Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          bFD24ny1UTYgJKSx/uO24o633a6D3sHDov778ZXefQE=
Subject key identifier:   00:13:DB:8B:CA:40:B9:0A:76:22:F6:97:68:6D:63:18:41:E3:76:1D
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       019918095C4448B0D9CBED6A3B78A1C74D8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          1669
Signing time:             Fri 05 Sep 2025 04:01:30 +0000
Manifest this update:     Fri 05 Sep 2025 04:01:30 +0000
Manifest next update:     Sat 06 Sep 2025 04:01:30 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: l3WaKrYoc+6W3eRPRUgiWi3ArzIzOQ6jgwOjvihihQo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:5c:44:48:b0:d9:cb:ed:6a:3b:78:a1:c7:4d:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Sep  5 04:01:30 2025 GMT
            Not After : Sep  6 04:01:30 2025 GMT
        Subject: CN=0013db8bca40b90a7622f697686d631841e3761d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:52:e4:7b:bd:43:47:66:e8:da:0c:b7:6b:f9:
                    6c:44:55:cb:22:cd:37:15:be:60:20:2b:ce:b6:fa:
                    0d:04:46:77:4e:08:cc:73:a3:7f:83:56:73:c1:11:
                    fc:06:37:d1:22:1d:69:c6:2e:df:96:5b:3b:eb:39:
                    99:e9:c6:4b:af:36:f8:92:82:26:aa:82:ae:5c:99:
                    96:a2:a6:d2:c1:d9:ee:85:80:62:f3:7a:c4:74:77:
                    67:09:28:12:74:d8:40:aa:7f:5c:db:cf:20:00:d2:
                    23:79:6a:67:80:08:e4:39:a3:67:ee:c5:79:56:92:
                    7b:12:77:a3:5b:f0:c7:b9:4d:ce:4a:71:96:c3:96:
                    a1:d0:71:83:a1:a1:cd:e3:06:6e:22:4c:22:9c:f9:
                    3d:d2:9f:8a:e0:e0:3a:a5:40:43:f3:8d:8d:29:fd:
                    b9:db:9f:3c:f4:b7:15:81:95:fe:c5:46:29:2a:e0:
                    39:c5:5e:67:7e:60:13:83:05:59:88:8c:39:0d:02:
                    1f:af:45:e2:5e:ab:26:b0:e1:06:4a:24:21:fe:7e:
                    62:f2:f6:d7:4d:ed:53:a1:4c:e7:23:44:ff:39:c0:
                    26:05:00:4f:bd:01:0d:3c:7b:f6:05:90:0b:76:51:
                    12:4b:fb:93:cb:84:c9:bf:f6:df:5e:33:77:4e:f2:
                    80:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:13:DB:8B:CA:40:B9:0A:76:22:F6:97:68:6D:63:18:41:E3:76:1D
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:89:f6:9a:d4:56:f9:cd:85:9e:3e:c7:65:5a:b2:d6:3a:73:
         14:e6:ee:eb:94:f9:d7:cd:6a:51:6b:72:f3:b3:c9:76:1b:f6:
         67:d2:ee:63:3e:81:46:13:09:65:6d:8e:1f:7d:e0:0d:90:6f:
         e5:cb:88:a6:80:6b:a1:a2:cb:39:0d:4d:53:15:df:47:73:55:
         ce:bf:25:18:f7:57:01:12:bc:9f:4b:2c:68:36:d3:8c:6b:9c:
         36:54:03:b0:4d:12:a0:91:c4:c6:25:b0:40:76:62:5c:3c:7b:
         90:32:c3:12:0a:12:b5:7b:ea:3a:61:9c:8e:70:05:03:49:59:
         67:03:14:92:6c:14:01:3e:d0:60:10:56:c6:cd:5b:44:f7:c6:
         f6:98:de:ed:94:0e:08:35:59:e3:5f:27:97:a7:3c:31:87:c1:
         ef:f2:d7:24:95:d6:a4:9f:5a:5a:a4:3d:5e:02:85:f9:ef:16:
         5f:08:fc:0e:7d:d9:ea:a5:3a:94:f6:b1:0d:65:eb:fd:a5:c4:
         06:96:bf:18:b4:9c:71:84:b7:9d:f1:4e:e7:0b:a3:19:0f:58:
         3a:63:4e:d1:73:d4:09:ec:10:4a:1e:6d:9d:97:a3:b5:d3:8c:
         dc:f4:14:67:63:69:30:29:d9:7b:60:23:c4:0e:b4:d9:a3:f4:
         78:92:5c:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCVxESLDZy+1qO3ihx02PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwOTA1MDQwMTMwWhcNMjUwOTA2MDQwMTMwWjAzMTEwLwYDVQQD
EygwMDEzZGI4YmNhNDBiOTBhNzYyMmY2OTc2ODZkNjMxODQxZTM3NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlLke71DR2bo2gy3a/lsRFXLIs03
Fb5gICvOtvoNBEZ3TgjMc6N/g1ZzwRH8BjfRIh1pxi7flls76zmZ6cZLrzb4koIm
qoKuXJmWoqbSwdnuhYBi83rEdHdnCSgSdNhAqn9c288gANIjeWpngAjkOaNn7sV5
VpJ7EnejW/DHuU3OSnGWw5ah0HGDoaHN4wZuIkwinPk90p+K4OA6pUBD842NKf25
25889LcVgZX+xUYpKuA5xV5nfmATgwVZiIw5DQIfr0XiXqsmsOEGSiQh/n5i8vbX
Te1ToUznI0T/OcAmBQBPvQENPHv2BZALdlESS/uTy4TJv/bfXjN3TvKALQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAT24vKQLkKdiL2l2htYxhB43YdMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACIn2mtRW
+c2Fnj7HZVqy1jpzFObu65T5181qUWty87PJdhv2Z9LuYz6BRhMJZW2OH33gDZBv
5cuIpoBroaLLOQ1NUxXfR3NVzr8lGPdXARK8n0ssaDbTjGucNlQDsE0SoJHExiWw
QHZiXDx7kDLDEgoStXvqOmGcjnAFA0lZZwMUkmwUAT7QYBBWxs1bRPfG9pje7ZQO
CDVZ418nl6c8MYfB7/LXJJXWpJ9aWqQ9XgKF+e8WXwj8Dn3Z6qU6lPaxDWXr/aXE
Bpa/GLSccYS3nfFO5wujGQ9YOmNO0XPUCewQSh5tnZejtdOM3PQUZ2NpMCnZe2Aj
xA602aP0eJJceA==
-----END CERTIFICATE-----