Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          SJlkq/IccDtZr+6EtPtIoMXW/aFiyxbCdq7UI5KZRI4=
Subject key identifier:   C6:76:D4:22:B8:7A:6A:63:94:64:79:D7:AF:25:1E:E5:23:4E:B0:26
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       01958B8452B69DC832A526707A163FBB5ED5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          02C8
Signing time:             Wed 12 Mar 2025 18:00:59 +0000
Manifest this update:     Wed 12 Mar 2025 18:00:59 +0000
Manifest next update:     Thu 13 Mar 2025 18:00:59 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: e9CabBPdu37HeYwZO/L22+9jM/wZFzZnFU2BO5V03Uc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 18:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:84:52:b6:9d:c8:32:a5:26:70:7a:16:3f:bb:5e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Mar 12 18:00:59 2025 GMT
            Not After : Mar 13 18:00:59 2025 GMT
        Subject: CN=c676d422b87a6a63946479d7af251ee5234eb026
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:76:cc:82:52:92:ce:86:5c:13:ea:e6:e6:35:
                    bb:c0:d8:d4:57:2e:56:dc:7f:14:9e:ed:50:ba:c2:
                    2b:11:53:f8:f4:74:9a:4a:42:9e:94:9f:a9:8a:a0:
                    2a:95:a7:3d:fb:56:89:12:7a:9a:8e:cb:55:2f:c0:
                    69:33:8d:90:bf:ee:95:0c:b7:5d:49:f5:2e:e1:23:
                    05:0b:c3:a1:9a:5b:6e:9e:5e:42:e4:54:76:f0:be:
                    aa:d6:62:14:d8:1b:09:c0:76:63:4b:32:d8:6b:4b:
                    57:5c:63:96:3e:11:d0:29:2e:7a:96:05:d4:d8:e8:
                    62:12:51:2f:9b:4e:81:97:4a:a0:93:84:4c:41:ac:
                    ad:46:21:b4:e6:e8:ea:13:9d:98:69:43:b9:d3:38:
                    ec:6b:48:8e:b1:0f:da:83:63:23:fc:5c:21:c2:10:
                    08:17:2d:51:e6:d9:ad:ff:61:9f:69:c7:2a:17:71:
                    30:f9:f6:39:e3:c5:45:3c:9f:b4:e9:06:bd:bd:b3:
                    ee:4c:c7:01:9a:6e:c4:8b:16:1d:90:6b:a4:b6:21:
                    a6:27:0c:89:fc:a8:3f:d6:58:df:25:bb:50:3f:88:
                    a5:cc:6d:98:e9:11:f5:06:e4:3c:81:2d:8d:ee:6d:
                    28:09:db:09:e2:d3:36:85:37:c9:d5:fc:19:5a:c1:
                    95:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:76:D4:22:B8:7A:6A:63:94:64:79:D7:AF:25:1E:E5:23:4E:B0:26
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:fc:a7:24:6d:5e:95:52:51:af:15:ec:13:63:12:37:9e:a8:
         5c:01:7f:91:bd:e5:5a:b4:77:b9:bd:e3:96:27:10:95:0d:8f:
         70:c7:56:fe:4f:94:f5:86:79:1d:5b:7c:28:ce:74:23:34:4a:
         57:fb:93:da:54:50:99:a1:ed:0a:17:11:17:3e:59:85:a8:6f:
         68:30:3c:cc:3f:e1:ef:40:89:32:3f:f1:c6:3d:ad:a7:5a:53:
         e3:0a:a9:8b:c0:ae:46:9f:c4:48:9c:be:8b:a7:e3:47:15:2a:
         c1:af:fc:80:9d:32:db:a2:be:e7:00:38:45:23:df:74:24:95:
         3d:3b:8f:6c:6f:6d:8d:f7:84:4e:b6:79:00:29:1d:45:60:84:
         3a:b8:8b:4b:93:16:d0:c3:1d:e7:d8:56:c5:d6:c5:2c:a6:eb:
         73:ef:44:5b:41:3b:23:10:7b:d9:51:b9:c3:b3:ad:0e:6e:23:
         36:c3:45:16:7a:c5:1c:94:56:61:46:ad:b1:60:dc:d1:c5:0f:
         9f:a4:cb:76:04:f1:9c:cc:20:df:c6:fe:93:ba:8c:82:1d:3d:
         8c:0c:ae:9e:fb:0d:5c:51:6e:b7:45:04:aa:ec:e6:95:ca:73:
         19:6d:33:11:4c:fa:da:01:3e:27:59:03:33:08:b2:dd:e3:7b:
         19:94:45:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLhFK2ncgypSZwehY/u17VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwMzEyMTgwMDU5WhcNMjUwMzEzMTgwMDU5WjAzMTEwLwYDVQQD
EyhjNjc2ZDQyMmI4N2E2YTYzOTQ2NDc5ZDdhZjI1MWVlNTIzNGViMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XbMglKSzoZcE+rm5jW7wNjUVy5W
3H8Unu1QusIrEVP49HSaSkKelJ+piqAqlac9+1aJEnqajstVL8BpM42Qv+6VDLdd
SfUu4SMFC8Ohmltunl5C5FR28L6q1mIU2BsJwHZjSzLYa0tXXGOWPhHQKS56lgXU
2OhiElEvm06Bl0qgk4RMQaytRiG05ujqE52YaUO50zjsa0iOsQ/ag2Mj/FwhwhAI
Fy1R5tmt/2GfaccqF3Ew+fY548VFPJ+06Qa9vbPuTMcBmm7EixYdkGuktiGmJwyJ
/Kg/1ljfJbtQP4ilzG2Y6RH1BuQ8gS2N7m0oCdsJ4tM2hTfJ1fwZWsGV8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZ21CK4empjlGR5168lHuUjTrAmMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtfynJG1e
lVJRrxXsE2MSN56oXAF/kb3lWrR3ub3jlicQlQ2PcMdW/k+U9YZ5HVt8KM50IzRK
V/uT2lRQmaHtChcRFz5ZhahvaDA8zD/h70CJMj/xxj2tp1pT4wqpi8CuRp/ESJy+
i6fjRxUqwa/8gJ0y26K+5wA4RSPfdCSVPTuPbG9tjfeETrZ5ACkdRWCEOriLS5MW
0MMd59hWxdbFLKbrc+9EW0E7IxB72VG5w7OtDm4jNsNFFnrFHJRWYUatsWDc0cUP
n6TLdgTxnMwg38b+k7qMgh09jAyunvsNXFFut0UEquzmlcpzGW0zEUz62gE+J1kD
Mwiy3eN7GZRF7A==
-----END CERTIFICATE-----