Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
File:                     OBXtD6YgyAGqqabxT2WW1-yXUKE.mft (raw, json)
Hash identifier:          CMFv5KN6aQfx92nbCV9TimO/YBCisUyG8ZZa7VQjUcg=
Subject key identifier:   F5:62:19:38:B3:96:76:E4:3B:2F:4A:EA:6E:9D:2E:91:B2:29:2A:FF
Authority key identifier: 38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
Certificate issuer:       /CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Certificate serial:       01975A24852A76F0FF1CA2864A37D5A339AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
Manifest number:          1587
Signing time:             Tue 10 Jun 2025 14:00:31 +0000
Manifest this update:     Tue 10 Jun 2025 14:00:31 +0000
Manifest next update:     Wed 11 Jun 2025 14:00:31 +0000
Files and hashes:         1: OBXtD6YgyAGqqabxT2WW1-yXUKE.crl (hash: 6U2qTew2bpz3JrIGmTYrpB6No3wmZA+hs26AJ2eWKSs=)
                          2: u-w9Flj7fkevQpf-dpXISzIby2Y.roa (hash: +ftWzfsK6bMqWx5+3ThvbgDjBdiFZmrC2eI3EPi2YVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:24:85:2a:76:f0:ff:1c:a2:86:4a:37:d5:a3:39:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
        Validity
            Not Before: Jun 10 14:00:31 2025 GMT
            Not After : Jun 11 14:00:31 2025 GMT
        Subject: CN=f5621938b39676e43b2f4aea6e9d2e91b2292aff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:65:73:a1:b0:8c:4e:7a:94:49:83:9a:7d:66:
                    bf:3f:c1:04:d0:d1:a6:1c:9d:47:28:50:bd:7a:99:
                    23:c5:2d:ab:3c:43:ec:d7:3b:c3:3d:a4:e2:69:2a:
                    5f:39:d3:9c:fa:a6:c7:80:1f:74:65:f0:95:27:12:
                    fa:68:9b:06:a6:78:8c:91:50:54:fa:ea:0f:f5:6e:
                    98:c1:eb:24:a8:e1:e9:15:a1:1e:89:00:0a:48:63:
                    0e:f2:fb:05:19:3d:a5:ff:36:eb:0f:38:6e:fd:b3:
                    b5:16:a3:de:94:93:80:e0:92:6a:ed:6e:5e:6b:fd:
                    82:17:5b:71:e2:1e:f5:ae:88:a4:1d:0b:05:9a:00:
                    95:3a:48:ec:e5:d4:34:4b:b7:ba:9e:a9:e7:c0:d7:
                    ae:f7:8a:ef:96:67:70:8f:78:11:a5:c0:f8:f1:b1:
                    8e:4e:04:d5:d2:13:52:aa:5a:f9:69:98:ac:f6:19:
                    44:ec:8d:2b:c9:bd:75:d2:7d:5c:dd:1d:3f:c6:e7:
                    57:db:81:c1:ae:7b:e6:41:08:8a:4f:67:16:31:bf:
                    71:e7:02:3c:a7:a3:9e:8a:ef:33:c4:e1:e2:f3:fb:
                    66:44:69:7b:a9:c6:b9:fa:02:10:10:93:07:23:23:
                    b1:65:4f:b3:67:6d:be:b9:c3:af:24:08:9a:e0:bb:
                    a3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:62:19:38:B3:96:76:E4:3B:2F:4A:EA:6E:9D:2E:91:B2:29:2A:FF
