Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          EMeMVxoFJbMJ8kOQDrS7PDUyeAEsz/O8nbAoGbFJ4pY=
Subject key identifier:   87:0F:2F:CC:BE:80:4E:11:DA:EB:BB:97:E6:6A:1A:04:80:94:DD:7B
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       01976D3DD6980E68CE09A2B0FE4DD142AC54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          04EB
Signing time:             Sat 14 Jun 2025 07:00:58 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:58 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:58 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: KnjZJkM+9Rvnkw85P1b9kNcGAIwInBjNVL1dbCoh1rM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:d6:98:0e:68:ce:09:a2:b0:fe:4d:d1:42:ac:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Jun 14 07:00:58 2025 GMT
            Not After : Jun 15 07:00:58 2025 GMT
        Subject: CN=870f2fccbe804e11daebbb97e66a1a048094dd7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:31:2a:44:7b:b3:95:c0:a0:2e:16:db:0d:9c:
                    b7:c3:be:e0:6a:b4:30:cc:50:e6:f9:ae:35:3e:a3:
                    b1:8a:f3:e5:0e:25:91:71:0f:a1:dd:fe:f5:a5:b0:
                    6a:d6:8b:d8:47:83:f6:19:56:50:67:75:20:29:93:
                    0d:52:ad:31:eb:1d:a5:8a:9c:66:02:eb:61:b6:d6:
                    30:aa:05:e2:9a:79:a0:09:5f:62:dc:e2:2d:c4:a0:
                    1a:ab:6a:4b:39:60:9d:96:f2:db:d8:d4:55:ed:0c:
                    7e:c4:15:24:13:a0:2c:ba:8d:39:71:c0:2c:67:e5:
                    ed:81:2c:4d:f0:09:8a:27:75:9d:e8:73:20:35:79:
                    9d:50:38:cb:a8:3f:ed:c7:d4:61:f2:50:f1:6f:b2:
                    56:89:6e:b2:c3:6a:40:1f:f0:b4:08:cd:06:43:b2:
                    16:70:da:64:67:69:f1:90:39:77:3a:a5:a9:f2:c4:
                    9f:0e:a7:c6:eb:f0:71:a0:fc:98:de:5f:aa:10:19:
                    78:d5:d6:cf:eb:57:91:8b:86:f6:e3:71:30:db:2a:
                    31:45:be:04:35:86:b1:17:95:bf:13:9e:bf:47:af:
                    60:61:b7:84:6e:41:03:c7:13:08:60:6e:9f:3b:be:
                    64:52:72:ba:40:00:94:75:f0:9c:7e:35:cf:c8:d5:
                    d4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0F:2F:CC:BE:80:4E:11:DA:EB:BB:97:E6:6A:1A:04:80:94:DD:7B
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:a3:e8:41:7f:7b:36:6f:48:1c:a1:e7:87:af:46:e9:b2:fa:
         09:ca:3b:5e:de:a3:08:c7:c2:53:96:7a:9b:4f:3e:76:56:7d:
         40:f2:0c:07:7c:66:9b:a8:85:0c:30:4f:9b:13:0f:61:99:da:
         17:63:21:8f:63:46:bb:89:22:db:d1:d6:fe:dc:29:5e:2d:a4:
         71:fc:e9:8f:14:e1:20:73:ac:2c:9d:a7:3a:48:8b:2d:5e:25:
         07:98:12:7b:8d:e5:07:a7:17:e3:7b:e6:a1:16:c6:05:1c:c4:
         dd:e1:d6:1d:1e:67:0f:cf:10:fe:57:de:09:3c:e6:80:d7:3c:
         27:cd:64:a5:42:a8:c4:6f:83:76:40:65:a4:6d:0c:db:11:c2:
         d8:5d:cf:ab:3a:00:7b:fa:66:b9:19:ef:03:c9:af:87:ac:b0:
         10:b0:87:2e:7f:54:bb:21:2a:06:91:87:67:df:7d:c9:2f:54:
         96:3b:94:65:97:6a:1f:9a:b2:47:b9:8e:86:35:1a:ac:53:5e:
         a6:7a:7e:56:2f:65:b6:12:32:e7:e4:51:e5:dd:e6:52:9b:cc:
         84:b4:75:aa:22:6b:12:c9:97:97:77:2f:e8:ed:54:7c:be:d4:
         80:36:6e:b7:58:a5:ca:4a:da:23:f2:c6:3e:d7:89:d1:b4:ad:
         fa:d4:d0:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPdaYDmjOCaKw/k3RQqxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUwNjE0MDcwMDU4WhcNMjUwNjE1MDcwMDU4WjAzMTEwLwYDVQQD
Eyg4NzBmMmZjY2JlODA0ZTExZGFlYmJiOTdlNjZhMWEwNDgwOTRkZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzEqRHuzlcCgLhbbDZy3w77garQw
zFDm+a41PqOxivPlDiWRcQ+h3f71pbBq1ovYR4P2GVZQZ3UgKZMNUq0x6x2lipxm
AuthttYwqgXimnmgCV9i3OItxKAaq2pLOWCdlvLb2NRV7Qx+xBUkE6Asuo05ccAs
Z+XtgSxN8AmKJ3Wd6HMgNXmdUDjLqD/tx9Rh8lDxb7JWiW6yw2pAH/C0CM0GQ7IW
cNpkZ2nxkDl3OqWp8sSfDqfG6/BxoPyY3l+qEBl41dbP61eRi4b243Ew2yoxRb4E
NYaxF5W/E56/R69gYbeEbkEDxxMIYG6fO75kUnK6QACUdfCcfjXPyNXUIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcPL8y+gE4R2uu7l+ZqGgSAlN17MB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU6PoQX97
Nm9IHKHnh69G6bL6Cco7Xt6jCMfCU5Z6m08+dlZ9QPIMB3xmm6iFDDBPmxMPYZna
F2Mhj2NGu4ki29HW/twpXi2kcfzpjxThIHOsLJ2nOkiLLV4lB5gSe43lB6cX43vm
oRbGBRzE3eHWHR5nD88Q/lfeCTzmgNc8J81kpUKoxG+DdkBlpG0M2xHC2F3PqzoA
e/pmuRnvA8mvh6ywELCHLn9UuyEqBpGHZ999yS9UljuUZZdqH5qyR7mOhjUarFNe
pnp+Vi9lthIy5+RR5d3mUpvMhLR1qiJrEsmXl3cv6O1UfL7UgDZut1ilykraI/LG
PteJ0bSt+tTQGQ==
-----END CERTIFICATE-----