Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
File:                     oiw84jcbnyHFfgw6V4fZWnNctQA.mft (raw, json)
Hash identifier:          N7w06SRSyL8DJc5x0jXc3dbhzDbHAg24Fb7tNiU6SB4=
Subject key identifier:   7C:A4:78:96:D0:DE:88:10:1D:E6:15:58:44:5B:09:3C:84:83:98:8C
Authority key identifier: A2:2C:3C:E2:37:1B:9F:21:C5:7E:0C:3A:57:87:D9:5A:73:5C:B5:00
Certificate issuer:       /CN=a22c3ce2371b9f21c57e0c3a5787d95a735cb500
Certificate serial:       0197597F95A00550169598B42218917AFFA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiw84jcbnyHFfgw6V4fZWnNctQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
Manifest number:          0F7F
Signing time:             Tue 10 Jun 2025 11:00:23 +0000
Manifest this update:     Tue 10 Jun 2025 11:00:23 +0000
Manifest next update:     Wed 11 Jun 2025 11:00:23 +0000
Files and hashes:         1: U4H4DXiB1R3t2sbazcIxIzp8LJM.roa (hash: d9YRAg9H/qZYSSHmjXFBkp2EkGuj36QH5Z/4fdmKOEA=)
                          2: oiw84jcbnyHFfgw6V4fZWnNctQA.crl (hash: SCtJnAiWMr56bQ3DuaEkgH9Q17wz+H6m1MFdlGKcGq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiw84jcbnyHFfgw6V4fZWnNctQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 11:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:7f:95:a0:05:50:16:95:98:b4:22:18:91:7a:ff:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a22c3ce2371b9f21c57e0c3a5787d95a735cb500
        Validity
            Not Before: Jun 10 11:00:23 2025 GMT
            Not After : Jun 11 11:00:23 2025 GMT
        Subject: CN=7ca47896d0de88101de61558445b093c8483988c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:91:b4:19:a3:9a:f4:85:d5:d8:28:4b:15:cb:
                    11:88:f7:70:a9:3b:c6:7f:94:5f:34:2f:a6:8e:d5:
                    44:0c:39:33:42:dc:f5:67:f6:54:55:60:d4:b8:99:
                    0a:db:d8:4f:1c:2e:66:e3:c3:25:53:5e:51:7b:09:
                    e7:9d:c6:fd:10:51:86:96:9c:2a:ad:e3:ac:03:b1:
                    3c:60:00:3c:8f:89:ea:f3:d3:19:43:68:27:c9:95:
                    17:61:3e:39:25:f7:41:1d:1c:10:2e:1f:ca:d1:58:
                    0b:e7:eb:e9:d4:50:f8:86:31:e0:08:e3:f6:af:a4:
                    d9:a8:8b:9d:88:ab:49:e9:8d:19:54:b4:81:1a:31:
                    60:80:f5:b7:a5:4b:a1:1f:b6:e7:ee:c7:f8:0c:63:
                    ec:a4:88:42:0d:00:f2:ea:6e:18:e5:b9:ff:94:00:
                    9e:52:c9:67:f2:f7:06:55:3b:61:9f:04:73:a4:30:
                    4f:a3:48:28:a2:ea:25:d5:c5:a4:6c:8d:80:85:79:
                    b9:81:b7:98:10:c3:35:e7:7e:ba:9d:29:c1:3d:ab:
                    a9:b5:74:d5:ed:13:68:a6:a5:cd:54:3d:5b:d3:a5:
                    21:60:47:e9:7b:c2:05:56:d0:6e:9f:ab:25:66:f5:
                    f1:d5:9e:4a:70:cb:92:69:e3:ed:99:ff:fa:d5:39:
