Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
File:                     OPJMluat5giBDDDZoTB8xpr5_00.mft (raw, json)
Hash identifier:          5Gu3BsETjLMyy01zmcSgI4CrGDegtVvZwwWFy9Eygx4=
Subject key identifier:   98:BB:3A:3D:40:64:B4:78:4C:80:9C:A0:5F:37:BB:21:B5:27:08:A5
Authority key identifier: 38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D
Certificate issuer:       /CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d
Certificate serial:       0197518F850ADB2F449B9C02DCD2CF0556F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
Manifest number:          0C36
Signing time:             Sun 08 Jun 2025 22:00:49 +0000
Manifest this update:     Sun 08 Jun 2025 22:00:49 +0000
Manifest next update:     Mon 09 Jun 2025 22:00:49 +0000
Files and hashes:         1: OPJMluat5giBDDDZoTB8xpr5_00.crl (hash: M9mz9HqoDj66qVZw+N+mtwsNZ0dQomL5uvLcvmvoZAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:8f:85:0a:db:2f:44:9b:9c:02:dc:d2:cf:05:56:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d
        Validity
            Not Before: Jun  8 22:00:49 2025 GMT
            Not After : Jun  9 22:00:49 2025 GMT
        Subject: CN=98bb3a3d4064b4784c809ca05f37bb21b52708a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:30:86:af:d1:f7:bb:0b:a2:a7:1f:fb:92:8b:
                    bf:dc:97:49:d0:da:67:5e:b8:13:a9:cf:22:36:fe:
                    76:d1:ad:2a:f8:f1:9a:d5:37:6c:bd:8d:5e:8c:c6:
                    ad:87:f3:e0:09:81:20:92:35:73:38:6d:6a:8e:b7:
                    5b:d1:bb:4a:b3:ce:a6:e2:aa:5e:b8:d5:4d:74:01:
                    6f:60:62:c4:92:5e:89:f9:81:1b:d2:8f:d7:48:d4:
                    00:5c:26:fd:9e:e5:3c:5c:96:9d:0e:b0:83:c7:ac:
                    6a:0d:60:61:85:23:76:ea:1d:32:90:06:d0:b8:b3:
                    86:6e:5e:9a:5d:f1:5e:7b:71:5d:d7:89:52:0d:fd:
                    f2:af:02:aa:73:40:b3:b1:01:4e:9a:a5:32:ca:a4:
                    08:97:d6:6f:a1:2f:fc:94:85:73:03:32:67:f8:44:
                    2a:a2:3b:14:93:7c:3e:79:55:b8:2a:27:79:2d:b5:
                    4f:f9:62:3c:b6:ab:c0:07:e7:51:b7:b0:5f:0c:7c:
                    4c:25:70:37:9b:b1:46:b7:ce:26:a7:21:ca:0a:96:
                    df:28:6c:fa:79:19:4e:d4:4f:b0:f6:e9:5d:a9:67:
                    41:f3:e9:45:83:89:7a:82:2e:b5:5b:b0:91:56:55:
                    cf:90:6b:93:f9:04:e1:2b:5a:45:f3:4e:f8:55:b8:
                    9d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:BB:3A:3D:40:64:B4:78:4C:80:9C:A0:5F:37:BB:21:B5:27:08:A5
            X509v3 Authority Key Identifier:
                keyid:38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:d2:4a:31:78:36:2c:b8:f8:24:3f:66:b0:f5:b0:52:c6:cb:
         29:f0:1f:cd:79:ad:30:55:97:c1:8e:57:85:c4:bf:36:56:64:
         8d:fe:cb:b8:e2:45:b5:65:4a:63:29:c3:74:30:94:cb:26:27:
         93:b9:78:ca:72:e1:7a:2d:d3:08:e5:19:79:26:3d:9f:0c:61:
         42:80:e4:d2:f5:30:12:f6:8a:d4:92:21:3f:a4:f8:a0:cd:cd:
         b0:23:c5:42:15:71:23:06:db:82:52:dd:ab:09:97:8a:dd:01:
         bd:d8:31:69:99:fa:b4:e1:ec:81:35:d4:5b:95:28:a0:21:4f:
         d1:7b:b2:a8:61:80:ba:5d:f0:6e:88:2f:38:43:81:c6:4b:a3:
         67:1d:4e:c5:85:d0:27:ca:6f:06:70:5f:f3:af:d0:fb:20:c7:
         24:60:fc:d5:2b:a9:e5:d9:e0:8b:43:4b:9a:e5:8f:07:a5:55:
         fb:1d:a4:ea:77:a5:74:4e:94:59:e5:e6:5f:f9:76:0b:de:83:
         58:bb:ed:8b:fe:3d:31:4c:9d:d4:9e:09:b6:d8:58:57:f1:59:
         6e:f4:12:56:f1:11:b6:76:82:fe:1b:b5:c8:c4:e8:6f:74:83:
         29:71:eb:a9:5f:5b:1f:40:1a:e9:89:28:23:bd:b6:bd:8f:f7:
         2b:59:97:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRj4UK2y9Em5wC3NLPBVbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjI0Yzk2ZTZhZGU2MDg4MTBjMzBkOWExMzA3Y2M2OWFm
OWZmNGQwHhcNMjUwNjA4MjIwMDQ5WhcNMjUwNjA5MjIwMDQ5WjAzMTEwLwYDVQQD
Eyg5OGJiM2EzZDQwNjRiNDc4NGM4MDljYTA1ZjM3YmIyMWI1MjcwOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTCGr9H3uwuipx/7kou/3JdJ0Npn
XrgTqc8iNv520a0q+PGa1TdsvY1ejMath/PgCYEgkjVzOG1qjrdb0btKs86m4qpe
uNVNdAFvYGLEkl6J+YEb0o/XSNQAXCb9nuU8XJadDrCDx6xqDWBhhSN26h0ykAbQ
uLOGbl6aXfFee3Fd14lSDf3yrwKqc0CzsQFOmqUyyqQIl9ZvoS/8lIVzAzJn+EQq
ojsUk3w+eVW4Kid5LbVP+WI8tqvAB+dRt7BfDHxMJXA3m7FGt84mpyHKCpbfKGz6
eRlO1E+w9uldqWdB8+lFg4l6gi61W7CRVlXPkGuT+QThK1pF8074VbidowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJi7Oj1AZLR4TICcoF83uyG1JwilMB8GA1UdIwQY
MBaAFDjyTJbmreYIgQww2aEwfMaa+f9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMt
MDRlNGE4NGE3NGFjLzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMtMDRlNGE4NGE3NGFj
LzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwNJKMXg2
LLj4JD9msPWwUsbLKfAfzXmtMFWXwY5XhcS/NlZkjf7LuOJFtWVKYynDdDCUyyYn
k7l4ynLhei3TCOUZeSY9nwxhQoDk0vUwEvaK1JIhP6T4oM3NsCPFQhVxIwbbglLd
qwmXit0BvdgxaZn6tOHsgTXUW5UooCFP0XuyqGGAul3wbogvOEOBxkujZx1OxYXQ
J8pvBnBf86/Q+yDHJGD81Sup5dngi0NLmuWPB6VV+x2k6neldE6UWeXmX/l2C96D
WLvti/49MUyd1J4JtthYV/FZbvQSVvERtnaC/hu1yMTob3SDKXHrqV9bH0Aa6Yko
I722vY/3K1mXcQ==
-----END CERTIFICATE-----