Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft
File:                     OlVdhNzX3bZAaRuUDHygl3KIocQ.mft (raw, json)
Hash identifier:          4U4O7uMLOyjEg65A60fjR0RFHlonRiKrGQPyU/I/BKQ=
Subject key identifier:   8F:42:A3:54:D7:6E:BE:0B:E9:02:7A:F0:35:5B:11:8B:2F:0C:05:46
Authority key identifier: 3A:55:5D:84:DC:D7:DD:B6:40:69:1B:94:0C:7C:A0:97:72:88:A1:C4
Certificate issuer:       /CN=3a555d84dcd7ddb640691b940c7ca0977288a1c4
Certificate serial:       01974A7B5C89163E16CBFB5AE057F937B94D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OlVdhNzX3bZAaRuUDHygl3KIocQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft
Manifest number:          089B
Signing time:             Sat 07 Jun 2025 13:01:28 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:28 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:28 +0000
Files and hashes:         1: OlVdhNzX3bZAaRuUDHygl3KIocQ.crl (hash: xQ+ulYc5Bd6K5pBMLBvQAQB/KHrSQ2fVI6PvUhK4r1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OlVdhNzX3bZAaRuUDHygl3KIocQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:5c:89:16:3e:16:cb:fb:5a:e0:57:f9:37:b9:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a555d84dcd7ddb640691b940c7ca0977288a1c4
        Validity
            Not Before: Jun  7 13:01:28 2025 GMT
            Not After : Jun  8 13:01:28 2025 GMT
        Subject: CN=8f42a354d76ebe0be9027af0355b118b2f0c0546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:24:3e:c6:92:1e:5d:d8:a9:08:d2:91:ab:1f:
                    e2:d1:08:2b:e0:dd:e5:1f:6b:9b:c5:29:5e:7c:92:
                    88:ae:f3:e0:ed:85:98:47:ed:c6:06:0d:56:62:58:
                    b3:2c:0f:85:69:e4:58:4c:95:ad:af:1c:a2:a6:07:
                    48:4e:0a:aa:bf:95:8f:c3:95:70:5b:8c:cf:58:3b:
                    ca:ba:fd:80:da:e0:54:96:fe:8b:6b:38:b0:55:73:
                    a7:23:20:56:90:2a:0f:3e:0e:ce:d8:11:27:be:29:
                    0f:71:a3:81:90:e1:50:13:14:a7:9d:bd:01:df:d1:
                    ec:f7:2f:e4:43:7c:d2:65:7f:23:9f:81:d6:b9:a8:
                    6f:d3:43:e7:bd:42:74:89:85:01:fd:0a:56:bf:c4:
                    da:79:28:4d:b6:f0:36:a5:5b:fd:1d:a2:8e:5c:7f:
                    bf:99:40:1c:d0:f8:8a:b7:35:c8:dd:83:57:8e:b3:
                    61:25:47:14:b4:b3:96:a0:f5:6a:e2:b5:a3:ca:d3:
                    29:e8:77:99:d5:94:7d:33:4e:15:4c:71:79:f0:54:
                    6b:e2:2f:7f:c7:85:ca:e5:98:e5:77:4f:2c:77:5d:
                    37:a5:6c:77:3e:f7:b7:65:3e:87:0e:59:43:0b:c9:
                    e4:ae:5c:73:8e:2c:58:ac:40:ec:f7:3f:02:03:33:
                    13:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:42:A3:54:D7:6E:BE:0B:E9:02:7A:F0:35:5B:11:8B:2F:0C:05:46
            X509v3 Authority Key Identifier:
