b:89:af:f1:
                    5a:1f:e8:c7:d3:a6:21:89:11:f4:24:87:d9:2b:e4:
                    e4:6b:94:44:25:83:fd:d9:8a:b4:6d:15:15:96:3c:
                    f5:95:3f:8b:fb:18:08:c1:99:d9:55:52:65:8a:17:
                    00:cd:74:04:ba:80:0d:31:5d:3d:60:3a:db:05:33:
                    63:77:70:99:a4:1c:95:0c:cc:e0:32:1b:87:0f:fb:
                    1b:09:a5:82:cd:b5:29:1c:aa:1e:5c:24:58:2d:67:
                    e9:5e:6d:78:1d:c1:02:a7:fc:d4:51:68:91:13:0d:
                    30:39:53:ac:aa:01:c3:8f:4b:da:63:25:70:d6:7f:
                    62:de:8c:35:43:d2:bd:48:87:44:0e:90:54:d2:8b:
                    55:14:af:5a:bb:81:28:1c:63:f4:ac:97:21:ac:92:
                    9a:78:3a:e0:c6:02:e8:a8:03:1b:87:00:11:f4:83:
                    79:ba:27:70:86:bf:44:05:e1:8e:3a:aa:f3:71:97:
                    87:f1:d7:6e:9a:04:d3:e4:22:00:6f:24:34:1a:71:
                    07:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:37:E2:F2:6C:85:46:91:5B:E4:C7:A5:C6:FE:CF:80:AE:2E:9B:74
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:4d:c5:fa:c7:f8:41:eb:b1:7f:8e:5d:43:a5:ab:df:e4:be:
         9b:90:16:39:6d:e2:e3:6c:e7:dd:bf:5c:d3:84:e8:96:17:ee:
         fe:da:97:e0:a6:72:74:22:13:94:05:81:ab:f4:ad:e9:04:18:
         8f:8e:07:a6:d5:f4:b2:05:23:44:4b:54:90:c0:f2:08:e6:5d:
         e5:ff:51:88:f2:51:b2:60:19:bc:59:9f:2a:c1:d3:1f:26:36:
         b2:bd:10:10:51:fa:8a:3c:16:4b:92:bb:b2:97:92:89:bc:0b:
         c4:50:96:22:78:75:2d:8f:58:7b:60:29:7c:60:9a:ed:2b:c9:
         db:01:b2:d0:f2:70:84:bc:7d:69:65:cc:5c:5b:74:af:f1:9e:
         3b:43:90:09:72:39:ba:51:17:24:6a:2d:91:fb:81:8e:0e:b5:
         ae:e1:44:5e:5c:71:57:cc:03:a1:e3:da:75:cb:11:c1:73:f6:
         1c:62:fe:9a:fa:1c:da:9e:3d:9e:aa:39:77:f0:a7:5d:23:56:
         ca:af:17:c7:b5:36:d8:e1:d1:28:41:35:ef:d2:09:ed:73:93:
         ba:74:e0:4b:6d:f9:6c:eb:f9:bd:e9:35:e5:cf:d9:a7:a6:bd:
         35:7a:fb:47:00:88:bd:ba:1e:f7:ff:77:93:65:c6:d6:d6:8b:
         39:24:a1:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbXcFzkeTkKbV9D9b5dIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwNDIwMDkwMDI3WhcNMjUwNDIxMDkwMDI3WjAzMTEwLwYDVQQD
Eyg1MjM3ZTJmMjZjODU0NjkxNWJlNGM3YTVjNmZlY2Y4MGFlMmU5Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0zzy2oNJXYcEf0SzMIWTcW1YWV+
wmQZWwedAJ4PxYACEsldAiD0Y2BoFCqJIa4FtLVYripOwZuJr/FaH+jH06YhiRH0
JIfZK+Tka5REJYP92Yq0bRUVljz1lT+L+xgIwZnZVVJlihcAzXQEuoANMV09YDrb
BTNjd3CZpByVDMzgMhuHD/sbCaWCzbUpHKoeXCRYLWfpXm14HcECp/zUUWiREw0w
OVOsqgHDj0vaYyVw1n9i3ow1Q9K9SIdEDpBU0otVFK9au4EoHGP0rJchrJKaeDrg
xgLoqAMbhwAR9IN5uidwhr9EBeGOOqrzcZeH8ddumgTT5CIAbyQ0GnEHkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFI34vJshUaRW+THpcb+z4CuLpt0MB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW03F+sf4
Qeuxf45dQ6Wr3+S+m5AWOW3i42zn3b9c04Tolhfu/tqX4KZydCITlAWBq/St6QQY
j44HptX0sgUjREtUkMDyCOZd5f9RiPJRsmAZvFmfKsHTHyY2sr0QEFH6ijwWS5K7
speSibwLxFCWInh1LY9Ye2ApfGCa7SvJ2wGy0PJwhLx9aWXMXFt0r/GeO0OQCXI5
ulEXJGotkfuBjg61ruFEXlxxV8wDoePadcsRwXP2HGL+mvoc2p49nqo5d/CnXSNW
yq8Xx7U22OHRKEE179IJ7XOTunTgS235bOv5vek15c/Zp6a9NXr7RwCIvboe9/93
k2XG1taLOSShBw==
-----END CERTIFICATE-----