Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          lNkcD1KchqgmzVxJidIlIB7ocez0zwnJiL3gK9K/IUA=
Subject key identifier:   42:3D:3B:28:FE:A6:E9:96:AB:55:65:24:AE:A6:DC:D7:31:A2:48:23
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       0198917EC28C0B1C06D1917A19F8F0F38B8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          022D
Signing time:             Sun 10 Aug 2025 01:01:00 +0000
Manifest this update:     Sun 10 Aug 2025 01:01:00 +0000
Manifest next update:     Mon 11 Aug 2025 01:01:00 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: jDqFDYLQdkNP7vsKLI8d5WsoxcGz4Otx5e/Z8eSuhbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:91:7e:c2:8c:0b:1c:06:d1:91:7a:19:f8:f0:f3:8b:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Aug 10 01:01:00 2025 GMT
            Not After : Aug 11 01:01:00 2025 GMT
        Subject: CN=423d3b28fea6e996ab556524aea6dcd731a24823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:17:de:0b:ee:42:b1:7c:4c:ed:3a:93:0f:c6:
                    03:bf:2a:0f:ff:84:91:38:e3:b6:9c:32:2c:7d:8f:
                    ad:33:64:e8:5e:98:7c:d0:f1:a2:b4:ee:3e:54:a7:
                    d8:51:0c:a2:ab:ee:55:ed:39:ec:29:8e:8f:33:dd:
                    d3:92:a4:29:f4:ed:a2:f4:1f:c2:ab:07:7c:83:51:
                    c2:3c:b9:4f:50:a1:69:75:42:74:bc:88:30:70:cf:
                    12:df:c5:03:ed:bc:ef:37:ac:0a:d9:5d:e3:83:9b:
                    c7:0c:e9:98:ec:aa:6d:f1:1a:0d:16:16:7e:73:69:
                    a3:12:1a:91:c6:6c:29:94:2e:7b:19:69:b0:26:67:
                    ef:6c:59:5d:27:ff:b6:fc:de:0d:18:7e:14:ee:4c:
                    9a:a8:c7:e6:90:08:75:09:25:98:0c:d0:c2:9b:35:
                    4a:84:26:fa:87:a6:10:6a:60:3e:c4:0f:80:b9:2d:
                    dd:d0:0f:7e:a8:4b:e3:dd:d3:cb:fc:35:28:a2:5b:
                    ac:63:5d:db:e3:9b:ef:17:c4:2b:82:24:87:1f:0c:
                    95:3b:03:0a:bc:d5:e6:71:91:d3:fa:6a:10:a0:f0:
                    59:e0:6a:34:a5:4b:4a:64:5c:5e:69:0f:69:8f:aa:
                    77:41:c5:0f:60:18:ab:ad:bb:87:b2:ac:a3:25:1d:
                    01:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3D:3B:28:FE:A6:E9:96:AB:55:65:24:AE:A6:DC:D7:31:A2:48:23
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:fe:39:91:d5:bb:fe:fc:8a:1a:c2:03:c2:b8:48:00:98:e6:
         3e:76:f2:9d:f5:96:d6:3b:2b:57:38:f4:a3:f5:a1:84:d1:a3:
         79:b6:cb:a0:91:82:c3:e3:b2:42:a0:2b:ac:93:c8:c4:8a:ec:
         7e:82:f6:7d:11:68:bb:28:ad:6c:5e:f0:fb:3a:be:ef:10:75:
         50:a2:cf:4f:30:e0:b7:1c:29:4d:35:ee:02:9b:b2:6f:a3:ab:
         74:b3:ca:f3:16:85:19:89:97:aa:31:5a:e7:e0:6d:fb:fa:90:
         0c:b6:bf:02:c7:33:79:d7:43:77:5f:b3:63:c6:4f:1a:4c:6b:
         5d:60:84:3b:de:5d:3c:45:ca:2a:a0:8f:40:97:09:60:64:80:
         f6:3b:7c:fc:16:ff:19:58:21:ea:2c:9c:bb:5b:35:45:6e:92:
         a8:0b:c9:7c:9e:e3:8e:6b:7c:a4:5e:46:dc:fd:ae:13:fa:8c:
         34:ff:96:e1:1d:e9:20:d2:d3:33:e6:51:ee:41:dd:b9:24:6f:
         73:82:91:67:93:ec:15:bc:c5:a4:8b:d2:20:be:fb:4f:26:b1:
         76:4d:20:a9:d9:a4:13:a3:bb:68:48:a2:7f:40:4a:e4:fe:d9:
         67:44:42:89:49:80:6a:a0:a3:b9:19:5a:32:f5:2d:d7:c9:06:
         50:32:31:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRfsKMCxwG0ZF6Gfjw84uKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwODEwMDEwMTAwWhcNMjUwODExMDEwMTAwWjAzMTEwLwYDVQQD
Eyg0MjNkM2IyOGZlYTZlOTk2YWI1NTY1MjRhZWE2ZGNkNzMxYTI0ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxfeC+5CsXxM7TqTD8YDvyoP/4SR
OOO2nDIsfY+tM2ToXph80PGitO4+VKfYUQyiq+5V7TnsKY6PM93TkqQp9O2i9B/C
qwd8g1HCPLlPUKFpdUJ0vIgwcM8S38UD7bzvN6wK2V3jg5vHDOmY7Kpt8RoNFhZ+
c2mjEhqRxmwplC57GWmwJmfvbFldJ/+2/N4NGH4U7kyaqMfmkAh1CSWYDNDCmzVK
hCb6h6YQamA+xA+AuS3d0A9+qEvj3dPL/DUoolusY13b45vvF8QrgiSHHwyVOwMK
vNXmcZHT+moQoPBZ4Go0pUtKZFxeaQ9pj6p3QcUPYBirrbuHsqyjJR0BDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEI9Oyj+pumWq1VlJK6m3NcxokgjMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPv45kdW7
/vyKGsIDwrhIAJjmPnbynfWW1jsrVzj0o/WhhNGjebbLoJGCw+OyQqArrJPIxIrs
foL2fRFouyitbF7w+zq+7xB1UKLPTzDgtxwpTTXuApuyb6OrdLPK8xaFGYmXqjFa
5+Bt+/qQDLa/AsczeddDd1+zY8ZPGkxrXWCEO95dPEXKKqCPQJcJYGSA9jt8/Bb/
GVgh6iycu1s1RW6SqAvJfJ7jjmt8pF5G3P2uE/qMNP+W4R3pINLTM+ZR7kHduSRv
c4KRZ5PsFbzFpIvSIL77Tyaxdk0gqdmkE6O7aEiif0BK5P7ZZ0RCiUmAaqCjuRla
MvUt18kGUDIxgA==
-----END CERTIFICATE-----