Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          ThheWWJx6OwdZ/ILMs8tct/eAvEYKUzlpvndoBomRc8=
Subject key identifier:   69:39:BC:44:BC:E7:40:93:E9:2F:69:10:48:63:89:5F:85:29:7F:CF
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       019579B4DDFDF8AD60F4780D38F815C41F38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          93
Signing time:             Sun 09 Mar 2025 07:00:51 +0000
Manifest this update:     Sun 09 Mar 2025 07:00:51 +0000
Manifest next update:     Mon 10 Mar 2025 07:00:51 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: zLadIHSzjQiX+dVsDFMOb6z5tKOer2OlEvWrLWrrwlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:b4:dd:fd:f8:ad:60:f4:78:0d:38:f8:15:c4:1f:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Mar  9 07:00:51 2025 GMT
            Not After : Mar 10 07:00:51 2025 GMT
        Subject: CN=6939bc44bce74093e92f69104863895f85297fcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e3:e5:0d:c5:3c:a0:89:84:4f:de:bd:ae:f8:
                    d5:ad:8c:8c:45:30:be:dc:a8:86:8c:01:50:11:7d:
                    87:82:5e:33:57:e8:9a:ec:01:09:ea:2a:bb:19:c7:
                    5f:67:23:82:b2:dd:37:47:62:64:84:5f:82:f8:45:
                    93:b1:a2:9d:0f:88:22:7a:61:65:19:ea:c9:9e:f0:
                    79:00:8f:37:1a:c5:91:ad:01:91:84:c6:6d:4e:78:
                    50:73:4d:b5:d0:06:61:93:40:e0:2e:d4:6b:1b:08:
                    4e:f3:83:63:e7:30:3e:4a:95:b3:6e:1b:2f:1f:46:
                    14:fe:48:17:1b:4c:c4:59:cd:41:a6:6a:71:68:c7:
                    0c:62:ff:e8:4c:26:86:da:b1:d4:ea:61:55:72:b6:
                    db:e6:9e:02:8f:0b:b7:24:ac:be:41:0c:32:08:9c:
                    d7:76:f1:56:5e:28:d5:92:29:05:0d:43:24:ad:d1:
                    5e:9d:a0:c0:69:a0:b1:9c:c1:9b:d3:6f:ed:02:97:
                    a0:07:ea:f4:0a:4a:a0:24:02:2d:94:b5:06:1f:14:
                    65:8e:5c:40:cf:f5:89:99:80:f0:b3:4c:fd:a9:c7:
                    2e:86:11:a0:48:e0:b8:e9:8b:53:02:71:12:94:66:
                    c3:fa:83:96:37:4a:9b:4b:5d:0a:fb:4b:bc:d9:93:
                    e9:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:39:BC:44:BC:E7:40:93:E9:2F:69:10:48:63:89:5F:85:29:7F:CF
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:01:21:4a:1d:d4:fa:83:71:57:98:ea:7e:6d:d1:7e:8c:27:
         52:7a:b6:fb:01:92:a2:d4:bb:fa:64:27:0a:68:db:d3:fd:71:
         1c:72:ae:af:06:0a:8e:c3:a4:7a:55:aa:cb:b4:f0:03:51:01:
         7a:d1:66:cb:9d:c9:a6:01:d9:42:04:e3:03:31:95:f9:7d:33:
         aa:4b:f7:5e:48:c6:d9:18:4c:7f:25:e3:a2:cc:f5:8b:96:c8:
         17:e9:2e:d1:53:a2:88:1f:8d:0d:bf:3d:2d:02:dc:7b:64:b9:
         6a:cc:01:c0:99:c0:18:a7:fe:af:65:c1:dd:88:8e:f0:06:d2:
         7b:d4:10:65:93:a4:f4:da:5b:f4:e5:f7:70:d0:60:96:9c:a0:
         ef:8a:ca:7f:49:87:dc:03:3c:4b:12:26:48:9f:93:10:80:16:
         4f:a4:d0:48:d2:c8:16:c9:a0:d0:e4:7e:49:2c:a6:05:e7:b4:
         a3:65:dd:1c:f6:cd:a8:74:d6:21:e6:19:e8:76:54:1d:76:7e:
         41:8c:eb:b4:98:3f:32:7e:9e:f4:b3:93:9c:2b:db:dd:98:a2:
         13:1c:c2:09:31:e9:e2:ae:cf:5f:ec:7e:d3:ba:ba:2a:67:3d:
         eb:46:0f:b2:0c:9e:7b:0e:36:69:d0:77:55:33:01:36:ed:cf:
         ad:92:70:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5tN39+K1g9HgNOPgVxB84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwMzA5MDcwMDUxWhcNMjUwMzEwMDcwMDUxWjAzMTEwLwYDVQQD
Eyg2OTM5YmM0NGJjZTc0MDkzZTkyZjY5MTA0ODYzODk1Zjg1Mjk3ZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOPlDcU8oImET969rvjVrYyMRTC+
3KiGjAFQEX2Hgl4zV+ia7AEJ6iq7GcdfZyOCst03R2JkhF+C+EWTsaKdD4giemFl
GerJnvB5AI83GsWRrQGRhMZtTnhQc0210AZhk0DgLtRrGwhO84Nj5zA+SpWzbhsv
H0YU/kgXG0zEWc1BpmpxaMcMYv/oTCaG2rHU6mFVcrbb5p4Cjwu3JKy+QQwyCJzX
dvFWXijVkikFDUMkrdFenaDAaaCxnMGb02/tApegB+r0CkqgJAItlLUGHxRljlxA
z/WJmYDws0z9qccuhhGgSOC46YtTAnESlGbD+oOWN0qbS10K+0u82ZPpdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGk5vES850CT6S9pEEhjiV+FKX/PMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAagEhSh3U
+oNxV5jqfm3RfownUnq2+wGSotS7+mQnCmjb0/1xHHKurwYKjsOkelWqy7TwA1EB
etFmy53JpgHZQgTjAzGV+X0zqkv3XkjG2RhMfyXjosz1i5bIF+ku0VOiiB+NDb89
LQLce2S5aswBwJnAGKf+r2XB3YiO8AbSe9QQZZOk9Npb9OX3cNBglpyg74rKf0mH
3AM8SxImSJ+TEIAWT6TQSNLIFsmg0OR+SSymBee0o2XdHPbNqHTWIeYZ6HZUHXZ+
QYzrtJg/Mn6e9LOTnCvb3ZiiExzCCTHp4q7PX+x+07q6Kmc960YPsgyeew42adB3
VTMBNu3PrZJw/Q==
-----END CERTIFICATE-----