Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
File:                     OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft (raw, json)
Hash identifier:          g/Po4R8vnMHpiacgWKE0fTScsvCYaAy1PYtc3/9a3uE=
Subject key identifier:   E9:31:B5:A7:9A:D1:3E:46:0D:7C:43:F3:C2:0A:A5:E7:02:06:0B:6B
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Certificate issuer:       /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial:       0194C4D0D6AAF91B1C8FD4216E42EE763E82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
Manifest number:          7B
Signing time:             Sun 02 Feb 2025 04:00:08 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:08 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:08 +0000
Files and hashes:         1: OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl (hash: CAYkISFhyEtbrEb51N2s15bY1eDBmD4ydXLLXnRjLwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d0:d6:aa:f9:1b:1c:8f:d4:21:6e:42:ee:76:3e:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
        Validity
            Not Before: Feb  2 04:00:08 2025 GMT
            Not After : Feb  3 04:00:08 2025 GMT
        Subject: CN=e931b5a79ad13e460d7c43f3c20aa5e702060b6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:66:22:33:41:f7:62:dc:e2:83:30:6d:17:48:
                    50:c1:17:9a:a1:19:ff:b9:46:70:fc:39:3d:ee:c7:
                    50:05:38:65:9d:28:7c:22:f3:d7:81:79:7c:65:29:
                    45:a8:44:f8:b8:0d:71:eb:1e:6f:14:dd:10:48:2c:
                    c3:2f:7c:b0:df:65:b6:84:71:93:bd:ae:44:25:ef:
                    b5:c2:06:de:b7:55:43:3a:7d:3c:91:c3:df:ec:01:
                    5e:38:89:f9:81:a0:51:39:61:05:cf:3d:e8:a9:75:
                    b4:d9:32:96:57:92:f6:bb:25:9f:d8:32:0c:53:49:
                    ec:08:df:38:15:fd:1a:70:5b:56:39:84:2e:6d:b8:
                    4d:51:e0:ca:0e:57:d5:3c:7d:53:c8:42:2d:12:96:
                    41:5b:9c:3f:79:bf:33:49:ad:b2:41:17:51:3c:f9:
                    a9:00:db:f0:6e:5b:43:8d:cf:57:f1:00:f1:27:eb:
                    b5:d4:26:7b:39:46:59:e5:a6:be:98:1d:48:80:28:
                    65:8e:02:38:f8:6e:79:94:4e:58:6e:09:e1:6f:5d:
                    5b:40:ca:b0:40:33:55:89:02:aa:97:2f:22:43:de:
                    5b:80:63:3e:b5:bf:f5:2c:a5:41:9b:7a:a2:1e:c3:
                    fb:ae:66:b5:e5:5b:eb:09:48:7c:d1:cb:fa:6b:98:
                    fb:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:31:B5:A7:9A:D1:3E:46:0D:7C:43:F3:C2:0A:A5:E7:02:06:0B:6B
            X509v3 Authority Key Identifier:
                keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:ab:dd:3c:67:ff:99:a8:41:9d:65:9e:30:67:c8:30:7d:5b:
         30:2f:44:ad:09:19:7e:06:5e:c8:12:51:88:7f:a2:b9:46:26:
         89:c2:24:52:e8:af:37:0e:d4:71:16:89:7f:ca:90:12:02:44:
         0f:34:d1:f5:e7:2e:23:3f:44:5e:ad:46:ce:6d:5b:9e:e3:d5:
         b6:8b:f3:39:48:f2:3f:b9:ef:b2:33:5d:dd:38:4e:a7:d0:e5:
         da:26:c4:60:57:bc:9c:bb:08:90:b9:af:ed:c0:63:d3:be:19:
         48:bf:bc:f6:b6:39:ce:f6:2c:29:a5:39:9e:bc:ec:df:f3:8d:
         52:60:7e:32:73:f9:59:31:ad:34:c2:6f:43:bc:99:8b:f4:48:
         58:1a:4c:0f:96:fc:cd:12:4d:10:73:13:be:ed:0b:1c:5a:57:
         b2:92:72:0f:a5:d6:f9:18:4e:3c:65:af:d6:a5:74:1e:82:80:
         69:fc:f9:d6:d9:d4:36:42:62:f8:8b:57:b7:c9:f9:f6:49:45:
         7d:f4:bc:9f:25:39:91:2e:43:c2:95:71:66:b0:5a:11:39:ea:
         4f:8d:b7:05:88:27:29:db:b8:0a:4c:26:5c:8c:67:3f:02:37:
         d9:20:14:b2:d7:54:db:13:6b:f9:57:19:71:72:37:2c:fc:16:
         6c:2b:a5:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0Naq+Rscj9QhbkLudj6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjUwMjAyMDQwMDA4WhcNMjUwMjAzMDQwMDA4WjAzMTEwLwYDVQQD
EyhlOTMxYjVhNzlhZDEzZTQ2MGQ3YzQzZjNjMjBhYTVlNzAyMDYwYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmYiM0H3YtzigzBtF0hQwReaoRn/
uUZw/Dk97sdQBThlnSh8IvPXgXl8ZSlFqET4uA1x6x5vFN0QSCzDL3yw32W2hHGT
va5EJe+1wgbet1VDOn08kcPf7AFeOIn5gaBROWEFzz3oqXW02TKWV5L2uyWf2DIM
U0nsCN84Ff0acFtWOYQubbhNUeDKDlfVPH1TyEItEpZBW5w/eb8zSa2yQRdRPPmp
ANvwbltDjc9X8QDxJ+u11CZ7OUZZ5aa+mB1IgChljgI4+G55lE5Ybgnhb11bQMqw
QDNViQKqly8iQ95bgGM+tb/1LKVBm3qiHsP7rma15VvrCUh80cv6a5j7nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkxtaea0T5GDXxD88IKpecCBgtrMB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtavdPGf/
mahBnWWeMGfIMH1bMC9ErQkZfgZeyBJRiH+iuUYmicIkUuivNw7UcRaJf8qQEgJE
DzTR9ecuIz9EXq1Gzm1bnuPVtovzOUjyP7nvsjNd3ThOp9Dl2ibEYFe8nLsIkLmv
7cBj074ZSL+89rY5zvYsKaU5nrzs3/ONUmB+MnP5WTGtNMJvQ7yZi/RIWBpMD5b8
zRJNEHMTvu0LHFpXspJyD6XW+RhOPGWv1qV0HoKAafz51tnUNkJi+ItXt8n59klF
ffS8nyU5kS5DwpVxZrBaETnqT423BYgnKdu4CkwmXIxnPwI32SAUstdU2xNr+VcZ
cXI3LPwWbCulZQ==
-----END CERTIFICATE-----