Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
File:                     OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft (raw, json)
Hash identifier:          GUR3Uwu/lVaFZ8AA2uAeehGHxgB4WS8Me0RWv5RpcXg=
Subject key identifier:   11:39:60:7A:C5:D7:55:59:E2:48:08:CD:C6:32:B5:7F:BA:FC:9A:75
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Certificate issuer:       /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial:       019922FB1212B021BDAF66ECFA196BC12C7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
Manifest number:          02BE
Signing time:             Sun 07 Sep 2025 07:01:43 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:43 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:43 +0000
Files and hashes:         1: OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl (hash: DNPqaDcydIWUOXQAgFQZ0qtpwb80mmTpr/tHhGJsDn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fb:12:12:b0:21:bd:af:66:ec:fa:19:6b:c1:2c:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
        Validity
            Not Before: Sep  7 07:01:43 2025 GMT
            Not After : Sep  8 07:01:43 2025 GMT
        Subject: CN=1139607ac5d75559e24808cdc632b57fbafc9a75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:1b:9e:fd:d4:5b:81:fe:c2:8c:92:25:4c:da:
                    c2:7c:c2:6b:82:42:71:c0:3d:2d:8b:fd:ea:58:53:
                    a9:00:8f:6a:31:bb:9d:46:a2:d5:e9:80:75:66:d4:
                    f3:ec:d5:c9:c1:46:16:6c:4f:54:2e:6b:fd:f2:4a:
                    44:74:55:10:c4:23:a4:c4:9d:cf:44:ac:7b:cb:88:
                    e9:c4:a1:64:00:53:11:17:e7:cc:2e:5e:e6:7f:af:
                    82:f0:1b:43:e9:9d:56:d1:93:3c:67:8c:2e:ad:26:
                    53:5d:2a:58:72:b8:2a:34:74:ca:90:ad:6d:22:6e:
                    33:49:be:cd:6e:ba:84:25:5c:d4:f3:20:be:c2:11:
                    7b:52:a8:45:e2:6d:ac:f7:c8:1d:18:84:96:fb:91:
                    65:f3:ac:5c:6d:1a:b5:52:a7:46:d6:4e:bf:d4:07:
                    b0:f6:9f:f7:f1:dd:75:9b:b9:7e:2d:5a:da:a5:44:
                    8e:3d:23:46:e2:d8:01:52:32:fd:6f:d3:cd:d4:fc:
                    93:65:99:48:e5:83:6d:98:b8:45:59:65:5c:45:3a:
                    06:93:2b:8b:7c:fc:f6:f5:52:0d:7d:45:a7:51:ee:
                    73:ef:db:0d:53:77:92:e9:47:9a:b2:c0:df:21:21:
                    08:e5:76:a0:df:3c:8f:7e:09:db:bc:f4:dc:7b:58:
                    45:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:39:60:7A:C5:D7:55:59:E2:48:08:CD:C6:32:B5:7F:BA:FC:9A:75
            X509v3 Authority Key Identifier:
                keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:36:ba:86:9f:f0:84:a5:c3:8c:27:29:1f:28:73:da:1c:47:
         5a:91:7f:4d:d0:99:cc:ff:05:b7:9a:e6:ba:a1:dd:b7:03:dd:
         45:5f:59:16:30:bb:69:fb:e3:42:d3:f8:cb:5f:f6:8b:70:3b:
         ba:7d:bb:65:b7:4d:a7:6e:9f:65:e4:73:12:08:e4:71:86:e1:
         14:a0:bd:18:57:fa:d2:02:b4:3c:48:51:2c:57:e2:80:23:65:
         6c:ab:38:64:75:f6:30:13:a7:4b:c9:05:9a:90:56:c2:65:46:
         80:16:73:01:5e:8d:81:84:24:da:c2:b5:b7:d3:28:1f:80:33:
         44:1a:52:bb:ed:09:93:61:54:a1:4e:f0:c6:ff:af:f5:a7:ac:
         88:f7:7b:b6:ab:cd:f4:0a:76:c9:d0:df:ab:c0:1c:81:68:92:
         91:f2:e4:4c:e7:e0:05:1a:8d:08:57:96:3d:eb:f7:e2:e5:5a:
         4e:84:6f:fd:18:e0:2b:d6:bc:36:7a:da:c4:e9:74:40:b9:13:
         96:28:41:49:b0:ac:d5:1b:f6:91:77:bd:4b:83:34:ef:98:c2:
         ce:56:ce:e6:07:ac:8a:f0:53:90:ad:84:3f:4d:a3:10:75:c0:
         f8:4f:93:3d:41:ee:0b:aa:5f:a7:d6:d2:46:9f:8a:3c:02:a6:
         55:07:92:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+xISsCG9r2bs+hlrwSx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjUwOTA3MDcwMTQzWhcNMjUwOTA4MDcwMTQzWjAzMTEwLwYDVQQD
EygxMTM5NjA3YWM1ZDc1NTU5ZTI0ODA4Y2RjNjMyYjU3ZmJhZmM5YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhue/dRbgf7CjJIlTNrCfMJrgkJx
wD0ti/3qWFOpAI9qMbudRqLV6YB1ZtTz7NXJwUYWbE9ULmv98kpEdFUQxCOkxJ3P
RKx7y4jpxKFkAFMRF+fMLl7mf6+C8BtD6Z1W0ZM8Z4wurSZTXSpYcrgqNHTKkK1t
Im4zSb7NbrqEJVzU8yC+whF7UqhF4m2s98gdGISW+5Fl86xcbRq1UqdG1k6/1Aew
9p/38d11m7l+LVrapUSOPSNG4tgBUjL9b9PN1PyTZZlI5YNtmLhFWWVcRToGkyuL
fPz29VINfUWnUe5z79sNU3eS6UeassDfISEI5Xag3zyPfgnbvPTce1hFQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBE5YHrF11VZ4kgIzcYytX+6/Jp1MB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQza6hp/w
hKXDjCcpHyhz2hxHWpF/TdCZzP8Ft5rmuqHdtwPdRV9ZFjC7afvjQtP4y1/2i3A7
un27ZbdNp26fZeRzEgjkcYbhFKC9GFf60gK0PEhRLFfigCNlbKs4ZHX2MBOnS8kF
mpBWwmVGgBZzAV6NgYQk2sK1t9MoH4AzRBpSu+0Jk2FUoU7wxv+v9aesiPd7tqvN
9Ap2ydDfq8AcgWiSkfLkTOfgBRqNCFeWPev34uVaToRv/RjgK9a8NnraxOl0QLkT
lihBSbCs1Rv2kXe9S4M075jCzlbO5gesivBTkK2EP02jEHXA+E+TPUHuC6pfp9bS
Rp+KPAKmVQeSmw==
-----END CERTIFICATE-----