Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File:                     o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier:          23zt0GWClsEMEEVkKoga6c927Yli/onnrpdJ51Rl1E4=
Subject key identifier:   1B:78:24:74:7B:E4:05:BE:6B:A2:17:E2:BD:11:EA:10:81:D4:B6:95
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer:       /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial:       019752D8D77680503905A9BF25A657DFBCC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number:          1584
Signing time:             Mon 09 Jun 2025 04:00:31 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:31 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:31 +0000
Files and hashes:         1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=)
                          2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: wr/4wWGrx12MnUKn+xWQ4xZBFuuRl7wXSQdp6TVCeZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 04:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d8:d7:76:80:50:39:05:a9:bf:25:a6:57:df:bc:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
        Validity
            Not Before: Jun  9 04:00:31 2025 GMT
            Not After : Jun 10 04:00:31 2025 GMT
        Subject: CN=1b7824747be405be6ba217e2bd11ea1081d4b695
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:c8:b6:14:18:70:e3:7e:a2:67:76:cf:6f:6b:
                    42:a7:35:3c:12:d2:d3:f7:2a:aa:9a:c0:e2:07:f1:
                    ad:30:b4:1f:1e:ee:7c:f2:5a:25:08:df:32:cf:26:
                    55:18:0e:e4:d4:e2:bc:2a:23:85:a2:f8:c3:32:79:
                    4e:a1:a5:37:47:31:4e:27:01:82:eb:74:77:f9:3a:
                    a1:45:6f:c9:f3:8d:04:a8:d6:68:00:a3:92:4d:56:
                    b9:bf:ff:80:94:66:91:61:64:10:23:a4:2e:a2:7a:
                    1a:8b:b1:80:d8:1c:a3:58:1a:6a:3c:0d:37:9b:54:
                    db:83:6a:c9:7f:3d:7c:5c:7d:0e:67:c8:bb:25:de:
                    12:73:2f:90:81:76:94:c2:90:e7:4a:8c:77:22:2a:
                    cf:91:35:c1:3e:07:58:d0:2e:75:59:da:37:07:1f:
                    d0:80:f9:0c:4e:8a:27:b4:a7:31:76:e6:13:90:3d:
                    b5:35:a5:61:0d:b6:a6:7c:78:8a:75:1d:98:2d:f2:
                    96:68:c6:e5:77:18:fd:0b:93:92:45:6f:37:6d:d9:
                    3c:c7:1d:81:3e:b5:f8:a6:3b:37:53:e9:d8:bf:e8:
                    1c:b2:51:25:69:7c:fc:74:9b:04:a7:2c:f4:cf:66:
                    1e:aa:ac:72:16:1c:3d:23:0e:c9:05:52:7c:30:b4:
                    72:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:78:24:74:7B:E4:05:BE:6B:A2:17:E2:BD:11:EA:10:81:D4:B6:95
            X509v3 Authority Key Identifier:
                keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:b9:04:f3:d5:11:0c:66:4a:13:49:29:b1:6e:29:5e:57:27:
         e0:af:d4:a5:d1:e4:4e:1c:82:8e:5b:ce:e3:39:6b:15:b7:1c:
         8f:a4:f3:f8:7e:c2:95:62:07:dc:6d:c3:53:ff:37:aa:2e:77:
         f7:3e:08:78:ab:f6:ed:c2:78:01:67:e7:f9:cc:a3:00:5c:78:
         1a:95:8c:bd:e0:b8:ed:3a:d1:e5:14:c8:29:02:90:8a:c3:f5:
         77:2b:7f:76:0d:ef:a2:ec:02:0b:2d:95:86:ff:d5:38:e8:bb:
         83:86:ea:0a:0e:c5:20:ad:97:e5:9f:86:e1:17:e1:58:00:19:
         16:df:23:a5:61:6e:ea:72:a0:4e:1e:4a:2b:ef:5e:b8:ec:4d:
         69:df:9e:1f:4a:53:a4:43:39:ab:7d:76:21:7f:5a:65:55:40:
         86:f7:c6:10:24:94:5a:33:41:2b:d4:dd:a5:b2:90:55:26:41:
         ec:b7:b4:a4:5a:42:9d:46:ac:36:b9:01:d4:2f:4f:19:12:84:
         62:c9:76:94:f3:a3:98:ba:2d:c9:eb:a4:70:02:5d:ed:b2:ee:
         89:c1:b3:bd:cd:5e:60:0c:05:36:3d:5b:6f:65:ad:55:92:c8:
         6a:36:b1:32:af:37:77:b5:23:43:1c:b9:f6:08:b7:f1:59:49:
         69:35:df:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2Nd2gFA5Bam/JaZX37zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjUwNjA5MDQwMDMxWhcNMjUwNjEwMDQwMDMxWjAzMTEwLwYDVQQD
EygxYjc4MjQ3NDdiZTQwNWJlNmJhMjE3ZTJiZDExZWExMDgxZDRiNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsi2FBhw436iZ3bPb2tCpzU8EtLT
9yqqmsDiB/GtMLQfHu588lolCN8yzyZVGA7k1OK8KiOFovjDMnlOoaU3RzFOJwGC
63R3+TqhRW/J840EqNZoAKOSTVa5v/+AlGaRYWQQI6Quonoai7GA2ByjWBpqPA03
m1Tbg2rJfz18XH0OZ8i7Jd4Scy+QgXaUwpDnSox3IirPkTXBPgdY0C51Wdo3Bx/Q
gPkMToontKcxduYTkD21NaVhDbamfHiKdR2YLfKWaMbldxj9C5OSRW83bdk8xx2B
PrX4pjs3U+nYv+gcslElaXz8dJsEpyz0z2YeqqxyFhw9Iw7JBVJ8MLRyzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBt4JHR75AW+a6IX4r0R6hCB1LaVMB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsbkE89UR
DGZKE0kpsW4pXlcn4K/UpdHkThyCjlvO4zlrFbccj6Tz+H7ClWIH3G3DU/83qi53
9z4IeKv27cJ4AWfn+cyjAFx4GpWMveC47TrR5RTIKQKQisP1dyt/dg3vouwCCy2V
hv/VOOi7g4bqCg7FIK2X5Z+G4RfhWAAZFt8jpWFu6nKgTh5KK+9euOxNad+eH0pT
pEM5q312IX9aZVVAhvfGECSUWjNBK9TdpbKQVSZB7Le0pFpCnUasNrkB1C9PGRKE
Ysl2lPOjmLotyeukcAJd7bLuicGzvc1eYAwFNj1bb2WtVZLIajaxMq83d7UjQxy5
9gi38VlJaTXfFA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:40:40 2025 by rpki-client