Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          9Vw+6GxxcNVD5mtvsPl1BLhm+KFh7aq1eVfvnWMxoOc=
Subject key identifier:   F2:A7:8F:91:3E:5A:5A:35:FA:8C:C5:C2:23:B5:0D:C2:22:69:AE:0A
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       01974967C9A9271E21679FC906510FB8355E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0479
Signing time:             Sat 07 Jun 2025 08:00:28 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:28 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:28 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: KB3Kwve/bTRwFywvw9PK72vynsh0Ulp8MzOPrWci8+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:c9:a9:27:1e:21:67:9f:c9:06:51:0f:b8:35:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Jun  7 08:00:28 2025 GMT
            Not After : Jun  8 08:00:28 2025 GMT
        Subject: CN=f2a78f913e5a5a35fa8cc5c223b50dc22269ae0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a3:3c:c4:ce:b3:a4:94:b7:a0:21:c7:91:3c:
                    2e:4d:41:5a:57:b4:c5:62:25:66:70:70:6b:fb:e2:
                    41:63:81:f6:71:30:19:28:4b:be:d8:26:08:87:7d:
                    72:4f:98:0b:ec:5e:c0:83:85:90:74:82:75:d1:2e:
                    e0:33:38:fb:09:04:d2:95:66:a9:4b:4a:07:5b:b0:
                    d8:92:ca:68:12:9c:d5:05:86:62:f8:47:0e:86:2f:
                    b7:6f:3f:32:6b:fc:f8:4d:7a:0a:7b:4e:20:74:0b:
                    89:d6:b7:c7:2c:47:ec:13:a4:3a:60:95:6d:eb:48:
                    d8:bb:17:ea:35:4c:5b:7e:da:6e:50:7f:36:4b:33:
                    1a:33:f9:5d:64:50:67:fb:32:41:0d:e1:4a:74:6d:
                    6b:5e:d7:60:39:35:77:53:9b:f2:69:67:67:0f:1e:
                    3b:20:1a:f9:29:a4:01:79:63:01:c9:70:d2:70:ba:
                    62:df:ad:0a:e4:6d:fa:6b:72:bf:5b:8e:f2:76:aa:
                    ec:db:d8:2a:9f:c4:54:82:c9:cd:3e:c8:cb:6c:b4:
                    78:1c:e2:38:65:8b:6b:1e:6e:24:b0:37:fa:a3:35:
                    57:72:26:89:59:81:d9:d9:44:85:46:0a:d5:88:eb:
                    d6:63:0a:ec:0f:20:4f:f9:22:d4:94:36:36:22:a7:
                    f8:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:A7:8F:91:3E:5A:5A:35:FA:8C:C5:C2:23:B5:0D:C2:22:69:AE:0A
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:f2:23:b3:f2:c9:8c:60:aa:86:79:12:35:53:e9:4a:3e:be:
         b0:ca:ee:e8:87:89:17:98:5c:6e:44:b9:e3:03:4a:db:69:b4:
         21:53:70:fd:5f:b3:dd:0c:3e:20:ad:8a:b7:18:f5:10:54:51:
         f7:d5:83:e8:2d:4d:d3:96:66:ff:06:d3:2f:7a:59:05:87:a2:
         4f:f5:7b:3a:40:48:bd:be:c1:ff:b6:fe:bd:90:66:30:5b:8e:
         27:f9:fa:86:60:c3:b4:f1:a2:52:42:03:a2:88:8d:7d:f4:ff:
         fc:76:91:ca:78:b6:c2:26:ce:96:00:df:25:74:16:fe:62:81:
         a8:08:ca:d9:ac:54:8c:89:e0:97:5b:4c:35:d9:a4:84:21:50:
         8f:df:1e:b8:72:fe:8d:a6:f7:4d:e5:97:88:80:86:db:22:44:
         09:3f:3b:02:3c:a9:b7:d0:22:e4:3c:4a:9b:1a:71:de:f4:76:
         e9:6b:f4:e9:d8:67:0a:bd:33:db:f6:ec:bc:47:c3:cf:36:4f:
         a0:be:3b:72:fe:03:3f:11:aa:70:1c:75:b4:8f:d1:0e:db:11:
         1f:dc:05:c6:d0:4e:a7:a5:04:f8:3d:50:75:12:c6:18:8d:fb:
         b1:44:b6:a0:cc:1c:21:de:52:20:f6:e1:5f:b9:f2:65:f2:34:
         71:3d:3a:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ8mpJx4hZ5/JBlEPuDVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwNjA3MDgwMDI4WhcNMjUwNjA4MDgwMDI4WjAzMTEwLwYDVQQD
EyhmMmE3OGY5MTNlNWE1YTM1ZmE4Y2M1YzIyM2I1MGRjMjIyNjlhZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaM8xM6zpJS3oCHHkTwuTUFaV7TF
YiVmcHBr++JBY4H2cTAZKEu+2CYIh31yT5gL7F7Ag4WQdIJ10S7gMzj7CQTSlWap
S0oHW7DYkspoEpzVBYZi+EcOhi+3bz8ya/z4TXoKe04gdAuJ1rfHLEfsE6Q6YJVt
60jYuxfqNUxbftpuUH82SzMaM/ldZFBn+zJBDeFKdG1rXtdgOTV3U5vyaWdnDx47
IBr5KaQBeWMByXDScLpi360K5G36a3K/W47ydqrs29gqn8RUgsnNPsjLbLR4HOI4
ZYtrHm4ksDf6ozVXciaJWYHZ2USFRgrViOvWYwrsDyBP+SLUlDY2Iqf4cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKnj5E+Wlo1+ozFwiO1DcIiaa4KMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAefIjs/LJ
jGCqhnkSNVPpSj6+sMru6IeJF5hcbkS54wNK22m0IVNw/V+z3Qw+IK2Ktxj1EFRR
99WD6C1N05Zm/wbTL3pZBYeiT/V7OkBIvb7B/7b+vZBmMFuOJ/n6hmDDtPGiUkID
ooiNffT//HaRyni2wibOlgDfJXQW/mKBqAjK2axUjIngl1tMNdmkhCFQj98euHL+
jab3TeWXiICG2yJECT87Ajypt9Ai5DxKmxpx3vR26Wv06dhnCr0z2/bsvEfDzzZP
oL47cv4DPxGqcBx1tI/RDtsRH9wFxtBOp6UE+D1QdRLGGI37sUS2oMwcId5SIPbh
X7nyZfI0cT067A==
-----END CERTIFICATE-----