Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          NbT9IDek+dZ/PcVuh6aT0xW1lsBguMTewuIma9uTPx8=
Subject key identifier:   3B:27:EE:27:7F:3A:D1:A4:95:3C:B3:AA:74:30:51:1E:68:3C:AE:91
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       01984A0A6F0B69E6D42FCBFB4C662B692CAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          0208
Signing time:             Sun 27 Jul 2025 04:00:54 +0000
Manifest this update:     Sun 27 Jul 2025 04:00:54 +0000
Manifest next update:     Mon 28 Jul 2025 04:00:54 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: rEDHofJO1O8T6tFBhYKBRk/CBrKVuooaaYiIoInHOFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:0a:6f:0b:69:e6:d4:2f:cb:fb:4c:66:2b:69:2c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Jul 27 04:00:54 2025 GMT
            Not After : Jul 28 04:00:54 2025 GMT
        Subject: CN=3b27ee277f3ad1a4953cb3aa7430511e683cae91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a7:d1:51:b7:ff:b1:c2:a3:c3:41:91:d6:57:
                    05:66:0f:98:ec:a9:f2:26:0a:1b:b4:e8:90:e4:38:
                    09:ba:2b:62:21:ae:e4:e4:33:87:f4:5a:af:ed:c6:
                    0b:99:c9:c7:a1:98:1a:c8:3c:9d:07:1f:c9:2c:0b:
                    56:72:0d:86:56:cc:e3:a9:b9:0e:67:3c:8c:8c:1d:
                    48:63:bd:5c:42:c7:ad:a4:0b:ec:53:6e:9c:0a:ec:
                    3e:c9:f2:17:d9:ab:45:0a:59:be:a0:b2:17:07:5e:
                    a0:e1:6c:e2:0a:33:24:a5:be:3b:4e:2c:73:64:d3:
                    94:ad:67:89:dc:e9:28:03:04:b0:07:1a:77:47:d8:
                    70:1a:72:5d:45:12:ed:6f:6d:30:fd:84:66:41:c8:
                    c0:e1:0c:3e:88:d9:21:3f:98:6a:2a:c9:a7:84:69:
                    02:3f:72:3c:21:43:34:d0:82:88:71:bd:5c:6e:e0:
                    b7:28:9a:41:4e:65:89:14:a4:b3:3c:72:e3:66:ea:
                    58:ec:0e:d5:8c:2e:64:f2:69:37:55:fb:85:12:0a:
                    a8:4f:7d:5e:6e:79:42:52:44:c3:9c:70:ab:73:4f:
                    49:07:2d:8a:4e:2b:54:60:ce:e5:b2:02:45:01:af:
                    53:5b:e4:f1:04:a4:b9:08:54:25:47:b0:13:bb:d1:
                    6f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:27:EE:27:7F:3A:D1:A4:95:3C:B3:AA:74:30:51:1E:68:3C:AE:91
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:ea:af:b1:d3:9f:23:6d:2a:23:f6:74:ff:8c:61:1d:af:c9:
         52:fa:00:ea:9a:43:28:9c:03:97:d7:8f:16:8f:26:b4:28:ab:
         dc:9b:f5:8e:ce:66:94:60:9b:7c:47:fa:ca:32:63:6b:cb:30:
         bc:43:9d:1c:b9:4e:59:02:fa:28:f1:a8:0e:2d:fb:b8:1a:97:
         b8:84:97:03:fb:aa:2a:da:5f:9d:52:42:e5:02:a1:6a:e0:a1:
         4e:f6:ce:85:4f:85:a3:f7:a5:8c:be:11:9a:49:6d:d3:3a:07:
         e2:1b:05:1d:6a:7d:fe:27:fe:11:66:a7:db:f6:00:75:f2:f6:
         13:d6:53:b8:c6:a5:55:b0:14:09:7c:95:96:1c:ef:dd:38:58:
         74:ab:b7:67:69:27:c6:6b:ba:a8:21:5b:85:6c:75:b7:fb:3e:
         a9:7f:01:eb:4f:eb:01:05:1b:6e:3f:c1:7f:71:7c:0c:b4:f9:
         db:8c:48:32:a5:27:dd:8e:64:4b:15:94:9f:3a:10:b8:4a:54:
         bf:a6:ce:3c:09:da:a1:dd:8c:05:d4:c9:31:b5:be:2b:b5:5f:
         e7:93:9d:58:a5:91:67:c7:88:44:48:ce:c8:b3:2a:16:c8:48:
         58:3c:05:0b:ce:08:b2:03:a8:f8:76:36:88:51:ca:1c:c9:93:
         a5:d4:b3:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKCm8LaebUL8v7TGYraSyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwNzI3MDQwMDU0WhcNMjUwNzI4MDQwMDU0WjAzMTEwLwYDVQQD
EygzYjI3ZWUyNzdmM2FkMWE0OTUzY2IzYWE3NDMwNTExZTY4M2NhZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxafRUbf/scKjw0GR1lcFZg+Y7Kny
JgobtOiQ5DgJuitiIa7k5DOH9Fqv7cYLmcnHoZgayDydBx/JLAtWcg2GVszjqbkO
ZzyMjB1IY71cQsetpAvsU26cCuw+yfIX2atFClm+oLIXB16g4WziCjMkpb47Tixz
ZNOUrWeJ3OkoAwSwBxp3R9hwGnJdRRLtb20w/YRmQcjA4Qw+iNkhP5hqKsmnhGkC
P3I8IUM00IKIcb1cbuC3KJpBTmWJFKSzPHLjZupY7A7VjC5k8mk3VfuFEgqoT31e
bnlCUkTDnHCrc09JBy2KTitUYM7lsgJFAa9TW+TxBKS5CFQlR7ATu9FvTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsn7id/OtGklTyzqnQwUR5oPK6RMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFuqvsdOf
I20qI/Z0/4xhHa/JUvoA6ppDKJwDl9ePFo8mtCir3Jv1js5mlGCbfEf6yjJja8sw
vEOdHLlOWQL6KPGoDi37uBqXuISXA/uqKtpfnVJC5QKhauChTvbOhU+Fo/eljL4R
mklt0zoH4hsFHWp9/if+EWan2/YAdfL2E9ZTuMalVbAUCXyVlhzv3ThYdKu3Z2kn
xmu6qCFbhWx1t/s+qX8B60/rAQUbbj/Bf3F8DLT524xIMqUn3Y5kSxWUnzoQuEpU
v6bOPAnaod2MBdTJMbW+K7Vf55OdWKWRZ8eIREjOyLMqFshIWDwFC84IsgOo+HY2
iFHKHMmTpdSznw==
-----END CERTIFICATE-----