Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
File:                     OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft (raw, json)
Hash identifier:          zFpFJnm0Z+5z/TYklNt+sW5bT4EaXJlQaP1oE2YHTxQ=
Subject key identifier:   6E:8A:43:43:AC:67:F9:FF:7F:F1:4D:95:48:25:72:AE:D7:F3:4A:1C
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Certificate issuer:       /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial:       019768BBD493532FFF9FCD67B27FD4B8BD78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
Manifest number:          01D9
Signing time:             Fri 13 Jun 2025 10:00:29 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:29 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:29 +0000
Files and hashes:         1: OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl (hash: 6tM2kOCn7i03gSepP6kiBePOjfRa4OtkqmTPpq1lIOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:d4:93:53:2f:ff:9f:cd:67:b2:7f:d4:b8:bd:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
        Validity
            Not Before: Jun 13 10:00:29 2025 GMT
            Not After : Jun 14 10:00:29 2025 GMT
        Subject: CN=6e8a4343ac67f9ff7ff14d95482572aed7f34a1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ad:e5:89:89:c8:9e:e5:67:cd:e7:54:aa:4c:
                    49:b2:ab:ce:bc:fb:00:1b:77:3d:8c:d2:82:61:a4:
                    52:a5:48:fa:a8:b9:7c:13:9a:13:80:be:e7:2a:d8:
                    cd:fe:9e:e5:4a:4b:a8:43:f7:8a:fe:c2:f9:30:62:
                    89:94:06:33:f3:be:e9:28:dd:d3:7b:83:99:05:58:
                    15:8c:3c:92:8b:a7:b3:9a:de:f5:f4:ce:ae:0c:ae:
                    77:83:a0:82:aa:13:9a:b1:de:d1:21:96:d1:0e:b1:
                    a4:af:6a:16:1f:44:aa:0d:27:89:04:64:9e:5d:8d:
                    b2:a0:3f:12:4a:df:78:fc:50:91:e7:d3:ca:8e:ee:
                    bc:f4:8c:d1:f6:83:c9:7b:a2:13:e4:6b:7c:e8:a5:
                    6a:29:82:33:68:ec:2b:14:0d:cb:64:11:dc:64:7a:
                    a9:a6:cc:ab:96:ee:ff:d8:c4:dd:ee:87:d6:40:4b:
                    23:6b:43:e4:51:8f:21:32:27:20:9f:3f:8c:a6:6c:
                    f1:a8:a6:01:f7:8a:08:ab:2c:50:74:9b:e2:50:bf:
                    e7:5d:22:4a:a0:4c:e9:7f:4f:3d:0a:ef:29:0f:cb:
                    02:4e:83:73:ac:fd:e9:91:62:a1:69:5d:47:62:80:
                    ec:f5:e6:a2:58:3f:a7:5e:75:25:9c:3f:3c:a8:d2:
                    05:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:8A:43:43:AC:67:F9:FF:7F:F1:4D:95:48:25:72:AE:D7:F3:4A:1C
            X509v3 Authority Key Identifier:
                keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:e6:67:16:8b:81:83:13:61:0e:5d:ce:8a:bc:19:ed:3a:d4:
         2c:9a:64:01:0d:25:54:7b:6c:01:3b:9b:79:53:7b:d5:58:f7:
         37:ad:73:56:55:0f:a9:7a:73:9e:9b:6a:3f:c2:0c:91:f2:c0:
         5d:7d:8c:d9:5d:7f:19:0b:44:9b:89:77:15:ee:5f:6e:ee:40:
         10:3f:55:1d:9d:f1:6b:00:b7:b8:e0:47:53:bd:cf:08:5e:89:
         71:2d:d4:fa:cc:71:0b:5a:16:2a:ab:d5:fb:a8:38:f2:b3:3c:
         84:3c:49:aa:04:11:0d:30:3d:06:11:c7:d8:c9:c7:2e:fb:2f:
         6d:8c:d7:6a:1e:54:23:58:9f:a9:49:d6:fe:94:55:33:db:66:
         6c:06:f9:00:6e:86:d3:b7:24:df:0e:e5:1d:86:c5:e5:d4:b2:
         08:26:8c:8d:6b:5d:66:60:f3:6d:cb:6e:96:44:fc:f0:5b:18:
         1a:c6:e7:a9:6b:25:e3:42:ce:5a:ce:8b:ba:9b:f3:2b:73:0d:
         c2:8f:4a:03:fd:24:8a:68:60:ad:85:35:ac:8a:fe:e1:90:cf:
         f1:e0:74:41:70:fc:80:1b:ca:04:c1:51:93:eb:d3:1c:3b:c7:
         ec:2d:c2:94:bd:0c:8f:27:f0:97:58:2b:99:84:a5:0c:5a:8a:
         0d:b3:d9:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou9STUy//n81nsn/UuL14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjUwNjEzMTAwMDI5WhcNMjUwNjE0MTAwMDI5WjAzMTEwLwYDVQQD
Eyg2ZThhNDM0M2FjNjdmOWZmN2ZmMTRkOTU0ODI1NzJhZWQ3ZjM0YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa3liYnInuVnzedUqkxJsqvOvPsA
G3c9jNKCYaRSpUj6qLl8E5oTgL7nKtjN/p7lSkuoQ/eK/sL5MGKJlAYz877pKN3T
e4OZBVgVjDySi6ezmt719M6uDK53g6CCqhOasd7RIZbRDrGkr2oWH0SqDSeJBGSe
XY2yoD8SSt94/FCR59PKju689IzR9oPJe6IT5Gt86KVqKYIzaOwrFA3LZBHcZHqp
psyrlu7/2MTd7ofWQEsja0PkUY8hMicgnz+MpmzxqKYB94oIqyxQdJviUL/nXSJK
oEzpf089Cu8pD8sCToNzrP3pkWKhaV1HYoDs9eaiWD+nXnUlnD88qNIFZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6KQ0OsZ/n/f/FNlUglcq7X80ocMB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+ZnFouB
gxNhDl3OirwZ7TrULJpkAQ0lVHtsATubeVN71Vj3N61zVlUPqXpznptqP8IMkfLA
XX2M2V1/GQtEm4l3Fe5fbu5AED9VHZ3xawC3uOBHU73PCF6JcS3U+sxxC1oWKqvV
+6g48rM8hDxJqgQRDTA9BhHH2MnHLvsvbYzXah5UI1ifqUnW/pRVM9tmbAb5AG6G
07ck3w7lHYbF5dSyCCaMjWtdZmDzbctulkT88FsYGsbnqWsl40LOWs6LupvzK3MN
wo9KA/0kimhgrYU1rIr+4ZDP8eB0QXD8gBvKBMFRk+vTHDvH7C3ClL0Mjyfwl1gr
mYSlDFqKDbPZYQ==
-----END CERTIFICATE-----