Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          5CjGSAzMmHOQAnpGGmheHxi8Dw2w32Y9guID2VvdWYE=
Subject key identifier:   EF:A0:21:D6:6F:B7:19:CD:6C:31:EC:B2:A7:03:B4:B7:1D:25:23:DC
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       0197677345AF3431C0EBF58343533253B818
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          0998
Signing time:             Fri 13 Jun 2025 04:01:37 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:37 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:37 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: 3nyQR+8lxBW09vC6HY/1j6rD4zCqBrWjzN/obfTrJ74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:73:45:af:34:31:c0:eb:f5:83:43:53:32:53:b8:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: Jun 13 04:01:37 2025 GMT
            Not After : Jun 14 04:01:37 2025 GMT
        Subject: CN=efa021d66fb719cd6c31ecb2a703b4b71d2523dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e4:1f:c1:fc:7b:21:74:0a:76:a4:1e:aa:b3:
                    5f:d0:43:2b:8e:78:af:e4:04:97:51:34:cd:0e:eb:
                    b5:82:c8:7f:e2:e3:ef:9a:1f:f3:dd:89:50:35:8d:
                    9c:5b:3a:96:97:83:e9:d0:ef:6d:9e:b0:48:01:86:
                    fb:b0:6c:db:73:8d:09:85:78:65:80:6f:9d:80:c9:
                    2b:d8:e7:93:cf:e1:a4:d0:a1:b0:45:8e:ab:82:c1:
                    37:07:50:dc:8c:42:9c:35:d0:e6:e9:9b:35:3a:6d:
                    3f:01:7c:da:36:15:f8:7d:89:ab:19:9f:4d:fc:ea:
                    eb:bb:8e:3d:aa:2c:ea:0f:cb:e8:bc:ce:bd:7f:7d:
                    64:3d:fe:2a:af:f2:0b:c8:4f:75:02:24:af:4f:0c:
                    8d:31:ed:e8:dc:6f:7b:1b:ab:c3:6f:26:63:aa:87:
                    cd:3c:7d:0f:71:a4:cd:62:24:99:b2:3f:43:75:ec:
                    65:30:70:23:66:ac:5a:09:3d:48:8f:10:80:b9:1b:
                    74:6b:05:dd:6c:98:68:2d:c2:2c:7b:a7:9f:87:58:
                    5d:94:f5:1e:67:fd:59:a2:60:32:f3:fd:87:37:2b:
                    c5:17:67:98:1c:e5:28:ee:5b:cf:a2:a3:e5:23:5f:
                    6d:79:0f:f9:dc:9e:c7:5f:81:e8:40:31:9c:46:d0:
                    84:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:A0:21:D6:6F:B7:19:CD:6C:31:EC:B2:A7:03:B4:B7:1D:25:23:DC
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:9d:00:2f:b3:84:95:b8:08:2f:08:5b:f9:0c:ee:03:67:e0:
         9b:2f:b0:13:f0:a6:df:e3:af:d4:78:9e:5a:3f:1f:f9:48:a0:
         cb:93:5d:9a:08:3c:95:f4:c7:4c:76:ff:18:6c:00:69:ba:b2:
         e2:7a:3a:93:3a:e6:3b:e6:35:1f:88:5d:f9:4c:b3:48:e8:7f:
         be:6f:fb:0f:32:92:70:63:7d:ea:43:7e:51:96:54:77:ad:38:
         2e:84:ba:0b:01:23:b3:1f:89:f4:a7:22:d9:2b:0c:3a:5c:27:
         9c:f9:46:97:44:77:71:d2:94:83:43:cc:9d:9c:46:6f:84:39:
         3e:09:2d:62:e2:51:3b:c6:a1:b0:59:62:b4:97:b7:ca:36:2b:
         4d:45:d1:92:92:84:5d:bf:2a:9a:60:76:59:82:c1:9c:b8:3e:
         d7:12:20:b0:49:c3:f0:c4:22:50:2b:92:44:b1:07:83:54:46:
         66:d0:36:4a:6c:f9:15:77:30:15:70:34:0d:cc:f9:2c:c5:50:
         15:df:87:cf:ab:9a:12:20:db:08:3d:d9:dd:9e:99:49:ae:41:
         fd:9a:5b:19:26:c4:44:89:bb:5f:66:ef:fb:e1:7f:1d:9b:68:
         a6:85:cf:93:d0:35:98:d3:2d:fe:45:1c:b1:63:aa:a7:0f:62:
         08:00:0f:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnc0WvNDHA6/WDQ1MyU7gYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjUwNjEzMDQwMTM3WhcNMjUwNjE0MDQwMTM3WjAzMTEwLwYDVQQD
EyhlZmEwMjFkNjZmYjcxOWNkNmMzMWVjYjJhNzAzYjRiNzFkMjUyM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeQfwfx7IXQKdqQeqrNf0EMrjniv
5ASXUTTNDuu1gsh/4uPvmh/z3YlQNY2cWzqWl4Pp0O9tnrBIAYb7sGzbc40JhXhl
gG+dgMkr2OeTz+Gk0KGwRY6rgsE3B1DcjEKcNdDm6Zs1Om0/AXzaNhX4fYmrGZ9N
/Orru449qizqD8vovM69f31kPf4qr/ILyE91AiSvTwyNMe3o3G97G6vDbyZjqofN
PH0PcaTNYiSZsj9DdexlMHAjZqxaCT1IjxCAuRt0awXdbJhoLcIse6efh1hdlPUe
Z/1ZomAy8/2HNyvFF2eYHOUo7lvPoqPlI19teQ/53J7HX4HoQDGcRtCE+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+gIdZvtxnNbDHssqcDtLcdJSPcMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfJ0AL7OE
lbgILwhb+QzuA2fgmy+wE/Cm3+Ov1HieWj8f+Uigy5Ndmgg8lfTHTHb/GGwAabqy
4no6kzrmO+Y1H4hd+UyzSOh/vm/7DzKScGN96kN+UZZUd604LoS6CwEjsx+J9Kci
2SsMOlwnnPlGl0R3cdKUg0PMnZxGb4Q5PgktYuJRO8ahsFlitJe3yjYrTUXRkpKE
Xb8qmmB2WYLBnLg+1xIgsEnD8MQiUCuSRLEHg1RGZtA2Smz5FXcwFXA0Dcz5LMVQ
Fd+Hz6uaEiDbCD3Z3Z6ZSa5B/ZpbGSbERIm7X2bv++F/HZtopoXPk9A1mNMt/kUc
sWOqpw9iCAAPWA==
-----END CERTIFICATE-----