Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
File:                     OM0kYRn4VtiXOodwvsOf_EejydY.mft (raw, json)
Hash identifier:          m7wb72QLuY+N1lQM3S8RoJGvleJrIuZVZe7NNOOtSI0=
Subject key identifier:   06:2C:DE:92:9B:99:72:C9:B9:55:6A:83:DC:B5:C3:17:5A:E0:DA:BB
Authority key identifier: 38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6
Certificate issuer:       /CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
Certificate serial:       0199239F4C9318424BFCEA8FD9C71401955F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:01:06 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:06 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:06 +0000
Files and hashes:         1: OM0kYRn4VtiXOodwvsOf_EejydY.crl (hash: QWdZA0FuKnqoM6LSsKrTCIda3GiBV8iPCoCA4gM1oW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:4c:93:18:42:4b:fc:ea:8f:d9:c7:14:01:95:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
        Validity
            Not Before: Sep  7 10:01:06 2025 GMT
            Not After : Sep  8 10:01:06 2025 GMT
        Subject: CN=062cde929b9972c9b9556a83dcb5c3175ae0dabb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c6:47:33:62:bb:c1:9f:ad:ef:3a:c3:fe:87:
                    6c:c0:8b:58:54:85:2e:b8:9d:d4:66:78:a7:84:f2:
                    8c:44:19:6d:92:ea:59:f1:55:67:e6:ef:c9:43:5c:
                    97:52:4f:4a:cd:24:7b:02:e2:dc:c0:70:bd:4b:5b:
                    4f:de:17:94:21:b4:22:9c:d2:ce:09:18:ba:9a:46:
                    e2:eb:f8:4e:e0:1a:63:a5:50:ef:b8:e7:95:40:14:
                    18:f4:b3:07:a9:88:92:2b:86:af:e8:55:7b:92:79:
                    80:a7:e3:76:a4:4c:61:cf:1a:32:e5:d4:e6:92:dc:
                    e0:9f:df:4d:04:49:6e:bc:6b:df:9f:a3:77:71:45:
                    e1:e0:a8:86:2d:4d:7d:cb:cd:8a:08:d3:34:99:47:
                    8b:18:43:d6:32:e4:92:74:b2:72:b2:82:c4:d2:2b:
                    ca:42:c9:17:d6:30:dd:84:26:0c:2b:84:b6:94:52:
                    f9:2e:d6:56:2a:ee:cd:c6:57:4b:41:0a:c3:8d:3d:
                    3f:51:26:4b:b2:ab:b5:c6:86:f2:79:9b:82:87:6e:
                    5f:ae:30:ad:7e:58:9e:1c:43:44:4c:fa:b2:9f:12:
                    4d:64:58:9a:76:39:4d:0a:5d:1b:1c:d9:80:04:f7:
                    5a:55:16:0e:96:b6:a7:4b:89:75:e1:d9:41:d7:6e:
                    33:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:2C:DE:92:9B:99:72:C9:B9:55:6A:83:DC:B5:C3:17:5A:E0:DA:BB
            X509v3 Authority Key Identifier:
                keyid:38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:7a:16:af:01:22:b2:28:ab:b2:32:36:e3:3c:32:98:a2:46:
         f0:f2:ec:7a:26:5a:3f:69:73:12:74:a1:31:c5:d2:ad:2a:44:
         c3:f1:91:df:33:8f:f2:8e:ed:df:4f:53:ee:f9:5d:fd:e4:3d:
         47:18:5f:1a:6e:f7:b5:1a:f2:52:f1:77:b8:c8:c8:7b:b4:d4:
         bb:f7:e1:b6:5b:4c:01:65:93:9a:e7:db:fd:7d:34:40:48:b4:
         08:5d:e9:1c:38:cd:ca:ec:a4:bd:3b:89:a9:6d:69:ab:74:8c:
         f2:61:c5:cd:ca:0c:74:ab:70:0d:dc:4c:55:07:74:c7:20:07:
         6b:8f:22:5f:08:fe:af:ea:27:59:6f:7c:fb:57:55:33:c4:ff:
         d3:bc:96:db:b5:05:84:4f:bc:67:6b:73:4f:40:44:01:36:70:
         00:b7:08:7b:82:06:89:0b:e5:f6:b4:c4:23:d6:3e:fc:d3:bb:
         fd:6d:2c:b4:3b:8d:51:5f:32:78:51:c8:8a:96:2d:e6:2d:e6:
         65:f7:d1:10:3c:77:8f:3a:80:a2:52:41:96:e3:21:1a:71:dc:
         c9:01:f1:f1:6c:06:d0:fb:e4:bd:83:36:92:8a:0f:ef:38:35:
         3f:29:f6:d0:23:89:d8:28:54:b8:20:51:e2:7f:e8:1e:e8:c8:
         16:e7:01:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn0yTGEJL/OqP2ccUAZVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2QyNDYxMTlmODU2ZDg5NzNhODc3MGJlYzM5ZmZjNDdh
M2M5ZDYwHhcNMjUwOTA3MTAwMTA2WhcNMjUwOTA4MTAwMTA2WjAzMTEwLwYDVQQD
EygwNjJjZGU5MjliOTk3MmM5Yjk1NTZhODNkY2I1YzMxNzVhZTBkYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8ZHM2K7wZ+t7zrD/odswItYVIUu
uJ3UZninhPKMRBltkupZ8VVn5u/JQ1yXUk9KzSR7AuLcwHC9S1tP3heUIbQinNLO
CRi6mkbi6/hO4BpjpVDvuOeVQBQY9LMHqYiSK4av6FV7knmAp+N2pExhzxoy5dTm
ktzgn99NBEluvGvfn6N3cUXh4KiGLU19y82KCNM0mUeLGEPWMuSSdLJysoLE0ivK
QskX1jDdhCYMK4S2lFL5LtZWKu7NxldLQQrDjT0/USZLsqu1xobyeZuCh25frjCt
flieHENETPqynxJNZFiadjlNCl0bHNmABPdaVRYOlranS4l14dlB124zqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAYs3pKbmXLJuVVqg9y1wxda4Nq7MB8GA1UdIwQY
MBaAFDjNJGEZ+FbYlzqHcL7Dn/xHo8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMt
OGZjZDUzZDQzMWQ1LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMtOGZjZDUzZDQzMWQ1
LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ3oWrwEi
siirsjI24zwymKJG8PLseiZaP2lzEnShMcXSrSpEw/GR3zOP8o7t309T7vld/eQ9
RxhfGm73tRryUvF3uMjIe7TUu/fhtltMAWWTmufb/X00QEi0CF3pHDjNyuykvTuJ
qW1pq3SM8mHFzcoMdKtwDdxMVQd0xyAHa48iXwj+r+onWW98+1dVM8T/07yW27UF
hE+8Z2tzT0BEATZwALcIe4IGiQvl9rTEI9Y+/NO7/W0stDuNUV8yeFHIipYt5i3m
ZffREDx3jzqAolJBluMhGnHcyQHx8WwG0PvkvYM2kooP7zg1Pyn20COJ2ChUuCBR
4n/oHujIFucBPQ==
-----END CERTIFICATE-----