Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          mfgqVMpK8BKXWEaHnFD5zylX6hgiatXP2MdWqqCrf4E=
Subject key identifier:   EB:4A:02:F6:14:B7:CD:53:EB:12:3B:A9:67:0A:27:BC:A7:0B:80:DD
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       01975E38C974BD64BE617B36AF19F263ADB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1583
Signing time:             Wed 11 Jun 2025 09:01:09 +0000
Manifest this update:     Wed 11 Jun 2025 09:01:09 +0000
Manifest next update:     Thu 12 Jun 2025 09:01:09 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: hjAekQA+7rRbEjO15LOimNubobAFU4UyC+GKT9kwSp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:c9:74:bd:64:be:61:7b:36:af:19:f2:63:ad:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Jun 11 09:01:09 2025 GMT
            Not After : Jun 12 09:01:09 2025 GMT
        Subject: CN=eb4a02f614b7cd53eb123ba9670a27bca70b80dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d2:20:82:2a:f2:ad:d8:73:83:08:02:13:95:
                    14:bc:a1:ee:d0:69:26:88:e0:90:0e:31:71:51:dd:
                    0a:d5:03:61:a9:84:f4:1c:ec:c6:22:ad:90:7e:84:
                    67:46:fa:4a:0c:90:bb:fa:92:7e:c0:58:9b:e6:42:
                    b3:d3:2e:00:6f:6a:09:85:2d:48:fc:3f:7c:cb:61:
                    34:2c:95:ec:ce:0d:f1:2b:9a:2c:09:3c:50:d3:15:
                    f0:54:37:90:5c:bc:de:ac:f4:61:13:7d:cd:13:ec:
                    e0:6a:57:2d:9a:88:64:eb:ad:99:2d:63:c4:ce:eb:
                    d8:bf:52:96:30:13:4e:ad:37:8b:29:52:4e:7f:04:
                    4d:d0:13:c6:11:10:8a:f3:16:7f:2e:05:1c:ab:24:
                    5a:92:43:85:31:10:38:ea:6d:56:21:15:aa:95:59:
                    05:62:4d:a8:ac:eb:11:3f:2d:06:4f:40:44:0b:4a:
                    47:f0:ad:30:6d:06:3e:18:f9:e1:08:52:77:ea:a6:
                    74:1b:d9:e3:63:ab:74:8f:b7:a8:7b:a6:bb:5b:97:
                    e7:15:ca:83:3a:5a:26:e9:42:94:c0:05:35:0b:58:
                    9a:02:be:73:8d:93:fe:99:34:c1:24:2d:c4:16:9c:
                    6d:68:6f:b9:92:6f:a2:6e:93:e7:36:06:76:c6:2b:
                    99:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:4A:02:F6:14:B7:CD:53:EB:12:3B:A9:67:0A:27:BC:A7:0B:80:DD
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:c0:3a:8d:30:a2:3e:c7:e1:cc:71:16:e7:b0:f9:98:8b:68:
         d2:ca:d0:e5:e7:e1:be:c3:34:b9:67:e8:14:d5:0f:d8:da:63:
         28:16:46:4c:ea:a6:eb:df:43:f5:ab:e2:42:e9:f8:95:2f:e5:
         7f:2d:32:8c:d5:a9:2d:07:86:c8:3e:29:62:89:3a:e8:71:83:
         1e:b3:fc:2b:a7:1e:36:16:f8:79:d6:d0:6b:8f:0d:1c:17:68:
         47:05:a9:29:1a:a2:f2:ff:3f:a1:79:df:bc:6b:c4:74:e2:7d:
         22:83:55:c6:c5:86:7f:fe:ce:3d:9d:7f:84:0e:40:3d:df:56:
         ab:be:13:16:07:7d:e7:11:cf:1a:63:a5:0d:6c:8f:ef:5e:65:
         ca:3d:fd:23:97:2a:38:97:af:6b:55:31:20:19:82:f2:6b:56:
         0b:98:63:0f:b0:5f:42:20:4f:7f:4f:b5:8c:61:bf:19:ce:58:
         8a:4f:33:55:4f:7d:ff:26:be:8c:06:5f:71:76:7e:96:2d:28:
         85:24:ff:d3:01:32:7d:4f:44:50:2e:47:a8:ed:05:dc:1a:7e:
         86:61:a1:e3:7a:b0:f4:55:09:ea:7f:03:7f:32:10:23:86:23:
         95:90:8d:65:83:5e:31:26:26:75:bb:bb:64:ae:6d:80:de:24:
         c7:8c:2d:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOMl0vWS+YXs2rxnyY625MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwNjExMDkwMTA5WhcNMjUwNjEyMDkwMTA5WjAzMTEwLwYDVQQD
EyhlYjRhMDJmNjE0YjdjZDUzZWIxMjNiYTk2NzBhMjdiY2E3MGI4MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9IggiryrdhzgwgCE5UUvKHu0Gkm
iOCQDjFxUd0K1QNhqYT0HOzGIq2QfoRnRvpKDJC7+pJ+wFib5kKz0y4Ab2oJhS1I
/D98y2E0LJXszg3xK5osCTxQ0xXwVDeQXLzerPRhE33NE+zgalctmohk662ZLWPE
zuvYv1KWMBNOrTeLKVJOfwRN0BPGERCK8xZ/LgUcqyRakkOFMRA46m1WIRWqlVkF
Yk2orOsRPy0GT0BEC0pH8K0wbQY+GPnhCFJ36qZ0G9njY6t0j7eoe6a7W5fnFcqD
Olom6UKUwAU1C1iaAr5zjZP+mTTBJC3EFpxtaG+5km+ibpPnNgZ2xiuZVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtKAvYUt81T6xI7qWcKJ7ynC4DdMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMA6jTCi
PsfhzHEW57D5mIto0srQ5efhvsM0uWfoFNUP2NpjKBZGTOqm699D9aviQun4lS/l
fy0yjNWpLQeGyD4pYok66HGDHrP8K6ceNhb4edbQa48NHBdoRwWpKRqi8v8/oXnf
vGvEdOJ9IoNVxsWGf/7OPZ1/hA5APd9Wq74TFgd95xHPGmOlDWyP715lyj39I5cq
OJeva1UxIBmC8mtWC5hjD7BfQiBPf0+1jGG/Gc5Yik8zVU99/ya+jAZfcXZ+li0o
hST/0wEyfU9EUC5HqO0F3Bp+hmGh43qw9FUJ6n8DfzIQI4YjlZCNZYNeMSYmdbu7
ZK5tgN4kx4wt4w==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:30:04 2025 by rpki-client