            X509v3 Authority Key Identifier:
                keyid:38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:56:f2:42:ff:58:c9:6b:f2:bd:88:b1:f4:b5:05:f0:90:18:
         78:81:3f:61:c8:14:61:7f:22:d1:32:43:b3:60:bb:bc:f9:a4:
         9c:03:25:c3:b8:00:d3:2a:9f:9a:74:ef:4a:9c:10:30:4c:8f:
         bb:19:18:cc:f5:1d:ec:d4:63:8c:ac:23:b0:03:4d:1d:5c:03:
         b6:75:1d:49:f8:98:4e:64:cb:b3:0b:6d:76:20:f1:47:d4:b1:
         14:13:03:76:90:41:c8:14:4e:81:ca:d6:e0:da:d5:30:b9:3b:
         08:0e:a5:d1:74:be:11:f0:b2:2e:7b:8c:3c:79:95:b7:61:9b:
         5c:e4:bc:a3:f6:2f:fb:57:57:52:ff:91:a3:81:4a:8f:22:1f:
         87:3a:d1:df:bf:2b:f0:d4:e6:86:44:43:51:4b:4b:93:55:ed:
         81:4f:aa:39:81:bd:94:1c:ca:8c:49:10:57:58:6b:35:8b:2d:
         6d:5c:87:49:e1:7b:7e:f2:c0:b7:b5:cb:8b:6e:19:82:74:b0:
         34:68:b4:77:8d:98:48:f8:17:6f:e2:d4:8e:f1:12:ac:79:03:
         a4:4f:f9:2a:bb:2e:56:fc:70:d9:ea:6e:49:1a:25:56:d3:aa:
         43:22:26:6c:5e:3d:06:bc:48:de:b3:5b:71:45:13:76:0b:a8:
         ef:31:a3:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaJIUqdvD/HKKGSjfVozmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTVlZDBmYTYyMGM4MDFhYWE5YTZmMTRmNjU5NmQ3ZWM5
NzUwYTEwHhcNMjUwNjEwMTQwMDMxWhcNMjUwNjExMTQwMDMxWjAzMTEwLwYDVQQD
EyhmNTYyMTkzOGIzOTY3NmU0M2IyZjRhZWE2ZTlkMmU5MWIyMjkyYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2VzobCMTnqUSYOafWa/P8EE0NGm
HJ1HKFC9epkjxS2rPEPs1zvDPaTiaSpfOdOc+qbHgB90ZfCVJxL6aJsGpniMkVBU
+uoP9W6YweskqOHpFaEeiQAKSGMO8vsFGT2l/zbrDzhu/bO1FqPelJOA4JJq7W5e
a/2CF1tx4h71roikHQsFmgCVOkjs5dQ0S7e6nqnnwNeu94rvlmdwj3gRpcD48bGO
TgTV0hNSqlr5aZis9hlE7I0ryb110n1c3R0/xudX24HBrnvmQQiKT2cWMb9x5wI8
p6Oeiu8zxOHi8/tmRGl7qca5+gIQEJMHIyOxZU+zZ22+ucOvJAia4LujDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPViGTizlnbkOy9K6m6dLpGyKSr/MB8GA1UdIwQY
MBaAFDgV7Q+mIMgBqqmm8U9lltfsl1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQt
ZjM1YTQ0NTYzNWNhLzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQtZjM1YTQ0NTYzNWNh
LzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArlbyQv9Y
yWvyvYix9LUF8JAYeIE/YcgUYX8i0TJDs2C7vPmknAMlw7gA0yqfmnTvSpwQMEyP
uxkYzPUd7NRjjKwjsANNHVwDtnUdSfiYTmTLswttdiDxR9SxFBMDdpBByBROgcrW
4NrVMLk7CA6l0XS+EfCyLnuMPHmVt2GbXOS8o/Yv+1dXUv+Ro4FKjyIfhzrR378r
8NTmhkRDUUtLk1XtgU+qOYG9lBzKjEkQV1hrNYstbVyHSeF7fvLAt7XLi24ZgnSw
NGi0d42YSPgXb+LUjvESrHkDpE/5KrsuVvxw2epuSRolVtOqQyImbF49BrxI3rNb
cUUTdguo7zGjJw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:38:46 2025 by rpki-client