Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          f6dxSoZEnnklsDF+79hJ+kYmtlaKL668CC1v4KCZIcY=
Subject key identifier:   78:67:70:07:55:DB:75:49:D5:AE:65:58:DA:05:75:CF:78:96:C2:15
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       0196CBA9E1B5342403A082ABA8E2C3195796
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          0142
Signing time:             Tue 13 May 2025 22:00:30 +0000
Manifest this update:     Tue 13 May 2025 22:00:30 +0000
Manifest next update:     Wed 14 May 2025 22:00:30 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: Q4ztOxluBw664WbUmORl2XrffV+YcksKsv6SplyGpxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:a9:e1:b5:34:24:03:a0:82:ab:a8:e2:c3:19:57:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: May 13 22:00:30 2025 GMT
            Not After : May 14 22:00:30 2025 GMT
        Subject: CN=7867700755db7549d5ae6558da0575cf7896c215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:86:4c:7a:87:63:33:83:ee:f3:67:a1:13:e0:
                    64:7b:fa:bd:8b:6c:b4:62:63:a3:75:3d:c3:6f:80:
                    28:b2:51:e2:ab:ba:40:ab:43:a1:2f:ee:46:66:08:
                    83:99:62:e8:c5:de:67:22:3a:11:dc:44:a1:7c:5a:
                    63:d9:68:ee:e8:55:39:ab:70:f0:ab:b0:57:77:24:
                    f2:cd:3b:64:f6:dd:52:d2:5e:cb:5b:7f:ee:9a:6f:
                    e9:37:46:03:32:75:6a:a0:fe:6a:c2:1d:3a:01:ea:
                    35:ef:f2:5f:7f:f8:0f:db:d7:25:f8:60:f3:55:b1:
                    2d:08:f5:5b:20:1e:7c:a9:09:5d:62:84:8c:64:2d:
                    9a:fc:8e:23:3f:68:4b:1e:cb:63:06:d8:41:70:47:
                    22:64:96:76:3d:1b:35:df:d9:0a:15:6a:b1:c5:ed:
                    9c:fe:2a:14:7e:26:a5:33:64:c4:da:15:aa:3e:07:
                    67:ed:ad:5a:a9:b2:81:f1:0f:ad:e7:68:f8:98:fb:
                    fe:37:f8:e8:a4:b0:9c:ca:71:b7:08:2c:aa:06:b6:
                    0f:38:3f:be:6d:f2:be:f4:1a:38:71:f7:b2:86:0a:
                    b9:7d:b6:dd:46:2a:ff:20:d0:22:12:e3:c7:53:3c:
                    06:a1:e9:dc:b7:29:38:ef:8e:6c:5d:dd:64:94:e6:
                    74:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:67:70:07:55:DB:75:49:D5:AE:65:58:DA:05:75:CF:78:96:C2:15
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:1f:3d:fa:4f:57:c1:c4:c0:e5:3d:41:59:c0:64:09:b3:e0:
         02:50:95:9b:66:3e:b6:4a:b5:15:36:30:d0:ae:ee:35:e5:30:
         64:84:c6:8b:9c:4e:b0:19:fd:90:1d:d7:ab:29:1b:dd:93:0b:
         94:1d:e9:e7:94:74:7a:75:47:3b:2a:5a:18:5b:37:58:14:a6:
         f7:e1:9c:e0:2a:e6:61:7b:44:45:e1:5f:ab:45:1f:34:aa:ab:
         01:f7:08:0e:dd:93:89:7c:d1:53:3f:54:4e:c7:e6:01:ea:c4:
         ab:47:93:db:5f:80:3b:9c:2c:20:78:b8:0f:43:27:3a:2c:da:
         2d:75:47:68:1f:8a:9b:b3:20:da:e7:ad:23:e9:2e:47:03:32:
         ab:ec:07:22:65:66:d4:04:a7:9e:80:62:3a:05:26:c1:fc:90:
         4c:30:8e:b4:89:52:05:70:e2:1a:23:72:9b:e7:0f:87:30:8e:
         d7:0c:1e:21:2c:74:8b:e2:b0:44:a7:7c:de:ba:3f:8a:b4:3f:
         20:7f:75:61:57:4a:2e:23:e6:21:40:36:fa:e8:02:f6:33:38:
         8d:7c:fd:e4:58:ff:47:7e:34:a5:61:44:48:63:06:ac:a6:3f:
         61:d1:81:02:66:8d:23:36:cf:33:5d:ee:fd:4c:d0:d5:38:54:
         14:25:c3:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLqeG1NCQDoIKrqOLDGVeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjUwNTEzMjIwMDMwWhcNMjUwNTE0MjIwMDMwWjAzMTEwLwYDVQQD
Eyg3ODY3NzAwNzU1ZGI3NTQ5ZDVhZTY1NThkYTA1NzVjZjc4OTZjMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIZMeodjM4Pu82ehE+Bke/q9i2y0
YmOjdT3Db4AoslHiq7pAq0OhL+5GZgiDmWLoxd5nIjoR3EShfFpj2Wju6FU5q3Dw
q7BXdyTyzTtk9t1S0l7LW3/umm/pN0YDMnVqoP5qwh06Aeo17/Jff/gP29cl+GDz
VbEtCPVbIB58qQldYoSMZC2a/I4jP2hLHstjBthBcEciZJZ2PRs139kKFWqxxe2c
/ioUfialM2TE2hWqPgdn7a1aqbKB8Q+t52j4mPv+N/jopLCcynG3CCyqBrYPOD++
bfK+9Bo4cfeyhgq5fbbdRir/INAiEuPHUzwGoenctyk4745sXd1klOZ0KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhncAdV23VJ1a5lWNoFdc94lsIVMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQx89+k9X
wcTA5T1BWcBkCbPgAlCVm2Y+tkq1FTYw0K7uNeUwZITGi5xOsBn9kB3Xqykb3ZML
lB3p55R0enVHOypaGFs3WBSm9+Gc4CrmYXtEReFfq0UfNKqrAfcIDt2TiXzRUz9U
TsfmAerEq0eT21+AO5wsIHi4D0MnOizaLXVHaB+Km7Mg2uetI+kuRwMyq+wHImVm
1ASnnoBiOgUmwfyQTDCOtIlSBXDiGiNym+cPhzCO1wweISx0i+KwRKd83ro/irQ/
IH91YVdKLiPmIUA2+ugC9jM4jXz95Fj/R340pWFESGMGrKY/YdGBAmaNIzbPM13u
/UzQ1ThUFCXDtQ==
-----END CERTIFICATE-----