Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          n5Ixr4c3gGiGwzCn8+1RzrydVjt6pOrDPX9LBkrnylM=
Subject key identifier:   8F:3B:0A:76:63:9F:5F:62:3E:C9:19:0C:F5:2B:02:44:96:77:93:9B
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       01964CA2A7A8C03AF855663A6C5BA34ABED6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          032C
Signing time:             Sat 19 Apr 2025 06:00:50 +0000
Manifest this update:     Sat 19 Apr 2025 06:00:50 +0000
Manifest next update:     Sun 20 Apr 2025 06:00:50 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: L9Ya49C8nJKw09hC+YKg2WMNG/eVHUSSftjix0c9iCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:a2:a7:a8:c0:3a:f8:55:66:3a:6c:5b:a3:4a:be:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Apr 19 06:00:50 2025 GMT
            Not After : Apr 20 06:00:50 2025 GMT
        Subject: CN=8f3b0a76639f5f623ec9190cf52b02449677939b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b5:02:20:e3:68:99:69:b4:ff:f1:d7:50:a0:
                    58:cc:7f:09:fa:fd:56:4e:45:5e:c3:cb:50:ea:2d:
                    ea:c9:9f:11:00:25:a3:e2:33:1d:1c:a3:19:13:0b:
                    ce:ed:61:75:2f:e8:93:5c:b0:34:60:0e:db:30:8e:
                    61:b0:bc:cf:22:a6:ac:2e:c1:5a:7d:db:42:c1:4d:
                    48:d4:e5:07:cf:4b:d0:88:e5:a7:c4:40:b8:e9:8a:
                    22:64:ee:44:bc:f3:49:24:ed:fa:f1:7e:8a:d0:47:
                    99:03:9d:aa:ee:f8:43:fc:a1:67:17:81:3e:cc:d4:
                    27:44:cf:c8:5c:c1:2b:ef:03:ee:0c:2c:46:de:e8:
                    17:f7:f4:6c:c0:34:7b:c9:97:be:8e:45:18:8f:4d:
                    9f:74:5a:51:f7:46:71:65:2d:03:7c:6a:16:6a:5f:
                    dd:8c:89:a4:e5:c4:9c:aa:ec:12:c7:e2:68:2b:3f:
                    dd:a5:7d:0d:5d:94:74:15:66:33:70:f2:48:71:25:
                    b6:1e:39:c4:ac:d2:05:e6:a3:7c:f6:58:82:9a:45:
                    56:bc:51:4b:53:14:e1:13:cf:c1:b4:51:ee:79:2b:
                    57:2e:7a:81:78:11:b6:23:20:c4:e5:3f:d9:50:40:
                    1e:d0:21:11:67:28:0c:17:27:7a:4b:0e:e5:bf:0d:
                    ee:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:3B:0A:76:63:9F:5F:62:3E:C9:19:0C:F5:2B:02:44:96:77:93:9B
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:e1:b9:f0:72:21:36:71:3b:9e:5e:a5:bd:c3:ac:4c:68:2a:
         bf:99:73:86:5a:80:96:13:1b:cb:01:a2:8f:e5:c6:d7:f6:1c:
         cd:00:1f:ad:8a:fb:45:6d:d8:02:03:de:92:2f:4a:ec:15:c7:
         9f:ae:bb:89:0d:1f:e0:3e:7f:16:16:78:c2:47:d2:be:24:e9:
         10:62:b2:6e:ef:a1:b9:cc:fa:94:a2:d4:cd:df:85:ae:9d:ff:
         b2:e5:51:57:3d:3d:f3:62:84:af:ae:ce:c0:9b:1e:4b:a2:6e:
         88:90:1d:62:f5:b4:75:5c:18:58:50:28:51:72:46:62:e8:87:
         b3:ef:a7:f4:6b:91:c7:08:b5:2c:9a:72:e5:24:44:a0:ff:0c:
         1d:1f:5f:a9:65:5b:d3:ff:68:15:58:d6:ce:c3:48:02:58:ec:
         6b:0f:9a:8f:b1:77:03:29:05:a7:90:87:b8:d6:1f:f7:db:5f:
         f2:0a:9e:08:67:0d:33:85:8a:e6:8e:67:ea:6f:05:e3:60:26:
         e1:c7:97:7d:4c:db:d8:dd:ae:74:b3:76:03:d0:32:3f:e7:65:
         02:cf:d2:b2:1d:43:62:e6:40:8b:b4:49:48:3a:c6:71:a8:7c:
         6a:9f:95:fe:14:41:2a:46:4a:2e:c8:e2:9c:22:01:72:f1:79:
         b6:dc:cf:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMoqeowDr4VWY6bFujSr7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwNDE5MDYwMDUwWhcNMjUwNDIwMDYwMDUwWjAzMTEwLwYDVQQD
Eyg4ZjNiMGE3NjYzOWY1ZjYyM2VjOTE5MGNmNTJiMDI0NDk2Nzc5MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLUCIONomWm0//HXUKBYzH8J+v1W
TkVew8tQ6i3qyZ8RACWj4jMdHKMZEwvO7WF1L+iTXLA0YA7bMI5hsLzPIqasLsFa
fdtCwU1I1OUHz0vQiOWnxEC46YoiZO5EvPNJJO368X6K0EeZA52q7vhD/KFnF4E+
zNQnRM/IXMEr7wPuDCxG3ugX9/RswDR7yZe+jkUYj02fdFpR90ZxZS0DfGoWal/d
jImk5cScquwSx+JoKz/dpX0NXZR0FWYzcPJIcSW2HjnErNIF5qN89liCmkVWvFFL
UxThE8/BtFHueStXLnqBeBG2IyDE5T/ZUEAe0CERZygMFyd6Sw7lvw3u2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI87CnZjn19iPskZDPUrAkSWd5ObMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq+G58HIh
NnE7nl6lvcOsTGgqv5lzhlqAlhMbywGij+XG1/YczQAfrYr7RW3YAgPeki9K7BXH
n667iQ0f4D5/FhZ4wkfSviTpEGKybu+hucz6lKLUzd+Frp3/suVRVz0982KEr67O
wJseS6JuiJAdYvW0dVwYWFAoUXJGYuiHs++n9GuRxwi1LJpy5SREoP8MHR9fqWVb
0/9oFVjWzsNIAljsaw+aj7F3AykFp5CHuNYf99tf8gqeCGcNM4WK5o5n6m8F42Am
4ceXfUzb2N2udLN2A9AyP+dlAs/Ssh1DYuZAi7RJSDrGcah8ap+V/hRBKkZKLsji
nCIBcvF5ttzP3w==
-----END CERTIFICATE-----