Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          hCxrX6/T6TsefG9hBR2uCOhzFbKRHtQkbigPNU+2wZs=
Subject key identifier:   4F:EB:B0:9B:8C:6D:0C:3C:22:C8:92:24:82:81:F9:BB:60:1D:B0:10
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       0199239EEA5FA022432C0E6D0EA391F15DC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          05B2
Signing time:             Sun 07 Sep 2025 10:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:41 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: NKt/xdKYkm87soWvScOPekjflFFsBp0/wdnAHqHv0pg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:ea:5f:a0:22:43:2c:0e:6d:0e:a3:91:f1:5d:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Sep  7 10:00:41 2025 GMT
            Not After : Sep  8 10:00:41 2025 GMT
        Subject: CN=4febb09b8c6d0c3c22c892248281f9bb601db010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c9:a5:98:20:99:03:08:14:5e:b0:31:97:ee:
                    7b:5d:bd:ec:6f:0e:c1:f5:ac:c8:af:a0:b0:3c:33:
                    70:77:4d:8a:23:5c:5f:09:7b:5b:a4:ae:08:d9:6d:
                    31:cc:e1:ca:35:9b:43:aa:72:df:cb:ec:e8:36:52:
                    64:24:d1:2c:aa:6a:62:84:e2:30:45:c3:c7:2d:af:
                    ce:e8:a8:ee:14:d8:5e:9e:01:75:1d:72:37:ba:11:
                    78:a6:41:8c:0c:ce:3f:b2:7d:29:80:e7:c0:a4:d8:
                    98:b1:e8:3c:9a:33:d3:05:c8:5b:d2:c9:b9:85:dc:
                    14:bd:8b:3b:07:ff:79:25:0b:45:92:d4:4a:86:db:
                    fb:d7:bf:a5:d5:1b:f4:3a:b1:8a:82:8b:f5:d4:57:
                    8d:4c:9f:77:48:b7:00:8d:29:04:e9:c2:25:d8:a7:
                    4d:81:d7:90:63:98:44:d0:f1:9c:47:ca:0a:72:1e:
                    78:7e:45:e1:d5:dd:65:30:e3:af:15:46:98:7a:33:
                    2c:28:e3:68:2e:1a:93:b7:d2:6d:8e:a8:f3:5d:8a:
                    a6:a0:de:4c:2f:d3:0a:cb:7e:fc:bf:2a:ee:bd:79:
                    0e:35:f3:fc:ec:86:1f:bc:0a:0e:7a:d3:1b:75:b9:
                    05:b8:97:d6:e8:3e:9c:a5:83:c8:29:10:8d:b3:07:
                    5a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:EB:B0:9B:8C:6D:0C:3C:22:C8:92:24:82:81:F9:BB:60:1D:B0:10
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:c2:ad:e8:49:0f:e0:b3:23:df:03:02:f3:da:07:a2:19:e5:
         1e:67:12:8a:d8:fe:61:1e:2a:05:24:4c:19:f0:18:99:c8:25:
         82:f6:df:7e:6e:20:68:08:91:70:19:84:4e:f4:c1:8c:d1:45:
         89:ff:6c:42:f0:d2:2b:ff:3f:d5:5f:1f:2a:19:4b:1e:96:7c:
         a7:5f:32:ca:de:36:12:8c:29:42:03:c0:85:6a:15:d9:93:e9:
         6c:7c:04:9a:4d:e2:13:2c:2b:c7:70:80:4e:ec:37:7c:84:c9:
         45:be:5f:ab:9e:6e:29:97:08:89:db:fe:36:bc:81:9a:54:30:
         46:83:bb:02:58:6a:4d:f2:fc:a4:75:dc:9e:17:e6:bc:f2:fb:
         7d:94:e2:4f:21:c7:41:c8:38:f7:bf:94:1b:94:c0:3c:c6:6f:
         a8:3e:a1:58:a1:6e:00:5b:5e:f1:47:ed:9f:19:9f:d3:8a:94:
         9c:1d:8a:14:48:25:f1:ea:dc:29:25:0b:86:ef:7b:44:d7:df:
         ed:1e:56:32:61:9c:55:e8:3c:f9:95:cf:c3:0e:ab:2d:72:df:
         71:db:9e:7e:df:36:b7:29:e5:74:b2:0a:72:c2:d1:d3:25:3a:
         06:e8:60:57:f3:ba:18:d9:59:4d:25:4f:65:26:7a:09:ba:4a:
         3c:33:20:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnupfoCJDLA5tDqOR8V3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwOTA3MTAwMDQxWhcNMjUwOTA4MTAwMDQxWjAzMTEwLwYDVQQD
Eyg0ZmViYjA5YjhjNmQwYzNjMjJjODkyMjQ4MjgxZjliYjYwMWRiMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0smlmCCZAwgUXrAxl+57Xb3sbw7B
9azIr6CwPDNwd02KI1xfCXtbpK4I2W0xzOHKNZtDqnLfy+zoNlJkJNEsqmpihOIw
RcPHLa/O6KjuFNhengF1HXI3uhF4pkGMDM4/sn0pgOfApNiYseg8mjPTBchb0sm5
hdwUvYs7B/95JQtFktRKhtv717+l1Rv0OrGKgov11FeNTJ93SLcAjSkE6cIl2KdN
gdeQY5hE0PGcR8oKch54fkXh1d1lMOOvFUaYejMsKONoLhqTt9JtjqjzXYqmoN5M
L9MKy378vyruvXkONfP87IYfvAoOetMbdbkFuJfW6D6cpYPIKRCNswdaaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/rsJuMbQw8IsiSJIKB+btgHbAQMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4cKt6EkP
4LMj3wMC89oHohnlHmcSitj+YR4qBSRMGfAYmcglgvbffm4gaAiRcBmETvTBjNFF
if9sQvDSK/8/1V8fKhlLHpZ8p18yyt42EowpQgPAhWoV2ZPpbHwEmk3iEywrx3CA
Tuw3fITJRb5fq55uKZcIidv+NryBmlQwRoO7AlhqTfL8pHXcnhfmvPL7fZTiTyHH
Qcg497+UG5TAPMZvqD6hWKFuAFte8Uftnxmf04qUnB2KFEgl8ercKSULhu97RNff
7R5WMmGcVeg8+ZXPww6rLXLfcdueft82tynldLIKcsLR0yU6BuhgV/O6GNlZTSVP
ZSZ6CbpKPDMgGw==
-----END CERTIFICATE-----