Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          qtLSBaEMOAjvfZ49nq5ZDgPCR7ILOW/qRXrREnts0T4=
Subject key identifier:   25:B2:8A:85:1A:1A:75:82:70:14:16:6D:08:A6:CC:81:D7:63:5E:54
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       0194BA842F09EAE56131F6375569739E854C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          30
Signing time:             Fri 31 Jan 2025 04:00:12 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:12 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:12 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: OGnSgs4k0kDX+v+NtIQ7uo8j8hDTx1oeajbFbjnU42M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:2f:09:ea:e5:61:31:f6:37:55:69:73:9e:85:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Jan 31 04:00:12 2025 GMT
            Not After : Feb  1 04:00:12 2025 GMT
        Subject: CN=25b28a851a1a75827014166d08a6cc81d7635e54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:7b:ee:f4:4f:83:19:a9:0b:47:57:ac:f2:d6:
                    92:7c:5d:5b:a8:14:bc:f2:f5:85:12:d0:f5:f2:1a:
                    68:d8:2f:6e:af:aa:3a:5d:97:3f:f7:7e:d3:4d:d7:
                    b1:b7:df:7c:3e:e3:ff:c9:77:6b:7c:cc:e1:3b:88:
                    3c:b1:db:f1:ac:4b:75:61:ca:06:bb:67:af:7e:f5:
                    56:21:ec:5f:a5:68:86:a6:8a:ab:ee:d9:19:1d:bc:
                    92:00:0d:9d:6b:81:1f:bb:e6:6d:e8:05:07:fd:79:
                    ee:02:ec:f6:95:5f:ce:22:c1:a6:36:6b:1c:77:c2:
                    12:f2:36:74:13:50:71:1e:aa:66:4f:cf:19:7b:9e:
                    40:cf:fe:de:25:73:a8:31:82:bd:d5:6c:35:40:5d:
                    54:88:69:7d:e3:bf:4f:33:2d:2f:f9:57:71:0c:21:
                    7f:dc:15:f3:2e:e5:c2:3c:46:50:db:4f:83:40:d4:
                    2d:e6:8a:e7:24:2e:a2:b9:5a:86:f6:7b:6f:f7:10:
                    96:11:64:e1:60:fc:e2:94:ce:e0:8c:f0:ee:99:b4:
                    6a:cb:61:8d:6d:a0:a7:a8:5e:ff:96:53:91:d4:63:
                    81:c6:af:a6:17:86:0c:f5:80:f8:1c:4c:b1:dc:d3:
                    4c:79:79:e4:35:4f:72:0f:b7:b3:be:46:ea:ac:52:
                    86:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B2:8A:85:1A:1A:75:82:70:14:16:6D:08:A6:CC:81:D7:63:5E:54
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:71:51:13:a6:d7:73:6f:cb:c6:73:75:e2:84:51:21:5f:6c:
         75:87:87:f2:1b:bf:8f:16:51:f8:28:cf:c5:74:c7:f3:87:11:
         71:87:ab:9c:a5:62:b2:95:6c:4f:06:05:e9:67:87:ab:32:bf:
         02:5c:bf:30:8b:93:0b:9e:d1:0f:3a:ff:dc:9a:73:39:73:2a:
         fb:b6:90:8d:3b:e1:61:e2:45:46:4c:60:46:f4:3b:60:2c:d2:
         bf:62:09:be:55:2b:2e:37:1d:c7:aa:2a:72:00:ea:23:41:0b:
         14:33:7c:c9:22:75:af:f1:91:b3:b3:60:ed:4c:18:dd:e8:fb:
         c7:45:ca:f9:fa:69:09:61:2a:8c:06:8e:32:bb:98:4c:13:ee:
         f7:b7:64:b9:c2:e1:35:f4:ec:f9:4f:c6:32:18:49:dd:ad:9b:
         c0:45:25:6e:25:8f:91:9b:9c:00:61:7e:38:20:9a:32:97:76:
         cd:20:8c:88:99:2f:61:98:88:84:91:65:63:fc:23:2e:2d:4c:
         b7:3c:85:ee:bc:36:6e:2f:40:99:f5:8a:ff:16:12:3d:ff:98:
         07:88:f2:18:90:be:c4:08:b1:f1:02:b5:29:04:b9:5e:dd:4f:
         97:7e:f9:f8:07:25:7d:0b:1b:39:37:07:a0:45:f9:89:20:d1:
         bd:5c:6f:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hC8J6uVhMfY3VWlznoVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwMTMxMDQwMDEyWhcNMjUwMjAxMDQwMDEyWjAzMTEwLwYDVQQD
EygyNWIyOGE4NTFhMWE3NTgyNzAxNDE2NmQwOGE2Y2M4MWQ3NjM1ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9nvu9E+DGakLR1es8taSfF1bqBS8
8vWFEtD18hpo2C9ur6o6XZc/937TTdext998PuP/yXdrfMzhO4g8sdvxrEt1YcoG
u2evfvVWIexfpWiGpoqr7tkZHbySAA2da4Efu+Zt6AUH/XnuAuz2lV/OIsGmNmsc
d8IS8jZ0E1BxHqpmT88Ze55Az/7eJXOoMYK91Ww1QF1UiGl9479PMy0v+VdxDCF/
3BXzLuXCPEZQ20+DQNQt5ornJC6iuVqG9ntv9xCWEWThYPzilM7gjPDumbRqy2GN
baCnqF7/llOR1GOBxq+mF4YM9YD4HEyx3NNMeXnkNU9yD7ezvkbqrFKGVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWyioUaGnWCcBQWbQimzIHXY15UMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU3FRE6bX
c2/LxnN14oRRIV9sdYeH8hu/jxZR+CjPxXTH84cRcYernKVispVsTwYF6WeHqzK/
Aly/MIuTC57RDzr/3JpzOXMq+7aQjTvhYeJFRkxgRvQ7YCzSv2IJvlUrLjcdx6oq
cgDqI0ELFDN8ySJ1r/GRs7Ng7UwY3ej7x0XK+fppCWEqjAaOMruYTBPu97dkucLh
NfTs+U/GMhhJ3a2bwEUlbiWPkZucAGF+OCCaMpd2zSCMiJkvYZiIhJFlY/wjLi1M
tzyF7rw2bi9AmfWK/xYSPf+YB4jyGJC+xAix8QK1KQS5Xt1Pl375+AclfQsbOTcH
oEX5iSDRvVxvtg==
-----END CERTIFICATE-----