                keyid:3A:55:5D:84:DC:D7:DD:B6:40:69:1B:94:0C:7C:A0:97:72:88:A1:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OlVdhNzX3bZAaRuUDHygl3KIocQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9ad081-da5a-42a4-a430-1e67170dfbba/1/OlVdhNzX3bZAaRuUDHygl3KIocQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:b5:0b:44:10:db:dc:a3:59:13:31:c7:af:ea:08:68:c5:e9:
         53:fd:77:a3:e3:c3:d0:ea:67:1c:ae:1f:7e:c1:93:22:0f:c6:
         50:9f:03:f8:30:b4:f0:0e:9f:a0:57:b9:8d:30:ce:05:c3:76:
         4e:88:4b:42:07:e9:9f:4e:04:53:4e:62:6b:c5:71:69:47:60:
         35:11:70:2d:ec:c2:29:3f:a3:b1:66:59:47:7b:f6:92:dc:03:
         d5:55:e5:73:59:e1:63:4f:e8:d3:2a:bf:56:0c:db:fd:5a:e1:
         3e:79:cf:f4:3e:84:50:6d:eb:ac:05:ec:20:1a:b0:3c:b9:f6:
         1f:86:16:a7:37:23:2f:71:9c:e6:c2:eb:7a:db:6e:30:df:80:
         49:10:d0:05:ff:a4:48:1d:29:52:7b:50:5b:b4:7e:95:1c:59:
         7e:94:19:c5:be:29:29:a2:89:56:ff:8d:f8:b8:58:2e:3f:fd:
         45:7b:19:2c:ba:79:e9:39:94:87:2e:99:df:06:d6:93:5f:4e:
         49:98:17:f6:13:2a:f6:01:33:c3:30:26:f7:79:df:39:3d:ee:
         7e:2d:b3:24:1c:4f:e7:59:54:a0:a8:23:54:8e:75:2b:05:2c:
         df:ea:03:3d:8b:83:7d:22:67:19:e9:49:bb:3b:28:1e:fb:2e:
         7f:0a:f9:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe1yJFj4Wy/ta4Ff5N7lNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNTU1ZDg0ZGNkN2RkYjY0MDY5MWI5NDBjN2NhMDk3NzI4
OGExYzQwHhcNMjUwNjA3MTMwMTI4WhcNMjUwNjA4MTMwMTI4WjAzMTEwLwYDVQQD
Eyg4ZjQyYTM1NGQ3NmViZTBiZTkwMjdhZjAzNTViMTE4YjJmMGMwNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyQ+xpIeXdipCNKRqx/i0Qgr4N3l
H2ubxSlefJKIrvPg7YWYR+3GBg1WYlizLA+FaeRYTJWtrxyipgdITgqqv5WPw5Vw
W4zPWDvKuv2A2uBUlv6LaziwVXOnIyBWkCoPPg7O2BEnvikPcaOBkOFQExSnnb0B
39Hs9y/kQ3zSZX8jn4HWuahv00PnvUJ0iYUB/QpWv8TaeShNtvA2pVv9HaKOXH+/
mUAc0PiKtzXI3YNXjrNhJUcUtLOWoPVq4rWjytMp6HeZ1ZR9M04VTHF58FRr4i9/
x4XK5Zjld08sd103pWx3Pve3ZT6HDllDC8nkrlxzjixYrEDs9z8CAzMTAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9Co1TXbr4L6QJ68DVbEYsvDAVGMB8GA1UdIwQY
MBaAFDpVXYTc1922QGkblAx8oJdyiKHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2xWZGhOelgzYlpBYVJ1VURIeWdsM0tJb2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy85YWQwODEtZGE1YS00MmE0LWE0MzAt
MWU2NzE3MGRmYmJhLzEvT2xWZGhOelgzYlpBYVJ1VURIeWdsM0tJb2NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy85YWQwODEtZGE1YS00MmE0LWE0MzAtMWU2NzE3MGRmYmJh
LzEvT2xWZGhOelgzYlpBYVJ1VURIeWdsM0tJb2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbULRBDb
3KNZEzHHr+oIaMXpU/13o+PD0OpnHK4ffsGTIg/GUJ8D+DC08A6foFe5jTDOBcN2
TohLQgfpn04EU05ia8VxaUdgNRFwLezCKT+jsWZZR3v2ktwD1VXlc1nhY0/o0yq/
Vgzb/VrhPnnP9D6EUG3rrAXsIBqwPLn2H4YWpzcjL3Gc5sLrettuMN+ASRDQBf+k
SB0pUntQW7R+lRxZfpQZxb4pKaKJVv+N+LhYLj/9RXsZLLp56TmUhy6Z3wbWk19O
SZgX9hMq9gEzwzAm93nfOT3ufi2zJBxP51lUoKgjVI51KwUs3+oDPYuDfSJnGelJ
uzsoHvsufwr5vg==
-----END CERTIFICATE-----