Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          uwFe8GuyQVJK438iZ4YL2MSerjpjHmHVZUvmX5DgGAU=
Subject key identifier:   25:79:1C:82:08:C7:26:51:88:9B:EA:AC:55:00:21:D1:9C:F6:01:95
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019849653FDFBE383CB14BD6D431909E1155
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          0A0D
Signing time:             Sun 27 Jul 2025 01:00:28 +0000
Manifest this update:     Sun 27 Jul 2025 01:00:28 +0000
Manifest next update:     Mon 28 Jul 2025 01:00:28 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: CTZTDIA/JY944nkd1ESFfrcThds02rzVTPMhzDaisvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:65:3f:df:be:38:3c:b1:4b:d6:d4:31:90:9e:11:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: Jul 27 01:00:28 2025 GMT
            Not After : Jul 28 01:00:28 2025 GMT
        Subject: CN=25791c8208c72651889beaac550021d19cf60195
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:46:6a:40:0a:43:c9:23:cb:e8:2e:90:dc:95:
                    ff:eb:8e:0c:d0:e3:16:72:ae:b9:cd:dc:9a:1b:27:
                    82:55:d3:97:af:4b:a4:a1:42:5b:08:4a:05:e7:d4:
                    b7:a5:8b:14:ad:c5:8f:c0:30:bb:02:84:03:75:02:
                    e4:a9:17:e5:8e:4f:08:10:4f:fe:ad:0f:e5:df:bb:
                    9d:2c:d6:53:71:d3:8f:5e:1a:34:12:a2:e3:7a:66:
                    7e:c8:66:15:e4:e8:b1:d5:50:a1:cb:c3:1c:4b:5c:
                    75:dc:fc:d9:42:a8:dc:47:c4:b0:75:e1:5a:ac:73:
                    e9:e7:c4:ff:1b:83:cf:ac:83:a2:c0:44:ca:61:c9:
                    9c:a6:12:eb:49:c4:a8:d9:74:84:c5:9a:85:b4:85:
                    f7:cb:83:20:13:db:98:26:fb:bd:dd:e1:e7:b3:ae:
                    df:bd:76:63:55:4d:78:cd:e8:d8:17:b2:5e:51:a6:
                    9e:6b:92:1d:ad:0a:19:53:40:ca:cc:0e:28:ee:3e:
                    1b:69:0e:3d:61:dd:66:b8:c0:fe:74:9e:64:6a:dd:
                    6b:8b:fc:bc:34:10:f2:ab:6b:9b:4c:eb:36:31:a5:
                    b8:8c:2c:b9:72:8f:ed:8a:27:70:d5:9d:a3:de:dc:
                    14:11:ac:09:59:cd:23:78:0b:ee:09:95:0c:a0:8e:
                    78:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:79:1C:82:08:C7:26:51:88:9B:EA:AC:55:00:21:D1:9C:F6:01:95
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:30:a1:cf:42:54:37:46:73:30:d6:aa:26:c3:17:f0:90:b4:
         9e:ea:b1:f1:4c:90:64:a3:15:bd:3b:15:81:54:f8:c0:52:69:
         96:c3:9b:c1:fd:be:73:d5:3e:da:22:74:39:64:13:ea:6f:65:
         0a:a6:44:f1:6d:20:73:2e:f6:df:b5:bc:da:ce:9a:a3:2e:2f:
         b2:47:b2:f9:da:05:86:bc:45:50:98:5e:3a:b5:a0:72:95:ab:
         6d:cf:c9:f4:08:94:24:a8:f2:8e:a1:4a:b7:e6:03:6c:7b:fd:
         ce:2f:77:c9:c1:e6:a6:21:21:58:fb:aa:45:02:4f:bd:67:62:
         8e:0b:ad:10:eb:94:22:fe:a2:b5:ce:40:42:98:19:86:32:17:
         13:60:75:ae:41:71:2f:a8:0c:6a:8f:08:d5:0b:a9:ea:f2:f7:
         26:66:6d:5d:ff:65:85:1f:d1:9f:ab:0a:e5:c0:95:a2:ad:87:
         9e:f1:e1:aa:4d:8d:c4:61:3b:36:a9:b0:c8:6b:b8:65:29:34:
         f4:ab:dd:58:0e:94:ce:19:4b:ff:c4:72:66:2c:b8:11:8a:6a:
         b2:b4:44:fe:10:02:00:8f:94:c6:79:2e:d7:9e:2f:45:c3:57:
         51:51:61:54:03:5c:81:63:61:4e:5f:67:c2:f4:1e:5e:d5:8b:
         48:3b:bf:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZT/fvjg8sUvW1DGQnhFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjUwNzI3MDEwMDI4WhcNMjUwNzI4MDEwMDI4WjAzMTEwLwYDVQQD
EygyNTc5MWM4MjA4YzcyNjUxODg5YmVhYWM1NTAwMjFkMTljZjYwMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkZqQApDySPL6C6Q3JX/644M0OMW
cq65zdyaGyeCVdOXr0ukoUJbCEoF59S3pYsUrcWPwDC7AoQDdQLkqRfljk8IEE/+
rQ/l37udLNZTcdOPXho0EqLjemZ+yGYV5Oix1VChy8McS1x13PzZQqjcR8SwdeFa
rHPp58T/G4PPrIOiwETKYcmcphLrScSo2XSExZqFtIX3y4MgE9uYJvu93eHns67f
vXZjVU14zejYF7JeUaaea5IdrQoZU0DKzA4o7j4baQ49Yd1muMD+dJ5kat1ri/y8
NBDyq2ubTOs2MaW4jCy5co/tiidw1Z2j3twUEawJWc0jeAvuCZUMoI54zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCV5HIIIxyZRiJvqrFUAIdGc9gGVMB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTChz0JU
N0ZzMNaqJsMX8JC0nuqx8UyQZKMVvTsVgVT4wFJplsObwf2+c9U+2iJ0OWQT6m9l
CqZE8W0gcy7237W82s6aoy4vskey+doFhrxFUJheOrWgcpWrbc/J9AiUJKjyjqFK
t+YDbHv9zi93ycHmpiEhWPuqRQJPvWdijgutEOuUIv6itc5AQpgZhjIXE2B1rkFx
L6gMao8I1Qup6vL3JmZtXf9lhR/Rn6sK5cCVoq2HnvHhqk2NxGE7NqmwyGu4ZSk0
9KvdWA6UzhlL/8RyZiy4EYpqsrRE/hACAI+Uxnku154vRcNXUVFhVANcgWNhTl9n
wvQeXtWLSDu/rQ==
-----END CERTIFICATE-----