Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          OiK6SUTpBaUqyv8g5/BLBEJibHgzU9wJTPNmUegOA8M=
Subject key identifier:   58:86:C4:32:6F:5F:51:0C:07:20:62:96:97:48:40:46:CC:8C:85:F5
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       019748FA3DA4FF36C5D7A44154D7DA9BD83E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 06:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:48 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: uzVk0+VNtsoHPYQwkaRtEpp1C22N7VUHRYUtRyOWkwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:3d:a4:ff:36:c5:d7:a4:41:54:d7:da:9b:d8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Jun  7 06:00:48 2025 GMT
            Not After : Jun  8 06:00:48 2025 GMT
        Subject: CN=5886c4326f5f510c0720629697484046cc8c85f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bb:8d:ae:5d:fb:5e:f1:1b:80:bc:4c:b4:8f:
                    11:9d:9f:a8:9f:0f:46:ee:75:da:45:45:db:96:8c:
                    48:20:76:bb:21:19:74:94:77:20:98:78:0a:35:2a:
                    8a:8b:49:62:74:f7:fc:f7:dd:77:57:76:57:0d:5a:
                    c6:fb:05:4e:67:71:11:42:c2:14:1c:e4:07:13:e3:
                    a5:a4:53:7d:66:e0:7f:45:b1:11:e7:39:1f:75:1e:
                    c2:0a:c1:d9:f3:e8:d8:3e:fe:de:40:e6:64:48:7c:
                    86:e9:01:29:72:e9:5e:a5:c6:2c:02:96:8d:57:d2:
                    b4:93:e6:d3:5e:78:a6:2f:5b:a4:cd:00:f1:ca:40:
                    24:76:26:53:f0:5f:55:c5:81:51:ae:9c:f1:5d:74:
                    e9:77:9a:83:05:f5:f3:e2:3c:26:9a:c0:92:c9:56:
                    f7:e0:82:41:c2:c3:64:54:45:2c:00:16:bd:b2:62:
                    33:00:0d:dd:4f:a9:8d:40:53:1c:e2:a8:60:ec:34:
                    a9:88:4c:85:97:2d:27:f6:73:44:af:cf:54:94:92:
                    c4:64:68:fa:50:26:8c:9e:36:fc:c6:8f:f2:f1:f4:
                    ef:e4:01:1c:d6:c9:cc:f9:99:11:b1:28:43:79:75:
                    4c:a5:7e:f4:f9:b6:4e:81:89:b7:5c:6f:54:56:f3:
                    5c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:86:C4:32:6F:5F:51:0C:07:20:62:96:97:48:40:46:CC:8C:85:F5
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:e9:d3:ef:d4:b0:a5:f1:60:5e:87:b1:e8:6b:7f:2e:62:a2:
         1c:d3:2c:37:c8:7d:11:98:e5:26:ad:b6:9c:cc:2a:32:cf:93:
         67:2e:5c:d3:c8:34:da:d1:6e:82:98:68:ad:43:ef:50:fd:17:
         26:f3:5b:1f:0f:7b:48:62:ec:5c:70:dc:52:b0:32:de:65:1c:
         3b:b0:6d:9a:d4:d2:fa:23:15:10:95:5c:08:75:ae:ff:3b:18:
         af:0a:6d:85:ce:7e:1a:7e:81:ce:42:b0:47:43:90:0e:14:ac:
         e8:8b:24:34:19:12:70:6d:1f:29:5d:52:16:8e:1e:dd:53:8e:
         1a:3a:35:ad:1e:5b:5e:7a:db:9e:b4:4d:57:7d:2c:50:6a:1c:
         4c:2b:d5:43:00:d2:69:74:4b:4d:c4:63:27:a1:76:77:9e:9a:
         ff:b7:76:43:02:1c:24:8e:96:be:f5:0b:98:d0:f1:58:a1:8d:
         de:88:37:4a:8d:e6:5b:bc:d4:f5:53:a8:c4:e7:cd:e9:31:07:
         a2:3e:22:5a:b7:0a:80:6b:51:e5:23:f0:fe:f5:f7:41:7c:09:
         86:aa:ab:b7:a9:83:ff:1d:24:77:08:24:36:2d:75:61:47:ca:
         48:50:c6:49:9f:b3:81:36:96:81:ce:71:ed:b4:c9:2b:bf:c2:
         2a:8e:e7:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+j2k/zbF16RBVNfam9g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwNjA3MDYwMDQ4WhcNMjUwNjA4MDYwMDQ4WjAzMTEwLwYDVQQD
Eyg1ODg2YzQzMjZmNWY1MTBjMDcyMDYyOTY5NzQ4NDA0NmNjOGM4NWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbuNrl37XvEbgLxMtI8RnZ+onw9G
7nXaRUXbloxIIHa7IRl0lHcgmHgKNSqKi0lidPf89913V3ZXDVrG+wVOZ3ERQsIU
HOQHE+OlpFN9ZuB/RbER5zkfdR7CCsHZ8+jYPv7eQOZkSHyG6QEpculepcYsApaN
V9K0k+bTXnimL1ukzQDxykAkdiZT8F9VxYFRrpzxXXTpd5qDBfXz4jwmmsCSyVb3
4IJBwsNkVEUsABa9smIzAA3dT6mNQFMc4qhg7DSpiEyFly0n9nNEr89UlJLEZGj6
UCaMnjb8xo/y8fTv5AEc1snM+ZkRsShDeXVMpX70+bZOgYm3XG9UVvNc3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiGxDJvX1EMByBilpdIQEbMjIX1MB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyenT79Sw
pfFgXoex6Gt/LmKiHNMsN8h9EZjlJq22nMwqMs+TZy5c08g02tFugphorUPvUP0X
JvNbHw97SGLsXHDcUrAy3mUcO7BtmtTS+iMVEJVcCHWu/zsYrwpthc5+Gn6BzkKw
R0OQDhSs6IskNBkScG0fKV1SFo4e3VOOGjo1rR5bXnrbnrRNV30sUGocTCvVQwDS
aXRLTcRjJ6F2d56a/7d2QwIcJI6WvvULmNDxWKGN3og3So3mW7zU9VOoxOfN6TEH
oj4iWrcKgGtR5SPw/vX3QXwJhqqrt6mD/x0kdwgkNi11YUfKSFDGSZ+zgTaWgc5x
7bTJK7/CKo7nHw==
-----END CERTIFICATE-----