Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          DsnkFZN0abaU075TfR2J2DOX1cfq5ve6fvUQUd45tag=
Subject key identifier:   50:A9:CC:0D:26:4B:CF:19:C6:06:1E:AB:6C:04:80:4D:C8:99:A4:98
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       0197488CEEF1AAD61F211E7D02F0692F372F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          04D8
Signing time:             Sat 07 Jun 2025 04:01:25 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:25 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:25 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: H6gL9kfqG41LlgnS3Jhko8bUd4GV8pEQSP100WqCgEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:ee:f1:aa:d6:1f:21:1e:7d:02:f0:69:2f:37:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Jun  7 04:01:25 2025 GMT
            Not After : Jun  8 04:01:25 2025 GMT
        Subject: CN=50a9cc0d264bcf19c6061eab6c04804dc899a498
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0e:8f:03:d8:ca:8a:88:76:5c:f6:95:30:0b:
                    30:5a:51:6f:86:62:86:4a:4e:67:3d:2d:78:c6:08:
                    f6:23:2e:34:b3:5a:af:d5:11:72:1e:cc:f0:1b:a1:
                    58:db:34:3f:5c:71:8b:69:40:3f:9a:03:4f:c3:e0:
                    57:eb:b5:51:38:c1:c0:4e:69:cc:e7:ad:43:58:fb:
                    1f:3f:6b:a7:fc:19:a5:36:ee:b0:6c:b1:c5:07:24:
                    7b:6f:02:37:a1:7a:b5:15:73:90:c4:6f:d3:ee:be:
                    88:89:0e:fa:f3:4d:b3:5e:57:f6:4f:2d:42:ac:fe:
                    42:22:fa:a8:29:55:4d:68:08:e7:d8:28:80:d8:2c:
                    ba:b2:99:6a:30:66:b2:be:32:21:8c:19:a8:15:1e:
                    3b:9f:4f:b7:13:79:d5:cd:3d:27:82:90:17:2b:19:
                    3f:13:79:b5:b3:2a:c5:d5:85:37:d6:36:54:56:fa:
                    2d:a3:13:80:b7:2c:ac:94:8f:68:3e:02:c9:73:a4:
                    9a:e7:c9:0d:48:43:49:74:91:c8:61:98:29:fa:79:
                    5f:e1:43:0e:07:e6:89:56:63:ba:93:cc:aa:9b:d3:
                    fe:4b:07:20:79:1c:94:78:ae:cc:b5:05:42:e9:f5:
                    7b:b4:db:8a:32:41:4c:06:14:bf:42:bb:35:e2:41:
                    69:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:A9:CC:0D:26:4B:CF:19:C6:06:1E:AB:6C:04:80:4D:C8:99:A4:98
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:6c:fe:33:5c:0c:27:1c:9f:fd:15:f5:37:c4:7e:f3:e2:45:
         2c:4e:3e:ce:5c:94:e7:f0:74:12:f5:bb:f0:64:6b:27:e5:75:
         7b:94:b1:ee:9e:19:07:4a:3c:5b:41:26:e0:64:39:93:c9:7c:
         f8:8c:9d:9c:b2:e7:33:e2:55:c1:b2:3a:2d:58:96:85:5b:ad:
         24:e3:69:6c:5f:9c:8a:e1:fd:fb:fb:53:35:c1:13:ef:6d:c4:
         64:32:b7:5d:ed:64:ae:12:d9:fb:db:b5:15:5e:22:89:a2:82:
         54:30:84:2c:7a:7c:50:ac:f5:73:b0:c6:6c:45:7a:8a:fd:4c:
         95:f5:f7:53:90:4a:65:d5:2d:08:8e:ac:5f:c7:d3:36:f5:27:
         72:57:34:c2:0d:a3:77:4f:46:99:d7:b9:c6:9e:b4:16:75:9f:
         c9:17:10:f2:f2:ce:10:e7:bb:70:e2:e5:e0:71:8b:aa:b7:a0:
         12:ed:06:43:c6:f1:b2:78:94:f9:dd:80:5a:c2:5a:7d:85:8d:
         54:40:d4:0e:31:54:17:83:fa:0c:cd:6b:eb:56:07:c6:bf:ea:
         43:c9:d0:9e:4f:17:bd:15:33:db:a2:bc:22:ba:98:17:db:89:
         86:8d:93:90:e0:d0:4b:75:49:57:74:f4:33:c7:e0:47:6a:07:
         eb:a7:00:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjO7xqtYfIR59AvBpLzcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUwNjA3MDQwMTI1WhcNMjUwNjA4MDQwMTI1WjAzMTEwLwYDVQQD
Eyg1MGE5Y2MwZDI2NGJjZjE5YzYwNjFlYWI2YzA0ODA0ZGM4OTlhNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg6PA9jKioh2XPaVMAswWlFvhmKG
Sk5nPS14xgj2Iy40s1qv1RFyHszwG6FY2zQ/XHGLaUA/mgNPw+BX67VROMHATmnM
561DWPsfP2un/BmlNu6wbLHFByR7bwI3oXq1FXOQxG/T7r6IiQ76802zXlf2Ty1C
rP5CIvqoKVVNaAjn2CiA2Cy6splqMGayvjIhjBmoFR47n0+3E3nVzT0ngpAXKxk/
E3m1syrF1YU31jZUVvotoxOAtyyslI9oPgLJc6Sa58kNSENJdJHIYZgp+nlf4UMO
B+aJVmO6k8yqm9P+SwcgeRyUeK7MtQVC6fV7tNuKMkFMBhS/Qrs14kFpGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCpzA0mS88ZxgYeq2wEgE3ImaSYMB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQmz+M1wM
Jxyf/RX1N8R+8+JFLE4+zlyU5/B0EvW78GRrJ+V1e5Sx7p4ZB0o8W0Em4GQ5k8l8
+IydnLLnM+JVwbI6LViWhVutJONpbF+ciuH9+/tTNcET723EZDK3Xe1krhLZ+9u1
FV4iiaKCVDCELHp8UKz1c7DGbEV6iv1MlfX3U5BKZdUtCI6sX8fTNvUnclc0wg2j
d09Gmde5xp60FnWfyRcQ8vLOEOe7cOLl4HGLqregEu0GQ8bxsniU+d2AWsJafYWN
VEDUDjFUF4P6DM1r61YHxr/qQ8nQnk8XvRUz26K8IrqYF9uJho2TkODQS3VJV3T0
M8fgR2oH66cA7Q==
-----END CERTIFICATE-----