Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          YHM+71rfhiRMYfI/V+xN9vJ0mxo7W4qDe8yeRmo1ct0=
Subject key identifier:   0A:C0:67:0D:45:2A:DD:86:5B:C4:16:D4:E5:6F:E7:66:16:AF:B5:53
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       019749313C04DFD548275ABD1673B5940178
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          0183
Signing time:             Sat 07 Jun 2025 07:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:52 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: 7+0/L5v5xClAQ9ZtOY1qRn10wbgXYl55X1jMrGe8Zqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:3c:04:df:d5:48:27:5a:bd:16:73:b5:94:01:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Jun  7 07:00:52 2025 GMT
            Not After : Jun  8 07:00:52 2025 GMT
        Subject: CN=0ac0670d452add865bc416d4e56fe76616afb553
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:c6:c1:2d:4b:fd:f4:92:b9:90:02:46:a3:d9:
                    67:15:35:fd:05:7e:bc:42:15:e1:6e:cc:ec:b9:13:
                    64:25:10:47:81:ea:d3:fb:b6:3e:34:e3:2d:d1:d2:
                    fd:ad:53:d5:ad:05:f2:b0:d0:45:ed:a6:b3:43:db:
                    da:d3:c9:d5:cd:6b:4a:7f:24:99:c7:c7:84:28:ee:
                    41:0b:33:e9:2d:4a:66:4d:fd:48:73:2f:7e:44:26:
                    d8:7b:ef:91:86:4b:ba:fc:86:9a:4d:8c:b8:62:8e:
                    1d:8f:0f:29:e8:0f:18:e8:c8:61:2a:78:20:b8:a4:
                    bb:77:0b:42:8a:c6:aa:91:45:ad:d1:68:a3:45:d1:
                    34:41:b6:bf:a0:82:e2:9c:52:11:52:2c:44:e0:f9:
                    e0:2f:34:fb:c1:00:f0:d7:31:a0:63:22:ea:72:f6:
                    25:74:4a:d2:7d:33:9f:bd:c3:1f:b5:52:ca:56:b3:
                    1c:ee:d3:ae:00:97:f4:0f:00:9b:eb:b9:ac:ff:07:
                    86:fd:73:51:1b:41:a6:b7:1e:00:65:48:2e:b7:58:
                    95:26:86:79:cd:4a:f3:0f:7d:30:10:34:86:c3:9c:
                    04:d4:8f:2c:80:db:44:40:22:11:ea:e9:89:07:7c:
                    fe:fc:70:ba:90:74:0b:b8:98:66:10:9a:57:0b:8f:
                    51:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:C0:67:0D:45:2A:DD:86:5B:C4:16:D4:E5:6F:E7:66:16:AF:B5:53
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:fc:52:0f:01:bd:74:7a:46:9c:aa:1c:4b:af:3f:d6:a6:89:
         41:ad:c6:3c:3b:80:62:76:9f:e3:71:41:6b:ca:62:4c:fa:c3:
         c5:15:de:11:21:d6:1d:ea:8b:aa:19:e0:23:31:16:fc:95:c5:
         94:48:50:78:55:56:b1:13:65:29:3e:61:c2:e7:67:89:e8:f0:
         5d:6f:94:db:4f:e8:fd:f9:23:51:eb:03:aa:f2:ad:b0:39:24:
         e3:51:27:a5:99:a3:6b:e3:23:20:96:f2:97:f2:0f:b2:de:c9:
         2b:94:15:44:f7:02:7e:7e:33:a1:54:60:13:91:9f:70:58:ef:
         1a:41:41:47:07:6c:bf:65:62:d5:56:e1:eb:fc:03:96:3b:29:
         24:38:e9:b4:bf:af:82:e9:37:45:39:9a:b9:80:6f:dd:06:64:
         f6:0c:f0:47:26:ac:82:28:e8:0b:0b:c1:e5:26:f4:72:40:42:
         7c:62:79:5d:18:27:f2:37:b2:ea:fb:41:98:1d:a9:ed:0a:fe:
         65:46:84:5d:a9:f5:ec:5f:dd:8b:8b:08:83:00:46:28:d7:21:
         6d:3f:14:37:ed:2b:b0:c0:9c:41:f4:17:f5:69:d9:72:70:65:
         03:af:c8:c5:51:d4:ff:a3:76:9a:39:43:72:3c:bb:a2:02:6a:
         71:ad:3b:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMTwE39VIJ1q9FnO1lAF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwNjA3MDcwMDUyWhcNMjUwNjA4MDcwMDUyWjAzMTEwLwYDVQQD
EygwYWMwNjcwZDQ1MmFkZDg2NWJjNDE2ZDRlNTZmZTc2NjE2YWZiNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48bBLUv99JK5kAJGo9lnFTX9BX68
QhXhbszsuRNkJRBHgerT+7Y+NOMt0dL9rVPVrQXysNBF7aazQ9va08nVzWtKfySZ
x8eEKO5BCzPpLUpmTf1Icy9+RCbYe++Rhku6/IaaTYy4Yo4djw8p6A8Y6MhhKngg
uKS7dwtCisaqkUWt0WijRdE0Qba/oILinFIRUixE4PngLzT7wQDw1zGgYyLqcvYl
dErSfTOfvcMftVLKVrMc7tOuAJf0DwCb67ms/weG/XNRG0Gmtx4AZUgut1iVJoZ5
zUrzD30wEDSGw5wE1I8sgNtEQCIR6umJB3z+/HC6kHQLuJhmEJpXC49R3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArAZw1FKt2GW8QW1OVv52YWr7VTMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvxSDwG9
dHpGnKocS68/1qaJQa3GPDuAYnaf43FBa8piTPrDxRXeESHWHeqLqhngIzEW/JXF
lEhQeFVWsRNlKT5hwudniejwXW+U20/o/fkjUesDqvKtsDkk41EnpZmja+MjIJby
l/IPst7JK5QVRPcCfn4zoVRgE5GfcFjvGkFBRwdsv2Vi1Vbh6/wDljspJDjptL+v
guk3RTmauYBv3QZk9gzwRyasgijoCwvB5Sb0ckBCfGJ5XRgn8jey6vtBmB2p7Qr+
ZUaEXan17F/di4sIgwBGKNchbT8UN+0rsMCcQfQX9WnZcnBlA6/IxVHU/6N2mjlD
cjy7ogJqca07hQ==
-----END CERTIFICATE-----