Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          KoiP0U5PpaPeMVwreezr7KF9mdCcggwHmqLHWECYxLI=
Subject key identifier:   EC:E9:C1:72:17:E8:39:04:07:4B:10:12:A0:5C:59:CA:02:68:BA:62
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       019691BA9E877440EBA18FB91DD8CC51A67B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          0124
Signing time:             Fri 02 May 2025 16:00:48 +0000
Manifest this update:     Fri 02 May 2025 16:00:48 +0000
Manifest next update:     Sat 03 May 2025 16:00:48 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: 8cXLZzjCD2ey1DaY3PQAhQ/2TmWeXYy+IXd/44DAx2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 14:24:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:ba:9e:87:74:40:eb:a1:8f:b9:1d:d8:cc:51:a6:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: May  2 16:00:48 2025 GMT
            Not After : May  3 16:00:48 2025 GMT
        Subject: CN=ece9c17217e83904074b1012a05c59ca0268ba62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:4a:a9:af:bd:b1:cf:0e:a7:ae:67:42:e0:d0:
                    6f:a3:91:d7:bf:9f:71:33:0e:17:c4:ef:aa:a9:42:
                    39:10:c6:12:02:18:31:15:63:b4:73:f8:31:7e:38:
                    18:58:27:7b:2a:86:27:54:70:4c:b1:8c:74:b6:78:
                    73:25:f0:d5:fa:02:b0:05:97:b4:62:eb:f3:ab:10:
                    1f:47:de:4c:ec:53:6b:84:19:5d:28:2a:bc:b0:18:
                    74:8b:86:1b:02:01:3f:e5:8d:7d:1c:a9:01:bb:d6:
                    33:9e:e4:6c:6e:74:48:a5:7b:23:25:21:71:6d:25:
                    4d:41:3f:ec:14:56:49:4a:5e:e3:99:0f:24:31:5f:
                    64:42:55:16:34:d2:94:b2:72:83:ac:1f:a4:28:da:
                    c4:40:f2:b8:10:5c:c2:85:16:03:d6:99:1b:ed:e1:
                    7c:50:de:c0:ea:0f:51:67:42:3f:92:ee:27:e1:ea:
                    46:55:ba:7d:0c:9c:fa:10:df:2d:e2:f6:9d:d9:5a:
                    73:27:56:3f:cc:2d:e4:9c:37:33:7a:d5:17:ad:56:
                    1a:b8:da:46:c5:cf:12:b8:06:22:23:e3:0c:dc:a0:
                    83:6e:8d:6c:55:da:6c:c9:39:0a:f2:50:d7:69:be:
                    00:9e:20:63:f3:7a:66:72:27:4a:64:7b:01:8a:09:
                    91:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:E9:C1:72:17:E8:39:04:07:4B:10:12:A0:5C:59:CA:02:68:BA:62
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:06:09:a8:7b:20:91:d6:bb:ae:4f:ad:cc:88:13:98:ed:6e:
         9d:55:27:02:a4:d4:39:ab:22:dc:b2:82:65:51:e0:43:e3:83:
         3a:2d:0b:5d:f3:48:2e:d6:cf:77:6e:eb:ae:f9:4f:62:88:19:
         d3:fd:6f:27:99:be:45:c1:14:fd:99:f9:51:60:2f:eb:4b:2e:
         e1:c1:61:65:48:d2:9c:94:a2:1d:05:bc:bc:b8:81:ec:d0:56:
         9a:24:f3:ce:41:81:45:69:1e:51:56:c8:5d:24:0a:e3:7b:32:
         5b:23:57:21:d5:47:7f:e1:c7:b3:0f:a4:69:0a:16:00:55:48:
         d1:40:d7:50:c1:e8:26:c2:c2:8b:96:3b:06:8c:3e:3b:f6:e2:
         79:71:2a:4d:0a:1d:a0:cc:04:12:58:c2:a6:0b:65:1f:8c:f8:
         bd:40:24:5e:3c:8e:28:ac:7e:09:e5:1d:a3:26:17:7e:17:80:
         58:7d:d4:20:13:c2:3f:7c:5d:c4:cc:4a:b0:b4:01:8e:3b:e4:
         97:39:d2:ee:72:30:a2:ba:d3:26:c9:e9:5e:0b:5a:8d:65:3f:
         22:0f:29:8e:2a:15:e8:80:41:b0:ea:97:ed:64:7e:c3:ae:f5:
         0a:3e:f1:d1:fd:b3:e9:e7:31:5d:dc:08:68:ff:88:5d:11:19:
         7d:c9:c4:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRup6HdEDroY+5HdjMUaZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwNTAyMTYwMDQ4WhcNMjUwNTAzMTYwMDQ4WjAzMTEwLwYDVQQD
EyhlY2U5YzE3MjE3ZTgzOTA0MDc0YjEwMTJhMDVjNTljYTAyNjhiYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUqpr72xzw6nrmdC4NBvo5HXv59x
Mw4XxO+qqUI5EMYSAhgxFWO0c/gxfjgYWCd7KoYnVHBMsYx0tnhzJfDV+gKwBZe0
YuvzqxAfR95M7FNrhBldKCq8sBh0i4YbAgE/5Y19HKkBu9YznuRsbnRIpXsjJSFx
bSVNQT/sFFZJSl7jmQ8kMV9kQlUWNNKUsnKDrB+kKNrEQPK4EFzChRYD1pkb7eF8
UN7A6g9RZ0I/ku4n4epGVbp9DJz6EN8t4vad2VpzJ1Y/zC3knDczetUXrVYauNpG
xc8SuAYiI+MM3KCDbo1sVdpsyTkK8lDXab4AniBj83pmcidKZHsBigmRNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzpwXIX6DkEB0sQEqBcWcoCaLpiMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACgYJqHsg
kda7rk+tzIgTmO1unVUnAqTUOasi3LKCZVHgQ+ODOi0LXfNILtbPd27rrvlPYogZ
0/1vJ5m+RcEU/Zn5UWAv60su4cFhZUjSnJSiHQW8vLiB7NBWmiTzzkGBRWkeUVbI
XSQK43syWyNXIdVHf+HHsw+kaQoWAFVI0UDXUMHoJsLCi5Y7Bow+O/bieXEqTQod
oMwEEljCpgtlH4z4vUAkXjyOKKx+CeUdoyYXfheAWH3UIBPCP3xdxMxKsLQBjjvk
lznS7nIworrTJsnpXgtajWU/Ig8pjioV6IBBsOqX7WR+w671Cj7x0f2z6ecxXdwI
aP+IXREZfcnEOQ==
-----END CERTIFICATE-----