Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          noRMIAkWFdW61zFnFdSI4xQPpkRvUvNSchz58ViXjVw=
Subject key identifier:   22:B9:59:62:4C:BB:EC:B3:88:8E:29:C3:7C:19:69:F4:AC:8B:76:58
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019650482766968164E3B9C8D7BC360BE4A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          03F8
Signing time:             Sat 19 Apr 2025 23:00:28 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:28 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:28 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: +KS4MBM7BozmU9SHbQZalOkbMFbUmIAIPidpWbmOfsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:48:27:66:96:81:64:e3:b9:c8:d7:bc:36:0b:e4:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Apr 19 23:00:28 2025 GMT
            Not After : Apr 20 23:00:28 2025 GMT
        Subject: CN=22b959624cbbecb3888e29c37c1969f4ac8b7658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ff:4b:bf:e0:e8:94:2e:8a:fb:2b:35:3b:c6:
                    50:9b:e9:8b:5f:b0:7a:f8:30:77:c6:da:9d:5e:73:
                    a0:cd:50:80:d3:0d:e7:de:93:d4:14:3c:9c:ec:5f:
                    76:77:64:f6:f5:4d:f9:43:1e:ae:c8:d8:b7:e1:85:
                    db:4d:01:3e:94:b7:4a:68:eb:6b:f1:af:cd:da:74:
                    fe:53:88:e7:fc:ce:36:67:aa:7c:f6:e1:26:ba:50:
                    69:4b:9f:d5:83:0c:e9:75:6e:73:0e:7e:3b:09:d0:
                    5a:48:a7:e9:7e:cf:67:32:89:a7:0b:ca:ad:b8:2f:
                    12:d2:0a:96:2e:bc:23:87:68:3d:89:fd:64:91:fe:
                    1d:35:63:7b:38:87:56:80:3b:99:60:b2:98:cb:a0:
                    46:71:11:d1:34:75:8f:28:54:c8:ca:ee:51:e3:5b:
                    26:71:dd:fa:92:6a:62:80:44:46:d2:da:f2:72:34:
                    07:7a:f1:20:c9:6d:94:42:17:e0:1f:35:f9:39:44:
                    19:46:d7:3e:83:dd:d9:a0:6e:8c:83:49:46:de:e3:
                    1f:58:97:aa:af:d7:79:c9:7a:57:e8:81:6a:bc:78:
                    67:47:5f:a0:47:42:3e:ba:ca:1f:6b:da:b2:c2:81:
                    da:2a:21:69:71:47:58:74:a4:7d:ed:c4:e3:cb:33:
                    25:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B9:59:62:4C:BB:EC:B3:88:8E:29:C3:7C:19:69:F4:AC:8B:76:58
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:4e:cd:91:b5:e9:20:46:31:4f:c3:c7:5f:9f:f0:88:b8:36:
         3d:76:17:e4:03:93:b3:d6:8e:87:02:f6:a5:b8:2f:1c:42:9c:
         63:3c:bf:58:81:dc:e5:13:ec:d0:cf:a6:51:90:10:f3:16:e6:
         12:e6:d8:63:ba:75:3b:b6:6a:cf:3a:95:db:9c:3b:db:70:70:
         f4:7b:4e:da:6b:e1:c5:ca:61:e9:97:d1:32:38:b6:b0:aa:2a:
         16:ce:d8:b1:5f:92:61:51:7b:6a:29:81:92:a9:d5:86:34:4d:
         f8:1b:29:df:c7:07:77:4b:0f:57:9b:3f:00:c7:5a:7e:bb:b4:
         03:09:79:68:53:bc:c2:2f:50:cc:35:e9:51:26:f0:bf:2b:5f:
         8f:be:49:db:f7:f8:ba:47:22:4b:ce:10:ec:a3:12:79:d3:55:
         8f:3e:a7:b7:b6:a2:63:a0:4c:5d:16:f2:64:fc:2c:d3:b7:65:
         0e:2f:f6:0d:02:9f:70:f8:85:c1:ee:62:60:13:3d:63:86:5b:
         3f:10:5c:58:25:25:77:f5:43:7d:db:d2:a5:a2:d1:ba:3f:19:
         ae:aa:d7:02:2e:b4:f9:ec:de:91:14:bf:7e:2d:3b:ad:5e:bf:
         b3:3f:53:ce:b0:39:d5:92:21:52:a4:f8:94:6d:29:04:70:52:
         0d:cc:39:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSCdmloFk47nI17w2C+ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwNDE5MjMwMDI4WhcNMjUwNDIwMjMwMDI4WjAzMTEwLwYDVQQD
EygyMmI5NTk2MjRjYmJlY2IzODg4ZTI5YzM3YzE5NjlmNGFjOGI3NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP9Lv+DolC6K+ys1O8ZQm+mLX7B6
+DB3xtqdXnOgzVCA0w3n3pPUFDyc7F92d2T29U35Qx6uyNi34YXbTQE+lLdKaOtr
8a/N2nT+U4jn/M42Z6p89uEmulBpS5/VgwzpdW5zDn47CdBaSKfpfs9nMomnC8qt
uC8S0gqWLrwjh2g9if1kkf4dNWN7OIdWgDuZYLKYy6BGcRHRNHWPKFTIyu5R41sm
cd36kmpigERG0trycjQHevEgyW2UQhfgHzX5OUQZRtc+g93ZoG6Mg0lG3uMfWJeq
r9d5yXpX6IFqvHhnR1+gR0I+usofa9qywoHaKiFpcUdYdKR97cTjyzMlMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCK5WWJMu+yziI4pw3wZafSsi3ZYMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU07NkbXp
IEYxT8PHX5/wiLg2PXYX5AOTs9aOhwL2pbgvHEKcYzy/WIHc5RPs0M+mUZAQ8xbm
EubYY7p1O7ZqzzqV25w723Bw9HtO2mvhxcph6ZfRMji2sKoqFs7YsV+SYVF7aimB
kqnVhjRN+Bsp38cHd0sPV5s/AMdafru0Awl5aFO8wi9QzDXpUSbwvytfj75J2/f4
ukciS84Q7KMSedNVjz6nt7aiY6BMXRbyZPws07dlDi/2DQKfcPiFwe5iYBM9Y4Zb
PxBcWCUld/VDfdvSpaLRuj8ZrqrXAi60+ezekRS/fi07rV6/sz9TzrA51ZIhUqT4
lG0pBHBSDcw5+w==
-----END CERTIFICATE-----