Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          Lo6FpOQDHc/gtg0/IiKuj+Fod9n+H41mLT5Vg8WPtb0=
Subject key identifier:   96:95:7E:00:0E:C6:1D:E0:98:AF:E3:51:2B:08:89:16:85:EA:A1:2C
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       0199FC8F8E0F0C8C2E1D851CD647FE646AFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          02E9
Signing time:             Sun 19 Oct 2025 13:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:30 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: N89F/7LjI9/r7ijCGPp9FvGCvBeX0/2mO1a9gtb3TFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:8e:0f:0c:8c:2e:1d:85:1c:d6:47:fe:64:6a:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Oct 19 13:01:30 2025 GMT
            Not After : Oct 20 13:01:30 2025 GMT
        Subject: CN=96957e000ec61de098afe3512b08891685eaa12c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5f:a9:7e:80:6e:99:b7:a7:77:c7:c7:c5:3d:
                    c5:bd:f3:71:25:6f:8c:1b:59:98:e0:c5:98:b8:4f:
                    c1:94:43:32:8f:a3:09:47:b9:04:a8:64:df:4e:f5:
                    52:68:d9:69:7e:e3:20:08:a8:60:70:8b:28:ae:2c:
                    3c:38:c9:b6:05:f7:0c:ef:fc:0f:b0:80:ef:dc:bb:
                    4a:d2:6a:a6:c8:c5:7a:d6:46:5e:47:fc:19:b8:d4:
                    56:83:ef:8c:95:df:9c:59:28:80:7b:ff:28:2d:e7:
                    e2:de:c7:52:99:06:6c:86:3a:b7:9d:03:4d:e3:01:
                    e7:fa:26:e4:ea:ea:b9:f9:a0:0b:61:c5:cc:88:a3:
                    8b:6a:6a:e4:51:2c:4f:f5:da:32:7c:c8:ae:a1:2a:
                    2f:c7:c7:91:42:77:60:f4:c5:14:2d:86:e0:98:6d:
                    a4:0a:ac:de:4b:af:a4:62:58:25:7b:87:18:ac:ec:
                    fc:22:8d:4a:ee:73:b4:d7:4d:5f:7e:00:ce:a1:88:
                    70:77:d4:e2:01:b0:7e:d5:13:3d:a3:b1:fa:62:88:
                    ab:65:3a:e3:53:40:1d:fe:22:83:80:c2:b7:95:2b:
                    2a:21:05:e0:1d:89:0b:2b:ce:a1:48:67:1f:a4:a7:
                    a5:23:57:90:d7:b3:94:2a:a8:8a:d5:a4:cc:95:14:
                    3c:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:95:7E:00:0E:C6:1D:E0:98:AF:E3:51:2B:08:89:16:85:EA:A1:2C
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:3e:db:04:68:23:2d:0a:15:29:2d:2d:8a:f3:6d:a0:15:89:
         96:ae:24:58:ae:da:ca:33:44:6b:c9:4e:ab:fa:d8:2e:7f:c2:
         c5:b1:82:6d:93:fe:bc:7c:b7:a1:7d:5b:89:ae:ce:3c:b9:7e:
         82:7d:39:de:3b:7b:62:6e:a1:40:e9:85:52:85:07:29:37:51:
         7b:bd:5a:b7:59:f9:6d:94:25:60:94:ef:43:28:13:be:b1:96:
         40:50:4d:20:03:55:73:31:d4:ff:7b:63:32:e1:2b:ba:76:f8:
         62:34:6c:63:54:b6:34:08:d5:ba:95:5b:3c:59:37:58:fc:06:
         dc:7d:13:19:fc:8e:74:43:e6:7a:f9:d9:a9:3a:2d:2f:b8:aa:
         cb:f1:a6:dc:a6:44:41:95:6e:81:9a:22:90:f3:b7:52:64:8e:
         e0:74:2b:e9:d2:50:50:05:f2:9e:2d:4b:9a:5c:8b:78:01:14:
         e5:9a:74:ea:f4:37:f8:b6:40:41:81:23:c4:86:09:6c:11:48:
         b5:0e:f4:ad:7b:c8:de:9a:ba:44:b6:7f:8d:b1:01:ae:69:a8:
         61:d8:22:81:89:68:a8:d8:d4:bb:dc:7a:58:64:60:4b:d5:fd:
         08:6e:e8:4d:91:90:db:e7:77:af:dd:cd:ec:1a:c8:f4:a1:e2:
         00:c3:ca:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j44PDIwuHYUc1kf+ZGr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUxMDE5MTMwMTMwWhcNMjUxMDIwMTMwMTMwWjAzMTEwLwYDVQQD
Eyg5Njk1N2UwMDBlYzYxZGUwOThhZmUzNTEyYjA4ODkxNjg1ZWFhMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF+pfoBumbend8fHxT3FvfNxJW+M
G1mY4MWYuE/BlEMyj6MJR7kEqGTfTvVSaNlpfuMgCKhgcIsoriw8OMm2BfcM7/wP
sIDv3LtK0mqmyMV61kZeR/wZuNRWg++Mld+cWSiAe/8oLefi3sdSmQZshjq3nQNN
4wHn+ibk6uq5+aALYcXMiKOLamrkUSxP9doyfMiuoSovx8eRQndg9MUULYbgmG2k
CqzeS6+kYlgle4cYrOz8Io1K7nO0101ffgDOoYhwd9TiAbB+1RM9o7H6YoirZTrj
U0Ad/iKDgMK3lSsqIQXgHYkLK86hSGcfpKelI1eQ17OUKqiK1aTMlRQ8pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJaVfgAOxh3gmK/jUSsIiRaF6qEsMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADz7bBGgj
LQoVKS0tivNtoBWJlq4kWK7ayjNEa8lOq/rYLn/CxbGCbZP+vHy3oX1bia7OPLl+
gn053jt7Ym6hQOmFUoUHKTdRe71at1n5bZQlYJTvQygTvrGWQFBNIANVczHU/3tj
MuErunb4YjRsY1S2NAjVupVbPFk3WPwG3H0TGfyOdEPmevnZqTotL7iqy/Gm3KZE
QZVugZoikPO3UmSO4HQr6dJQUAXyni1LmlyLeAEU5Zp06vQ3+LZAQYEjxIYJbBFI
tQ70rXvI3pq6RLZ/jbEBrmmoYdgigYloqNjUu9x6WGRgS9X9CG7oTZGQ2+d3r93N
7BrI9KHiAMPKaA==
-----END CERTIFICATE-----