Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
File:                     OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft (raw, json)
Hash identifier:          URUtnjqBanjKTTcsod0Tx586RmibjqasGIEo/nx0fhI=
Subject key identifier:   FE:AB:81:BA:23:8D:14:AE:8B:82:7A:82:06:C8:36:33:F4:C8:E8:98
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Certificate issuer:       /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial:       01976E87889EBE9D5E361F6739399EBC2533
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
Manifest number:          01DC
Signing time:             Sat 14 Jun 2025 13:01:05 +0000
Manifest this update:     Sat 14 Jun 2025 13:01:05 +0000
Manifest next update:     Sun 15 Jun 2025 13:01:05 +0000
Files and hashes:         1: OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl (hash: KkioJjqO1C7BDib65rK1L/XkfYd1ixfsN1Dc1jRXBRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:88:9e:be:9d:5e:36:1f:67:39:39:9e:bc:25:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
        Validity
            Not Before: Jun 14 13:01:05 2025 GMT
            Not After : Jun 15 13:01:05 2025 GMT
        Subject: CN=feab81ba238d14ae8b827a8206c83633f4c8e898
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c1:d1:22:ce:5a:63:aa:11:9b:c7:f5:d9:e9:
                    49:63:88:c7:7f:b4:87:5a:07:8f:3e:12:0f:84:42:
                    2f:53:f7:0e:27:8b:30:57:93:2c:48:20:13:ab:cb:
                    3b:10:bb:dd:47:6e:02:f1:d2:71:5c:08:48:0f:1a:
                    0a:d1:02:ff:0c:85:76:a7:05:a6:fe:b0:ce:dd:50:
                    dc:e4:df:e5:5f:a6:36:cc:88:c2:02:c8:0d:3b:16:
                    92:2a:da:63:55:5b:82:c6:1a:59:62:f1:4a:2f:b0:
                    5a:fb:7c:aa:19:ef:c1:02:d9:57:6c:eb:bd:f6:90:
                    e3:98:d4:c7:b7:e0:08:ac:77:27:37:4b:70:bf:5a:
                    3b:35:b9:6f:7a:af:33:8a:2d:0f:99:ac:66:52:53:
                    1c:62:61:88:83:37:3e:0c:52:f4:77:cf:3f:88:cc:
                    9d:a7:85:f1:84:aa:aa:8d:23:bd:01:e5:18:09:46:
                    a0:e4:61:8f:bb:92:e6:0d:69:9b:8b:96:f5:9e:ef:
                    c7:d6:b5:ef:0d:d6:1f:31:9c:c8:d4:08:8a:4c:a3:
                    f2:d5:1f:4b:cb:f3:aa:06:c7:21:c4:f9:1f:ae:4b:
                    69:26:8e:24:89:a5:f0:03:46:ad:96:23:3e:59:56:
                    be:3c:26:93:d2:69:ca:76:a9:43:a1:0e:87:0a:72:
                    8c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:AB:81:BA:23:8D:14:AE:8B:82:7A:82:06:C8:36:33:F4:C8:E8:98
            X509v3 Authority Key Identifier:
                keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:b8:65:c8:1f:49:13:80:d3:a5:b6:6e:ac:ab:e7:79:59:6b:
         5e:fe:2b:b5:4d:93:9e:28:22:18:7c:85:bc:8c:76:bb:aa:26:
         af:bb:8a:cd:58:e9:4e:7f:82:9e:2e:53:49:8a:97:26:e9:c6:
         b0:7a:49:fb:99:3b:7b:81:f0:ca:af:33:8a:b9:ca:29:a0:73:
         a2:e8:63:4d:2f:99:88:f1:9f:39:74:17:36:de:85:d2:44:0b:
         ba:8b:6f:90:35:b1:de:a6:8f:42:52:d5:77:4d:7f:7c:41:80:
         1d:6e:33:e3:c3:87:d6:5c:c2:f1:9c:cb:4e:fc:36:89:f7:cf:
         64:b6:a1:f0:e0:91:dc:69:96:18:a3:b7:8e:40:98:83:f8:3e:
         c5:75:7e:2c:a5:ea:9b:99:c6:4c:c3:5a:55:5d:10:66:e6:61:
         b0:3b:aa:ae:37:a5:0f:91:67:bf:ae:2d:95:14:d2:49:d9:18:
         db:f1:1d:f2:1c:93:8b:34:2d:c2:86:03:73:02:06:10:b6:d9:
         94:51:3c:b2:eb:03:31:ff:0e:76:19:45:4a:49:2b:ed:76:22:
         44:43:2f:0b:cf:a2:98:18:00:f4:7d:a4:3d:cd:46:94:6f:7d:
         b9:50:8c:07:88:32:52:3a:e0:2d:55:89:4d:56:43:74:e3:09:
         24:3f:25:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduh4ievp1eNh9nOTmevCUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjUwNjE0MTMwMTA1WhcNMjUwNjE1MTMwMTA1WjAzMTEwLwYDVQQD
EyhmZWFiODFiYTIzOGQxNGFlOGI4MjdhODIwNmM4MzYzM2Y0YzhlODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycHRIs5aY6oRm8f12elJY4jHf7SH
WgePPhIPhEIvU/cOJ4swV5MsSCATq8s7ELvdR24C8dJxXAhIDxoK0QL/DIV2pwWm
/rDO3VDc5N/lX6Y2zIjCAsgNOxaSKtpjVVuCxhpZYvFKL7Ba+3yqGe/BAtlXbOu9
9pDjmNTHt+AIrHcnN0twv1o7Nblveq8zii0PmaxmUlMcYmGIgzc+DFL0d88/iMyd
p4XxhKqqjSO9AeUYCUag5GGPu5LmDWmbi5b1nu/H1rXvDdYfMZzI1AiKTKPy1R9L
y/OqBschxPkfrktpJo4kiaXwA0atliM+WVa+PCaT0mnKdqlDoQ6HCnKM4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6rgbojjRSui4J6ggbINjP0yOiYMB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOLhlyB9J
E4DTpbZurKvneVlrXv4rtU2TnigiGHyFvIx2u6omr7uKzVjpTn+Cni5TSYqXJunG
sHpJ+5k7e4Hwyq8zirnKKaBzouhjTS+ZiPGfOXQXNt6F0kQLuotvkDWx3qaPQlLV
d01/fEGAHW4z48OH1lzC8ZzLTvw2iffPZLah8OCR3GmWGKO3jkCYg/g+xXV+LKXq
m5nGTMNaVV0QZuZhsDuqrjelD5Fnv64tlRTSSdkY2/Ed8hyTizQtwoYDcwIGELbZ
lFE8susDMf8OdhlFSkkr7XYiREMvC8+imBgA9H2kPc1GlG99uVCMB4gyUjrgLVWJ
TVZDdOMJJD8lxg==
-----END CERTIFICATE-----