Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          itDyW7ql5uVfbcOzYVcI/7lAf7bK9BK6JR9KoVVpqXc=
Subject key identifier:   56:87:7A:A9:73:33:65:85:6B:AE:8E:10:3D:1A:29:68:98:87:48:EB
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       0197B6A191EF073E4F2DDDCC4E509061B58E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          0511
Signing time:             Sat 28 Jun 2025 13:02:11 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:11 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:11 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: zvUrQhxNyph/vPR7gk5T3wvNyBSnI8UJf3GeEBENzSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:91:ef:07:3e:4f:2d:dd:cc:4e:50:90:61:b5:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Jun 28 13:02:11 2025 GMT
            Not After : Jun 29 13:02:11 2025 GMT
        Subject: CN=56877aa9733365856bae8e103d1a2968988748eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ac:f0:ea:7c:2c:03:37:90:77:35:f6:91:1c:
                    37:45:1a:e5:87:77:16:d6:e1:c0:5e:5a:3f:12:52:
                    90:5e:65:29:26:78:3c:47:ce:3b:ef:93:af:97:33:
                    14:48:ec:4f:3c:c3:44:b5:3b:35:1c:38:fa:0c:58:
                    91:e5:ef:6a:f4:e7:5a:39:e3:62:e2:65:e2:b6:01:
                    76:78:c2:af:de:4c:30:f2:93:29:aa:b7:c2:e4:88:
                    d1:aa:bf:53:eb:f2:27:91:9d:a4:18:4c:a6:a7:4b:
                    88:b3:58:0e:8f:2f:27:d4:47:b7:37:80:3b:89:1f:
                    25:18:c1:ac:6d:23:be:23:51:9c:b9:35:05:3b:09:
                    63:eb:3f:a1:d4:17:56:88:e1:88:47:1e:19:06:de:
                    e0:f7:64:d6:b4:cd:d5:de:8b:7e:19:37:cb:37:fc:
                    6a:2f:ef:83:ed:ba:74:c9:24:97:6a:19:5f:78:23:
                    9e:cc:26:33:f5:f5:e9:42:54:6f:ce:d7:ac:0a:cb:
                    b7:8a:e7:c7:2e:a5:59:73:6c:9c:5b:11:36:fc:06:
                    70:12:40:e8:28:c2:60:08:c2:57:14:77:3f:ac:39:
                    4b:f7:9b:f7:0e:31:8f:dc:4c:0f:41:b3:56:59:b2:
                    f1:f6:db:8b:b5:0d:9d:f3:82:97:c5:e1:81:fe:a4:
                    41:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:87:7A:A9:73:33:65:85:6B:AE:8E:10:3D:1A:29:68:98:87:48:EB
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:5c:cc:26:7d:90:67:a1:dc:87:a0:0b:26:f7:cf:45:ae:6e:
         5a:ad:7e:cd:89:3d:56:5c:bb:90:14:87:ce:8b:dd:50:ee:7c:
         c1:e4:d5:87:d5:08:d6:7d:c9:22:7b:45:28:24:c1:c5:44:33:
         94:08:db:20:13:82:f0:90:5f:45:9e:7b:fc:ea:65:b8:60:d8:
         15:83:64:ea:cf:f3:b1:31:a1:8e:2a:e0:f2:60:ca:a1:ed:43:
         38:44:99:6f:db:f2:a9:f7:7d:6c:b1:ba:be:51:b2:78:99:94:
         cd:52:84:91:86:32:b0:0d:e0:03:54:65:ab:1c:39:85:97:4e:
         72:07:1c:62:65:cc:22:b0:fb:7b:46:dc:d9:95:ad:38:95:7a:
         ea:ab:a7:b5:e9:14:81:2c:d7:2a:a0:e4:a2:46:49:16:fa:3d:
         9f:51:b4:4e:0d:56:ad:84:db:eb:bf:0d:0d:ec:17:a9:2a:8d:
         b7:ae:9e:13:7a:70:32:e5:3f:90:d7:3c:ac:f1:3c:0b:d5:15:
         1f:dd:c3:c6:5f:33:66:95:d8:6f:80:f2:5f:15:74:87:15:f5:
         36:88:4c:46:0c:22:df:51:63:52:1e:99:e8:ce:95:75:35:74:
         03:20:bb:e2:ad:d3:5c:28:9e:f1:dd:b6:46:49:36:89:39:89:
         25:52:c2:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZHvBz5PLd3MTlCQYbWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUwNjI4MTMwMjExWhcNMjUwNjI5MTMwMjExWjAzMTEwLwYDVQQD
Eyg1Njg3N2FhOTczMzM2NTg1NmJhZThlMTAzZDFhMjk2ODk4ODc0OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kzw6nwsAzeQdzX2kRw3RRrlh3cW
1uHAXlo/ElKQXmUpJng8R84775OvlzMUSOxPPMNEtTs1HDj6DFiR5e9q9OdaOeNi
4mXitgF2eMKv3kww8pMpqrfC5IjRqr9T6/InkZ2kGEymp0uIs1gOjy8n1Ee3N4A7
iR8lGMGsbSO+I1GcuTUFOwlj6z+h1BdWiOGIRx4ZBt7g92TWtM3V3ot+GTfLN/xq
L++D7bp0ySSXahlfeCOezCYz9fXpQlRvztesCsu3iufHLqVZc2ycWxE2/AZwEkDo
KMJgCMJXFHc/rDlL95v3DjGP3EwPQbNWWbLx9tuLtQ2d84KXxeGB/qRBNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaHeqlzM2WFa66OED0aKWiYh0jrMB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGFzMJn2Q
Z6Hch6ALJvfPRa5uWq1+zYk9Vly7kBSHzovdUO58weTVh9UI1n3JIntFKCTBxUQz
lAjbIBOC8JBfRZ57/OpluGDYFYNk6s/zsTGhjirg8mDKoe1DOESZb9vyqfd9bLG6
vlGyeJmUzVKEkYYysA3gA1Rlqxw5hZdOcgccYmXMIrD7e0bc2ZWtOJV66quntekU
gSzXKqDkokZJFvo9n1G0Tg1WrYTb678NDewXqSqNt66eE3pwMuU/kNc8rPE8C9UV
H93Dxl8zZpXYb4DyXxV0hxX1NohMRgwi31FjUh6Z6M6VdTV0AyC74q3TXCie8d22
Rkk2iTmJJVLC/A==
-----END CERTIFICATE-----