Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          h8mDvAM6ElURADDiQGufYtoQFhtDyBxT7M3iVKNnEjY=
Subject key identifier:   5B:B1:A0:1E:DD:EF:FC:8A:1D:FA:F4:03:DA:CB:9F:28:66:EA:75:0D
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       0198541FDBF8DBB512911532DA0DE7B6EF30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          0588
Signing time:             Tue 29 Jul 2025 03:00:30 +0000
Manifest this update:     Tue 29 Jul 2025 03:00:30 +0000
Manifest next update:     Wed 30 Jul 2025 03:00:30 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: fGx92QdrFdqnzoXjygMIJ2Bwvv/l/iu8P/yohGCVSZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:54:1f:db:f8:db:b5:12:91:15:32:da:0d:e7:b6:ef:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Jul 29 03:00:30 2025 GMT
            Not After : Jul 30 03:00:30 2025 GMT
        Subject: CN=5bb1a01eddeffc8a1dfaf403dacb9f2866ea750d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:39:41:e2:d9:47:9b:06:80:ac:66:29:50:35:
                    d6:4a:6a:90:f2:a6:8b:c2:df:80:47:7a:48:72:fc:
                    45:ba:bf:97:ff:04:e3:65:62:f1:08:c4:04:70:96:
                    3b:77:28:44:24:28:8b:dd:07:a1:03:1b:9e:aa:cc:
                    bb:7a:7b:9b:48:e4:26:51:3d:1b:ba:d1:a9:19:eb:
                    20:3b:e4:ed:82:43:8c:cd:79:e3:0f:8a:de:95:e8:
                    2d:39:6b:1a:7e:36:1c:a8:c4:8d:00:54:48:f2:5a:
                    09:af:84:c2:7c:a3:d6:25:00:11:94:ea:8d:b0:1a:
                    47:c5:a4:cc:66:24:3a:63:53:d5:6f:77:d1:d2:55:
                    96:a8:73:35:91:c0:85:9e:bc:4f:7c:57:d9:56:2a:
                    d9:ff:61:55:de:4c:90:ff:fb:f2:34:a4:2c:a3:14:
                    e1:35:94:c7:01:bc:9a:07:22:f5:66:20:40:71:3c:
                    08:50:8d:2c:5e:90:63:69:9c:b9:91:2e:86:d3:db:
                    70:86:c7:1f:73:a0:e4:b5:8d:a4:62:8a:f3:12:e9:
                    22:b1:90:7e:4c:5e:c8:c4:d0:c0:be:49:d4:16:0d:
                    c6:46:9d:75:44:21:74:5d:07:7e:5f:7a:db:9c:b3:
                    a4:f7:f3:13:02:9d:9b:c4:cf:35:26:7a:b3:4b:6a:
                    6c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:B1:A0:1E:DD:EF:FC:8A:1D:FA:F4:03:DA:CB:9F:28:66:EA:75:0D
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:4f:36:90:8f:a5:8a:43:4b:f5:59:80:44:be:30:3f:5f:13:
         8c:fa:1b:09:51:1e:58:b3:22:b2:81:a8:07:4f:ff:ad:d8:ba:
         78:e7:27:03:5b:11:d0:d1:e2:28:20:54:7a:fa:77:39:73:ee:
         b7:6e:bd:65:2d:ba:f1:a0:b4:56:0e:88:35:32:9e:c9:04:33:
         c0:7b:08:84:70:b2:2c:84:b0:01:91:ba:36:b8:2c:d8:d6:d3:
         ee:d7:77:df:c6:d4:b6:28:a4:9c:76:71:1d:0b:1a:19:3d:25:
         28:69:7b:bc:c1:c0:5e:bc:d9:f0:8a:e4:22:af:e2:65:c6:d7:
         03:6b:41:64:02:cb:eb:f4:e4:4e:d7:56:39:ac:6e:f6:14:32:
         57:58:e3:81:54:c2:38:f0:24:11:f2:f9:e2:79:5f:4e:46:9b:
         ef:27:62:60:1e:18:7b:1b:a3:e1:e7:cb:90:b7:41:2c:0a:4b:
         21:54:71:99:0d:5c:5f:7f:60:5b:47:37:3b:57:54:05:f9:95:
         d4:3f:bb:2b:87:7c:10:b5:32:d9:bf:0e:47:0c:07:9b:ac:76:
         df:f3:ce:7e:08:9b:ce:53:c6:2a:2a:ee:31:6a:6e:14:bf:c0:
         56:6a:f5:b2:3d:0e:2b:86:d0:ef:db:a7:74:99:44:55:37:e9:
         4f:11:b9:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhUH9v427USkRUy2g3ntu8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwNzI5MDMwMDMwWhcNMjUwNzMwMDMwMDMwWjAzMTEwLwYDVQQD
Eyg1YmIxYTAxZWRkZWZmYzhhMWRmYWY0MDNkYWNiOWYyODY2ZWE3NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTlB4tlHmwaArGYpUDXWSmqQ8qaL
wt+AR3pIcvxFur+X/wTjZWLxCMQEcJY7dyhEJCiL3QehAxueqsy7enubSOQmUT0b
utGpGesgO+TtgkOMzXnjD4relegtOWsafjYcqMSNAFRI8loJr4TCfKPWJQARlOqN
sBpHxaTMZiQ6Y1PVb3fR0lWWqHM1kcCFnrxPfFfZVirZ/2FV3kyQ//vyNKQsoxTh
NZTHAbyaByL1ZiBAcTwIUI0sXpBjaZy5kS6G09twhscfc6DktY2kYorzEukisZB+
TF7IxNDAvknUFg3GRp11RCF0XQd+X3rbnLOk9/MTAp2bxM81JnqzS2psqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuxoB7d7/yKHfr0A9rLnyhm6nUNMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfE82kI+l
ikNL9VmARL4wP18TjPobCVEeWLMisoGoB0//rdi6eOcnA1sR0NHiKCBUevp3OXPu
t269ZS268aC0Vg6INTKeyQQzwHsIhHCyLISwAZG6Nrgs2NbT7td338bUtiiknHZx
HQsaGT0lKGl7vMHAXrzZ8IrkIq/iZcbXA2tBZALL6/TkTtdWOaxu9hQyV1jjgVTC
OPAkEfL54nlfTkab7ydiYB4Yexuj4efLkLdBLApLIVRxmQ1cX39gW0c3O1dUBfmV
1D+7K4d8ELUy2b8ORwwHm6x23/POfgibzlPGKiruMWpuFL/AVmr1sj0OK4bQ79un
dJlEVTfpTxG5ww==
-----END CERTIFICATE-----