Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
File:                     OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft (raw, json)
Hash identifier:          w5PbiqJppHRUCsib8pJYAZJ964sfso/C3bJCJOsAosk=
Subject key identifier:   FB:70:A3:39:3D:1A:0E:E9:4C:70:51:93:5A:FE:A0:5F:70:95:0F:2F
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Certificate issuer:       /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial:       019764DF0F77286A449B5EA679AF090D4235
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
Manifest number:          01D7
Signing time:             Thu 12 Jun 2025 16:00:29 +0000
Manifest this update:     Thu 12 Jun 2025 16:00:29 +0000
Manifest next update:     Fri 13 Jun 2025 16:00:29 +0000
Files and hashes:         1: OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl (hash: sKSv+phUNAR1fCQeuqHMctzhMrGrD3GzR2CS6vvP8wE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:df:0f:77:28:6a:44:9b:5e:a6:79:af:09:0d:42:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
        Validity
            Not Before: Jun 12 16:00:29 2025 GMT
            Not After : Jun 13 16:00:29 2025 GMT
        Subject: CN=fb70a3393d1a0ee94c7051935afea05f70950f2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fd:06:09:a5:20:fd:e3:c1:bf:59:a6:cf:fe:
                    0e:ad:fa:25:58:58:51:9e:e6:72:f4:c5:bc:ef:66:
                    9b:9b:e7:c1:6b:0d:92:f7:71:23:f0:1b:6d:ac:b9:
                    60:74:fa:bf:18:9d:99:c7:20:90:fa:00:cd:83:13:
                    c9:7c:2e:60:e4:4f:c8:4a:47:72:b5:9f:67:48:e3:
                    34:4c:ef:66:d4:38:ce:22:72:ef:58:17:af:29:aa:
                    13:1d:9c:2f:f9:39:b1:38:82:22:8d:a0:bb:2e:ee:
                    62:dd:7a:84:96:df:47:32:b4:77:6e:88:64:75:e0:
                    0f:52:fd:ae:b6:cc:d2:3b:4a:46:59:bb:af:5b:f1:
                    f6:5d:78:b2:e7:5a:0b:13:9c:c2:d1:0a:1c:05:30:
                    6f:0f:9d:b2:69:17:2d:4f:03:9b:25:8f:47:34:ee:
                    a4:f6:0c:c8:1e:08:81:b7:dd:20:a6:10:aa:53:78:
                    d2:53:4d:55:d7:fd:a9:b6:0b:09:81:95:25:4c:6a:
                    d5:fe:d1:1c:47:a8:87:c9:27:c8:81:04:ea:ee:f4:
                    99:64:1e:84:1c:8a:56:9c:71:57:8e:3f:61:fd:a5:
                    08:c2:bf:0e:85:aa:15:12:ca:ef:b7:70:74:bc:18:
                    eb:a4:09:42:20:c8:6b:5a:09:4a:4e:2f:af:d7:b1:
                    f7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:70:A3:39:3D:1A:0E:E9:4C:70:51:93:5A:FE:A0:5F:70:95:0F:2F
            X509v3 Authority Key Identifier:
                keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:11:57:a1:7f:19:02:d9:24:a1:bf:33:c4:12:9f:d3:c9:a7:
         b6:c7:39:ac:bf:ca:e0:ba:8a:c0:07:11:8c:75:dd:27:cc:7b:
         16:d0:b8:7a:2b:31:8d:3b:3b:6b:78:dc:fc:06:8b:b7:f4:7d:
         80:23:37:db:16:28:e8:6a:fb:33:05:d8:58:92:52:2c:25:89:
         a9:f6:27:60:14:02:42:6c:05:5a:32:e4:1d:b0:32:d9:65:65:
         89:70:45:c4:66:84:57:50:c7:b5:c4:97:33:65:aa:a3:bb:a0:
         7f:c2:c4:5d:c5:54:e0:1c:bb:f9:ab:87:6f:96:4d:96:1a:1f:
         73:28:df:7a:90:ab:c9:99:57:84:db:d7:3b:e9:35:3a:6f:51:
         b0:4f:db:ea:30:67:7d:9f:bd:2c:c2:cf:c6:19:b1:5f:27:0b:
         de:5b:0b:32:d9:16:ae:a6:63:5c:c3:02:c7:fe:cf:78:b0:e5:
         ba:8e:2f:fc:a5:3c:3e:d6:d5:c4:5b:f1:27:e1:20:c4:67:a3:
         10:41:31:ac:a7:49:c0:6c:11:13:89:f1:26:5f:f7:47:07:ec:
         45:d6:5a:5e:3e:aa:15:68:be:40:ee:3c:9e:c4:22:2d:98:83:
         8c:ba:37:a5:bd:39:87:d0:84:9f:cc:c1:14:20:f6:8b:10:59:
         58:f5:bb:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk3w93KGpEm16mea8JDUI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjUwNjEyMTYwMDI5WhcNMjUwNjEzMTYwMDI5WjAzMTEwLwYDVQQD
EyhmYjcwYTMzOTNkMWEwZWU5NGM3MDUxOTM1YWZlYTA1ZjcwOTUwZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/0GCaUg/ePBv1mmz/4OrfolWFhR
nuZy9MW872abm+fBaw2S93Ej8BttrLlgdPq/GJ2ZxyCQ+gDNgxPJfC5g5E/ISkdy
tZ9nSOM0TO9m1DjOInLvWBevKaoTHZwv+TmxOIIijaC7Lu5i3XqElt9HMrR3bohk
deAPUv2utszSO0pGWbuvW/H2XXiy51oLE5zC0QocBTBvD52yaRctTwObJY9HNO6k
9gzIHgiBt90gphCqU3jSU01V1/2ptgsJgZUlTGrV/tEcR6iHySfIgQTq7vSZZB6E
HIpWnHFXjj9h/aUIwr8OhaoVEsrvt3B0vBjrpAlCIMhrWglKTi+v17H3pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtwozk9Gg7pTHBRk1r+oF9wlQ8vMB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhBFXoX8Z
Atkkob8zxBKf08mntsc5rL/K4LqKwAcRjHXdJ8x7FtC4eisxjTs7a3jc/AaLt/R9
gCM32xYo6Gr7MwXYWJJSLCWJqfYnYBQCQmwFWjLkHbAy2WVliXBFxGaEV1DHtcSX
M2Wqo7ugf8LEXcVU4By7+auHb5ZNlhofcyjfepCryZlXhNvXO+k1Om9RsE/b6jBn
fZ+9LMLPxhmxXycL3lsLMtkWrqZjXMMCx/7PeLDluo4v/KU8PtbVxFvxJ+EgxGej
EEExrKdJwGwRE4nxJl/3RwfsRdZaXj6qFWi+QO48nsQiLZiDjLo3pb05h9CEn8zB
FCD2ixBZWPW72w==
-----END CERTIFICATE-----
Generated at Thu Jun 12 20:59:32 2025 by rpki-client