Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          0YxKVOD1T76c2SGInkHI1g/ykYb+Y+oMBQg6yzymBHY=
Subject key identifier:   27:CB:C7:01:EC:CF:48:85:AD:16:96:4D:B6:47:71:87:B1:25:4B:69
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       0198D705CA7200A22B07B86B24C30DF0305C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          0251
Signing time:             Sat 23 Aug 2025 13:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:17 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: ceib8p3OuETNZUS/yz0z8R12iVAo5VNbfENxUTOTCW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:ca:72:00:a2:2b:07:b8:6b:24:c3:0d:f0:30:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Aug 23 13:02:17 2025 GMT
            Not After : Aug 24 13:02:17 2025 GMT
        Subject: CN=27cbc701eccf4885ad16964db6477187b1254b69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b2:7e:52:4a:80:b8:08:19:5f:5b:57:b5:e2:
                    1e:f9:bb:6b:b5:a3:18:eb:0b:7e:11:53:f7:6c:40:
                    05:8d:31:68:27:e5:ed:18:86:ad:42:11:5a:05:92:
                    21:44:7e:0c:d2:1c:98:66:03:13:c6:97:59:54:3b:
                    71:21:a2:18:dd:76:f8:b4:76:bf:c5:61:13:1c:7e:
                    5c:52:c7:c3:37:c2:56:20:96:11:89:de:14:f5:a4:
                    7e:6e:50:dd:39:a8:e7:90:a5:a6:8a:7c:b3:88:87:
                    ee:c0:c0:07:6c:df:8e:48:26:1d:c6:e8:72:86:90:
                    45:a0:9c:49:38:e2:5c:e0:cb:65:0a:d1:1c:e2:4e:
                    36:9d:2e:e2:04:4d:30:b4:54:7d:6a:f5:e9:35:ea:
                    51:8d:bc:cf:fc:4c:5a:9f:a4:6a:41:ea:b1:2f:ca:
                    f0:07:1b:1f:99:78:7d:73:9d:1f:0d:6a:68:bc:17:
                    4f:bf:3c:1b:87:49:75:87:b0:26:8c:74:ca:f1:ba:
                    f9:36:ca:a3:ff:7a:d8:fa:af:d4:37:62:c2:75:83:
                    c9:91:ce:f1:ec:64:48:40:d6:6a:e4:30:49:31:cd:
                    c0:df:4b:09:06:8c:40:70:8f:58:35:2f:59:8b:f7:
                    83:06:30:ec:17:de:53:ab:53:7f:82:a9:2c:3c:1f:
                    61:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:CB:C7:01:EC:CF:48:85:AD:16:96:4D:B6:47:71:87:B1:25:4B:69
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:f2:d9:3b:19:af:94:b5:ff:39:1e:a7:c2:28:eb:02:68:f3:
         ac:32:8b:6c:a5:fb:3d:bb:35:69:53:44:08:4e:d2:12:44:83:
         54:5d:ae:62:1e:28:2a:08:35:a7:06:fd:8b:63:8b:b7:28:5f:
         d0:cd:1b:28:86:49:4a:6c:e0:d7:9d:18:b5:51:d8:70:ba:eb:
         72:f0:f7:8d:ec:ce:88:39:5c:bf:29:d3:66:c0:ff:35:00:43:
         97:76:e1:1e:d8:ba:6c:a3:8d:18:b1:24:92:26:ca:fc:56:e7:
         83:c3:9b:b5:14:1e:c8:7e:b7:ec:13:84:14:b7:d6:ea:b3:e7:
         f2:37:f0:f2:8f:a2:ed:dc:7c:6e:02:13:2c:e3:df:1b:f1:6c:
         59:56:89:a5:6a:7b:65:13:f5:24:77:19:8a:1e:77:eb:19:9e:
         f9:0e:bf:19:6b:4e:b3:ac:c9:ba:c8:b6:f7:9d:9b:8f:e2:2d:
         d4:86:9c:3a:b1:b7:bb:82:ad:97:9d:cd:35:8c:5f:2c:88:bc:
         6d:15:85:2b:8c:d4:04:28:77:08:18:5c:28:37:78:29:1e:33:
         96:83:50:83:5e:cd:91:c4:2d:e4:af:36:97:89:14:f0:4a:af:
         b3:76:1a:2f:4d:6e:75:00:fb:6f:fa:0b:04:3c:7b:53:22:99:
         24:39:ec:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBcpyAKIrB7hrJMMN8DBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwODIzMTMwMjE3WhcNMjUwODI0MTMwMjE3WjAzMTEwLwYDVQQD
EygyN2NiYzcwMWVjY2Y0ODg1YWQxNjk2NGRiNjQ3NzE4N2IxMjU0YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7J+UkqAuAgZX1tXteIe+btrtaMY
6wt+EVP3bEAFjTFoJ+XtGIatQhFaBZIhRH4M0hyYZgMTxpdZVDtxIaIY3Xb4tHa/
xWETHH5cUsfDN8JWIJYRid4U9aR+blDdOajnkKWminyziIfuwMAHbN+OSCYdxuhy
hpBFoJxJOOJc4MtlCtEc4k42nS7iBE0wtFR9avXpNepRjbzP/Exan6RqQeqxL8rw
BxsfmXh9c50fDWpovBdPvzwbh0l1h7AmjHTK8br5Nsqj/3rY+q/UN2LCdYPJkc7x
7GRIQNZq5DBJMc3A30sJBoxAcI9YNS9Zi/eDBjDsF95Tq1N/gqksPB9hFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCfLxwHsz0iFrRaWTbZHcYexJUtpMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/LZOxmv
lLX/OR6nwijrAmjzrDKLbKX7Pbs1aVNECE7SEkSDVF2uYh4oKgg1pwb9i2OLtyhf
0M0bKIZJSmzg150YtVHYcLrrcvD3jezOiDlcvynTZsD/NQBDl3bhHti6bKONGLEk
kibK/Fbng8ObtRQeyH637BOEFLfW6rPn8jfw8o+i7dx8bgITLOPfG/FsWVaJpWp7
ZRP1JHcZih536xme+Q6/GWtOs6zJusi2952bj+It1IacOrG3u4Ktl53NNYxfLIi8
bRWFK4zUBCh3CBhcKDd4KR4zloNQg17NkcQt5K82l4kU8Eqvs3YaL01udQD7b/oL
BDx7UyKZJDns6w==
-----END CERTIFICATE-----