Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          J+864NLpfdsPopFurburyk9D3+9iuMFnjKZtucWWQIk=
Subject key identifier:   AF:B1:33:60:D9:3B:9E:87:DF:C3:21:71:1A:71:5C:79:26:DE:AA:E7
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       019745C26F4A75EFA8012E8062DD741027AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          03AD
Signing time:             Fri 06 Jun 2025 15:00:59 +0000
Manifest this update:     Fri 06 Jun 2025 15:00:59 +0000
Manifest next update:     Sat 07 Jun 2025 15:00:59 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: /ZDCnnIm0sI0O/Fx3YglFdTWt44wFpGfW39DB+c/t4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:c2:6f:4a:75:ef:a8:01:2e:80:62:dd:74:10:27:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Jun  6 15:00:59 2025 GMT
            Not After : Jun  7 15:00:59 2025 GMT
        Subject: CN=afb13360d93b9e87dfc321711a715c7926deaae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:42:eb:0b:59:39:23:a8:9e:ed:cc:3f:12:9c:
                    40:19:05:16:ef:66:e1:a4:d2:68:bd:be:6c:d2:70:
                    70:ef:75:c3:20:ca:da:48:4d:71:f2:bb:77:7e:8a:
                    c0:dd:e2:68:a3:26:5f:7d:37:79:68:e6:68:4c:bf:
                    32:43:27:b7:d1:9c:f7:90:73:fa:e9:98:2f:d0:05:
                    1d:2a:e0:ec:6f:a6:e4:2d:fd:35:2e:6e:e9:ce:1e:
                    76:14:a0:1e:86:35:ec:29:84:de:28:a0:fd:fb:fb:
                    d2:ce:0a:b9:11:23:54:72:94:54:be:be:c2:d4:47:
                    67:45:17:0a:f1:56:0a:f7:55:d4:85:83:34:51:49:
                    f3:c7:e4:4c:90:64:64:4d:60:ff:2d:a0:af:c6:c4:
                    0f:6b:c3:47:30:7b:78:3d:74:bc:8b:68:22:37:92:
                    cb:ce:e7:f1:80:40:9b:5a:27:f6:d7:47:2f:c3:2d:
                    ee:93:e4:0f:6a:97:d6:4d:61:11:3d:18:e9:7e:a4:
                    54:b6:1d:63:72:58:40:ab:6c:37:f9:46:bd:f6:ab:
                    30:d5:65:de:dd:0a:e3:fa:90:27:cd:31:7a:db:f0:
                    89:e7:17:93:36:9b:39:eb:0a:15:b3:3e:59:d4:9e:
                    33:8e:2b:c3:32:2c:b1:50:5c:1f:07:46:c5:15:89:
                    b6:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:B1:33:60:D9:3B:9E:87:DF:C3:21:71:1A:71:5C:79:26:DE:AA:E7
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:19:5c:23:27:dd:4e:a0:0b:0d:e0:5c:7c:89:f8:fb:da:ba:
         98:b1:6d:58:82:1a:ab:ce:f9:6a:28:a1:1c:b8:1c:34:b8:c7:
         7e:3b:4e:d5:a0:db:7d:09:1b:0d:e3:cd:5a:2e:f1:7d:62:10:
         9d:b3:d2:8e:b2:e7:eb:bd:6a:a1:c8:e5:5f:3c:68:33:ff:29:
         88:54:9d:2a:f3:a8:62:0b:06:d4:af:44:37:fd:ba:23:18:9d:
         3c:b7:21:e6:cc:61:21:ad:f9:d1:ea:86:c0:36:57:0e:f6:af:
         4b:d0:e9:99:50:2c:f4:f2:49:e9:14:cb:82:c8:81:82:7b:b8:
         0d:2f:c6:e4:dc:8c:8d:3c:7f:a4:0e:8c:82:7c:e6:15:26:f4:
         53:76:e7:50:f2:4a:0a:7b:d2:04:de:69:49:e9:1c:5d:9d:ce:
         59:a4:01:de:af:49:6e:f2:67:9f:00:49:0d:d8:5e:b8:b3:7f:
         dd:d2:45:a3:aa:19:1d:ed:ee:40:aa:83:e2:7f:1f:34:97:62:
         97:10:a4:e0:1a:20:e6:d8:58:83:e8:63:1c:8d:88:48:b0:06:
         84:00:e1:1b:76:f0:85:ea:d1:56:12:b6:25:c0:27:c4:4a:80:
         00:36:6d:b0:f7:16:ed:9d:49:14:dd:47:17:2f:e8:f4:54:c2:
         c4:a4:fa:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdFwm9Kde+oAS6AYt10ECeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwNjA2MTUwMDU5WhcNMjUwNjA3MTUwMDU5WjAzMTEwLwYDVQQD
EyhhZmIxMzM2MGQ5M2I5ZTg3ZGZjMzIxNzExYTcxNWM3OTI2ZGVhYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkLrC1k5I6ie7cw/EpxAGQUW72bh
pNJovb5s0nBw73XDIMraSE1x8rt3forA3eJooyZffTd5aOZoTL8yQye30Zz3kHP6
6Zgv0AUdKuDsb6bkLf01Lm7pzh52FKAehjXsKYTeKKD9+/vSzgq5ESNUcpRUvr7C
1EdnRRcK8VYK91XUhYM0UUnzx+RMkGRkTWD/LaCvxsQPa8NHMHt4PXS8i2giN5LL
zufxgECbWif210cvwy3uk+QPapfWTWERPRjpfqRUth1jclhAq2w3+Ua99qsw1WXe
3Qrj+pAnzTF62/CJ5xeTNps56woVsz5Z1J4zjivDMiyxUFwfB0bFFYm2/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+xM2DZO56H38MhcRpxXHkm3qrnMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALBlcIyfd
TqALDeBcfIn4+9q6mLFtWIIaq875aiihHLgcNLjHfjtO1aDbfQkbDePNWi7xfWIQ
nbPSjrLn671qocjlXzxoM/8piFSdKvOoYgsG1K9EN/26IxidPLch5sxhIa350eqG
wDZXDvavS9DpmVAs9PJJ6RTLgsiBgnu4DS/G5NyMjTx/pA6MgnzmFSb0U3bnUPJK
CnvSBN5pSekcXZ3OWaQB3q9JbvJnnwBJDdheuLN/3dJFo6oZHe3uQKqD4n8fNJdi
lxCk4Bog5thYg+hjHI2ISLAGhADhG3bwherRVhK2JcAnxEqAADZtsPcW7Z1JFN1H
Fy/o9FTCxKT6fA==
-----END CERTIFICATE-----