Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          BvjStmPq+hn7O7OVZTX8uWfARnqxA+YCR3e10bF3FSA=
Subject key identifier:   01:C6:E3:CD:F6:5B:9A:C1:4D:65:27:EB:66:85:96:F7:10:30:18:F6
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0197CACC87BAD2884015EA2A20BC8264A5B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          053B
Signing time:             Wed 02 Jul 2025 11:01:31 +0000
Manifest this update:     Wed 02 Jul 2025 11:01:31 +0000
Manifest next update:     Thu 03 Jul 2025 11:01:31 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: KidCA322y0iQc9dp2+POKhoCdqhy4cRewJQQq2V2WZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 11:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:cc:87:ba:d2:88:40:15:ea:2a:20:bc:82:64:a5:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Jul  2 11:01:31 2025 GMT
            Not After : Jul  3 11:01:31 2025 GMT
        Subject: CN=01c6e3cdf65b9ac14d6527eb668596f7103018f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:52:f7:e4:73:e3:61:e3:74:09:1d:6d:3a:fe:
                    4a:84:9f:99:0a:89:cc:a9:06:16:d9:04:42:8d:c8:
                    81:9b:87:7a:60:ff:82:73:52:59:2a:9f:93:5f:a1:
                    d9:03:2c:0f:36:28:ac:ae:7d:0f:9f:b0:41:b5:00:
                    12:79:ad:52:cd:50:5e:e3:86:23:ca:b6:cd:3e:f3:
                    ee:ed:5d:09:de:14:80:1d:8a:fe:63:72:2a:43:2c:
                    28:e3:72:f6:21:94:e0:cd:81:03:97:44:3e:29:ea:
                    6b:9d:b0:ce:db:ad:4c:c3:5b:d7:31:c5:b0:a3:ed:
                    86:56:1f:99:8e:26:9f:34:73:11:2c:f2:29:8e:35:
                    d6:eb:79:e1:85:b7:09:80:5e:1d:a8:18:1f:d3:b7:
                    d5:a3:2b:be:03:0e:92:10:0c:12:66:1f:ed:17:6c:
                    55:fd:32:92:c7:87:8c:89:7e:7e:31:e6:ec:4e:ea:
                    a2:3e:d5:f9:e1:a0:f9:3c:03:ac:51:0c:c4:b8:7c:
                    e9:ed:11:85:03:9d:cb:87:f7:99:57:9f:5c:6a:17:
                    5b:ba:13:e2:e1:30:74:ed:25:0a:9d:fe:12:aa:5c:
                    d8:62:3d:d5:5c:cb:45:ff:85:6c:f7:8f:d0:d5:4c:
                    d4:30:3b:9e:cc:50:bf:5f:76:fa:21:ea:3b:a4:38:
                    4b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:C6:E3:CD:F6:5B:9A:C1:4D:65:27:EB:66:85:96:F7:10:30:18:F6
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:94:e5:a1:7a:17:12:13:77:61:a0:b5:4d:45:41:c7:a9:01:
         66:18:ba:24:2d:4f:bc:a5:6c:cc:3a:d0:06:38:08:b0:31:61:
         b7:ae:89:12:cf:36:3d:52:cd:40:1e:97:95:3a:5c:f4:97:8c:
         e7:0f:9c:7a:f0:5b:a6:58:82:d2:0a:e8:c3:3d:9c:5e:b9:48:
         43:82:64:be:03:09:35:e7:11:dc:1d:94:3a:dd:97:02:81:48:
         d0:ee:ca:05:93:eb:9e:55:c9:da:4e:0e:21:3f:e0:45:fd:23:
         d6:5c:70:e6:eb:6b:88:76:89:a4:00:22:44:4f:d8:d3:5f:e2:
         d7:27:fb:13:96:1e:76:3b:c5:99:c2:df:c5:c2:04:86:a2:be:
         b5:f4:3e:f2:d9:86:ce:8d:64:8c:8b:93:73:75:85:84:da:87:
         ed:da:0d:a2:d3:00:78:3b:4c:96:20:84:0b:49:02:5f:57:b7:
         42:ac:68:a8:40:b0:ce:a4:50:25:29:ef:11:ce:c9:95:09:f7:
         26:eb:78:7e:52:05:6e:08:9f:a4:ba:3e:fd:b8:4d:ec:a8:04:
         73:97:63:c0:8e:89:a3:d6:c8:f3:b1:6b:c5:40:2e:d9:8c:f3:
         19:88:6c:59:df:22:e8:02:a6:ae:11:e0:2f:d1:65:c8:6e:b4:
         dc:f6:f3:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKzIe60ohAFeoqILyCZKWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUwNzAyMTEwMTMxWhcNMjUwNzAzMTEwMTMxWjAzMTEwLwYDVQQD
EygwMWM2ZTNjZGY2NWI5YWMxNGQ2NTI3ZWI2Njg1OTZmNzEwMzAxOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/VL35HPjYeN0CR1tOv5KhJ+ZConM
qQYW2QRCjciBm4d6YP+Cc1JZKp+TX6HZAywPNiisrn0Pn7BBtQASea1SzVBe44Yj
yrbNPvPu7V0J3hSAHYr+Y3IqQywo43L2IZTgzYEDl0Q+KeprnbDO261Mw1vXMcWw
o+2GVh+ZjiafNHMRLPIpjjXW63nhhbcJgF4dqBgf07fVoyu+Aw6SEAwSZh/tF2xV
/TKSx4eMiX5+MebsTuqiPtX54aD5PAOsUQzEuHzp7RGFA53Lh/eZV59cahdbuhPi
4TB07SUKnf4SqlzYYj3VXMtF/4Vs94/Q1UzUMDuezFC/X3b6Ieo7pDhLzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHG4832W5rBTWUn62aFlvcQMBj2MB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJZTloXoX
EhN3YaC1TUVBx6kBZhi6JC1PvKVszDrQBjgIsDFht66JEs82PVLNQB6XlTpc9JeM
5w+cevBbpliC0growz2cXrlIQ4JkvgMJNecR3B2UOt2XAoFI0O7KBZPrnlXJ2k4O
IT/gRf0j1lxw5utriHaJpAAiRE/Y01/i1yf7E5YedjvFmcLfxcIEhqK+tfQ+8tmG
zo1kjIuTc3WFhNqH7doNotMAeDtMliCEC0kCX1e3QqxoqECwzqRQJSnvEc7JlQn3
Jut4flIFbgifpLo+/bhN7KgEc5djwI6Jo9bI87FrxUAu2YzzGYhsWd8i6AKmrhHg
L9FlyG603PbzNA==
-----END CERTIFICATE-----