Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
File:                     OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft (raw, json)
Hash identifier:          jgXaV+lsuyigrnoMpsVq8ryUSVRG+kgDZOGBDOa86iY=
Subject key identifier:   55:C0:5D:2F:4A:08:1C:C9:6F:65:E0:96:B1:4C:C2:79:E7:0A:CF:53
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Certificate issuer:       /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial:       01975948B0D19E634DC326AA5498A55D1029
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
Manifest number:          01D1
Signing time:             Tue 10 Jun 2025 10:00:25 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:25 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:25 +0000
Files and hashes:         1: OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl (hash: vwPqyeyDNeDM1payi9Ou6vKC+cth5N8t2bwE8aMAefA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:48:b0:d1:9e:63:4d:c3:26:aa:54:98:a5:5d:10:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
        Validity
            Not Before: Jun 10 10:00:25 2025 GMT
            Not After : Jun 11 10:00:25 2025 GMT
        Subject: CN=55c05d2f4a081cc96f65e096b14cc279e70acf53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f6:f8:11:da:38:e0:9e:1c:2a:50:9f:11:f3:
                    5e:b8:7a:b2:70:a9:40:2e:ee:20:b8:0f:2d:3d:43:
                    ea:09:24:05:7d:19:ad:5b:3f:8b:3d:45:8a:e2:39:
                    e5:da:46:9a:c0:77:95:82:58:b0:19:9a:ef:b9:74:
                    17:fb:8f:73:5b:3d:7b:eb:71:06:3d:00:6c:90:8b:
                    50:ca:14:a4:a5:88:be:75:3a:29:db:bd:34:bc:b7:
                    86:05:06:bb:8a:bd:f0:b2:3b:c2:4d:7a:78:90:81:
                    95:b7:20:1c:b4:83:38:9b:31:58:dd:d9:45:f4:ac:
                    65:a7:0e:c8:99:18:e3:76:a4:8a:7b:29:f6:a4:8e:
                    36:1a:cd:1b:29:91:5b:a6:3d:4b:59:ce:ac:6c:00:
                    d0:85:b1:92:17:8e:d0:f8:14:33:b4:d4:db:18:da:
                    b4:5f:10:c9:ae:bc:10:5f:d4:f3:8f:84:d1:40:58:
                    95:a9:16:00:a7:87:da:c2:17:90:e4:28:b3:be:00:
                    01:16:a8:1f:32:b6:a9:72:43:75:ee:a4:fa:7a:8d:
                    ff:80:54:43:54:95:5f:e0:4c:53:c4:75:33:ef:98:
                    da:3a:b2:9f:45:99:7b:46:04:7d:61:f7:55:1f:5c:
                    d8:58:64:b9:08:ce:25:85:d8:f7:80:b5:4e:d1:b5:
                    cc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C0:5D:2F:4A:08:1C:C9:6F:65:E0:96:B1:4C:C2:79:E7:0A:CF:53
            X509v3 Authority Key Identifier:
                keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:92:6b:cc:86:e7:78:ba:26:f6:5f:a5:75:e9:48:58:7a:ea:
         14:9d:21:61:73:ba:f4:38:92:e1:09:5c:ae:4a:9b:c3:37:a0:
         a9:db:88:0e:63:4a:43:d1:c2:77:b8:f9:0c:4a:1c:57:e6:db:
         ed:76:69:70:63:e2:2e:9f:2a:d9:92:ed:ee:c9:78:63:f0:f8:
         38:da:b1:fd:2b:5f:23:30:e4:6d:62:51:33:68:2a:bf:6c:07:
         b0:c4:f5:c0:5e:80:d3:83:59:82:d8:3a:ad:6a:fd:80:42:d3:
         b0:74:10:28:04:cc:91:ee:11:6d:e7:58:52:3a:75:24:2c:5d:
         e7:80:be:e1:60:b3:44:c3:84:7c:93:03:ae:f1:c0:e5:eb:8c:
         20:de:4a:c1:65:d4:d5:26:17:f0:0f:d6:b2:92:59:96:f4:50:
         41:10:5c:b3:69:c4:5c:38:ad:a2:87:07:6d:fa:1d:49:31:86:
         5e:5f:70:09:bb:5a:1e:14:74:24:7d:64:04:18:af:bc:04:82:
         27:fa:18:ef:05:42:c7:f1:50:5d:6d:c0:3d:b9:fb:5a:0d:0c:
         8c:77:fe:94:84:40:56:27:9d:65:af:d7:1a:82:19:e1:4e:86:
         83:72:c8:40:d4:f7:ae:86:c2:7d:a5:ea:59:62:be:c6:55:ab:
         eb:e0:8f:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSLDRnmNNwyaqVJilXRApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjUwNjEwMTAwMDI1WhcNMjUwNjExMTAwMDI1WjAzMTEwLwYDVQQD
Eyg1NWMwNWQyZjRhMDgxY2M5NmY2NWUwOTZiMTRjYzI3OWU3MGFjZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufb4Edo44J4cKlCfEfNeuHqycKlA
Lu4guA8tPUPqCSQFfRmtWz+LPUWK4jnl2kaawHeVgliwGZrvuXQX+49zWz1763EG
PQBskItQyhSkpYi+dTop2700vLeGBQa7ir3wsjvCTXp4kIGVtyActIM4mzFY3dlF
9Kxlpw7ImRjjdqSKeyn2pI42Gs0bKZFbpj1LWc6sbADQhbGSF47Q+BQztNTbGNq0
XxDJrrwQX9Tzj4TRQFiVqRYAp4fawheQ5CizvgABFqgfMrapckN17qT6eo3/gFRD
VJVf4ExTxHUz75jaOrKfRZl7RgR9YfdVH1zYWGS5CM4lhdj3gLVO0bXMswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXAXS9KCBzJb2XglrFMwnnnCs9TMB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpJrzIbn
eLom9l+ldelIWHrqFJ0hYXO69DiS4QlcrkqbwzegqduIDmNKQ9HCd7j5DEocV+bb
7XZpcGPiLp8q2ZLt7sl4Y/D4ONqx/StfIzDkbWJRM2gqv2wHsMT1wF6A04NZgtg6
rWr9gELTsHQQKATMke4RbedYUjp1JCxd54C+4WCzRMOEfJMDrvHA5euMIN5KwWXU
1SYX8A/WspJZlvRQQRBcs2nEXDitoocHbfodSTGGXl9wCbtaHhR0JH1kBBivvASC
J/oY7wVCx/FQXW3APbn7Wg0MjHf+lIRAViedZa/XGoIZ4U6Gg3LIQNT3robCfaXq
WWK+xlWr6+CPOA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:57:59 2025 by rpki-client