Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          N2y3VGtba/kmeBoxOCyMz84XKh8MXc97ErGXHRJb/cc=
Subject key identifier:   DD:03:E1:9A:F4:68:AA:EB:F0:22:59:E0:1C:73:10:78:6C:13:65:40
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       01964F6CA560D5857C5B45BA174C2E5E5A8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          043B
Signing time:             Sat 19 Apr 2025 19:00:42 +0000
Manifest this update:     Sat 19 Apr 2025 19:00:42 +0000
Manifest next update:     Sun 20 Apr 2025 19:00:42 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: AmhhwJCWUc/d3wOxLLd8DZXRtiNEeMUtXc+k4eDILIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6c:a5:60:d5:85:7c:5b:45:ba:17:4c:2e:5e:5a:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Apr 19 19:00:42 2025 GMT
            Not After : Apr 20 19:00:42 2025 GMT
        Subject: CN=dd03e19af468aaebf02259e01c7310786c136540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b8:82:59:07:23:2c:46:da:a2:77:8d:17:ab:
                    21:9a:68:c7:17:a1:26:db:5d:5b:44:4f:61:33:37:
                    49:19:89:98:ba:ee:3e:2c:9f:21:7e:4e:f3:77:58:
                    26:f6:4d:5d:cc:24:fc:7e:30:24:27:f2:5b:03:d3:
                    54:0d:56:fd:db:12:d7:a8:61:82:4e:e1:06:d6:8f:
                    4a:86:f2:6d:c7:00:2c:13:e2:57:45:6b:19:d6:c4:
                    8b:38:85:ff:98:f9:0c:76:f4:09:5d:e0:1d:e6:a7:
                    1b:00:59:23:b0:1f:7a:e3:59:2f:7f:23:2f:99:8f:
                    ea:be:a4:eb:4e:6a:bf:f5:01:57:31:5e:83:27:65:
                    99:84:8c:09:e6:fb:55:8b:4d:be:ee:48:8c:61:2a:
                    53:77:5b:a3:c1:1d:44:84:1d:9e:93:c2:f7:27:49:
                    73:de:19:9a:35:16:fe:ca:4c:42:5e:12:e8:98:d1:
                    55:97:e3:1d:5d:92:e8:3e:96:a1:38:52:36:11:2c:
                    c2:90:d1:b8:40:77:3b:a5:c1:dd:b5:0b:b1:83:59:
                    02:8e:f7:34:4c:a3:b5:f2:a4:d4:d6:9b:7f:9d:8f:
                    e9:4f:8d:54:13:68:9b:17:33:69:f7:cd:bb:5a:d2:
                    75:69:06:52:fb:d5:d5:8a:d9:a3:ec:f4:a2:78:f8:
                    fa:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:03:E1:9A:F4:68:AA:EB:F0:22:59:E0:1C:73:10:78:6C:13:65:40
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:72:82:24:20:f2:11:a6:ac:9e:22:93:4b:fd:c8:00:cc:82:
         39:21:b0:c2:07:25:eb:23:41:c8:f6:d5:7a:2c:62:50:98:b1:
         cf:7c:2c:9a:ae:df:82:97:8c:e4:95:3e:b2:62:49:72:79:01:
         e3:7f:08:6b:86:1a:a6:07:6b:8a:c5:fb:45:07:14:ca:ec:ad:
         cc:cc:df:8d:d7:30:cc:b8:9a:a0:f2:57:2f:22:e2:14:f8:bd:
         a8:97:b7:5e:18:58:c8:bd:98:e5:0e:54:47:99:1a:1b:bf:9c:
         89:07:ac:4d:b4:b1:3f:a2:53:45:6f:42:a4:80:ab:74:80:a0:
         3d:5c:9e:f0:ab:dd:c2:93:60:6f:05:68:8b:19:98:0b:ac:eb:
         e6:67:30:f1:bf:30:96:f2:84:0a:02:43:4d:8e:c6:2d:2a:f8:
         29:09:47:88:74:b9:b9:c5:dc:6b:29:f4:bf:c7:23:19:e2:7c:
         e5:82:0a:df:c7:e4:05:9d:56:45:32:bf:95:37:92:ab:56:91:
         9c:a8:8e:9e:73:2a:cc:fe:cc:e9:99:a5:b9:f6:40:78:25:80:
         67:91:7e:e0:51:05:e0:f1:1a:40:9b:58:46:d3:a1:38:d8:d7:
         f7:5a:7b:49:39:c7:a6:50:78:c8:7e:a1:12:4c:a7:2d:45:4a:
         f5:9b:f1:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbKVg1YV8W0W6F0wuXlqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwNDE5MTkwMDQyWhcNMjUwNDIwMTkwMDQyWjAzMTEwLwYDVQQD
EyhkZDAzZTE5YWY0NjhhYWViZjAyMjU5ZTAxYzczMTA3ODZjMTM2NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7iCWQcjLEbaoneNF6shmmjHF6Em
211bRE9hMzdJGYmYuu4+LJ8hfk7zd1gm9k1dzCT8fjAkJ/JbA9NUDVb92xLXqGGC
TuEG1o9KhvJtxwAsE+JXRWsZ1sSLOIX/mPkMdvQJXeAd5qcbAFkjsB9641kvfyMv
mY/qvqTrTmq/9QFXMV6DJ2WZhIwJ5vtVi02+7kiMYSpTd1ujwR1EhB2ek8L3J0lz
3hmaNRb+ykxCXhLomNFVl+MdXZLoPpahOFI2ESzCkNG4QHc7pcHdtQuxg1kCjvc0
TKO18qTU1pt/nY/pT41UE2ibFzNp9827WtJ1aQZS+9XVitmj7PSiePj61wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0D4Zr0aKrr8CJZ4BxzEHhsE2VAMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgXKCJCDy
EaasniKTS/3IAMyCOSGwwgcl6yNByPbVeixiUJixz3wsmq7fgpeM5JU+smJJcnkB
438Ia4YapgdrisX7RQcUyuytzMzfjdcwzLiaoPJXLyLiFPi9qJe3XhhYyL2Y5Q5U
R5kaG7+ciQesTbSxP6JTRW9CpICrdICgPVye8KvdwpNgbwVoixmYC6zr5mcw8b8w
lvKECgJDTY7GLSr4KQlHiHS5ucXcayn0v8cjGeJ85YIK38fkBZ1WRTK/lTeSq1aR
nKiOnnMqzP7M6ZmlufZAeCWAZ5F+4FEF4PEaQJtYRtOhONjX91p7STnHplB4yH6h
EkynLUVK9ZvxTg==
-----END CERTIFICATE-----