                    5b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A4:78:96:D0:DE:88:10:1D:E6:15:58:44:5B:09:3C:84:83:98:8C
            X509v3 Authority Key Identifier:
                keyid:A2:2C:3C:E2:37:1B:9F:21:C5:7E:0C:3A:57:87:D9:5A:73:5C:B5:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiw84jcbnyHFfgw6V4fZWnNctQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:5f:47:ef:28:d1:68:2d:d4:d5:e6:cf:5c:c2:99:6a:04:11:
         e7:73:4f:4c:72:9a:11:dc:b2:52:92:f7:5f:09:ac:9c:e7:35:
         56:da:b0:12:25:02:72:b5:9c:ca:05:0a:45:46:6d:46:01:6d:
         c3:c4:ba:e4:6e:50:ab:f6:5d:2e:59:ff:dc:47:92:c4:c3:32:
         90:4a:b0:bc:aa:23:44:bf:31:b1:30:a3:fa:53:08:e6:1c:e4:
         e2:cc:07:5a:cb:f5:7c:df:f0:4b:c5:82:5c:f0:f1:12:24:df:
         31:22:ad:7e:ec:d0:03:a4:f8:a5:5f:c5:14:b4:f7:30:33:bc:
         2a:4a:e9:ca:10:6e:9d:08:bc:fe:f3:d0:df:c1:92:9e:bd:e2:
         0f:a7:d2:a3:5b:90:fa:6a:22:71:4c:00:05:2c:2d:b9:66:69:
         0e:4e:c2:18:e3:78:b8:42:75:3c:55:a5:8b:06:1f:3b:6a:03:
         71:a6:3a:e0:85:b8:05:dd:f7:7f:da:7f:2f:7e:6d:5d:4c:06:
         b0:80:32:a6:50:e6:12:e3:3e:2c:be:e4:45:c5:92:96:3a:6d:
         ee:39:e3:e8:cb:05:91:06:55:36:30:cc:3f:d6:83:df:6f:2d:
         d4:b8:ca:8f:10:4a:4f:63:2b:c5:c0:5e:f0:3f:e9:29:5e:0f:
         40:a3:bc:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZf5WgBVAWlZi0IhiRev+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMmMzY2UyMzcxYjlmMjFjNTdlMGMzYTU3ODdkOTVhNzM1
Y2I1MDAwHhcNMjUwNjEwMTEwMDIzWhcNMjUwNjExMTEwMDIzWjAzMTEwLwYDVQQD
Eyg3Y2E0Nzg5NmQwZGU4ODEwMWRlNjE1NTg0NDViMDkzYzg0ODM5ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpG0GaOa9IXV2ChLFcsRiPdwqTvG
f5RfNC+mjtVEDDkzQtz1Z/ZUVWDUuJkK29hPHC5m48MlU15Rewnnncb9EFGGlpwq
reOsA7E8YAA8j4nq89MZQ2gnyZUXYT45JfdBHRwQLh/K0VgL5+vp1FD4hjHgCOP2
r6TZqIudiKtJ6Y0ZVLSBGjFggPW3pUuhH7bn7sf4DGPspIhCDQDy6m4Y5bn/lACe
Usln8vcGVTthnwRzpDBPo0goouol1cWkbI2AhXm5gbeYEMM15366nSnBPauptXTV
7RNopqXNVD1b06UhYEfpe8IFVtBun6slZvXx1Z5KcMuSaePtmf/61TlbgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHykeJbQ3ogQHeYVWERbCTyEg5iMMB8GA1UdIwQY
MBaAFKIsPOI3G58hxX4MOleH2VpzXLUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2l3ODRqY2JueUhGZmd3NlY0ZlpXbk5jdFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81MDZlYzgtMTUwZi00Mjc1LWFjMDUt
MDUzOTNmMmIzYTQ3LzEvb2l3ODRqY2JueUhGZmd3NlY0ZlpXbk5jdFFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81MDZlYzgtMTUwZi00Mjc1LWFjMDUtMDUzOTNmMmIzYTQ3
LzEvb2l3ODRqY2JueUhGZmd3NlY0ZlpXbk5jdFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg19H7yjR
aC3U1ebPXMKZagQR53NPTHKaEdyyUpL3XwmsnOc1VtqwEiUCcrWcygUKRUZtRgFt
w8S65G5Qq/ZdLln/3EeSxMMykEqwvKojRL8xsTCj+lMI5hzk4swHWsv1fN/wS8WC
XPDxEiTfMSKtfuzQA6T4pV/FFLT3MDO8KkrpyhBunQi8/vPQ38GSnr3iD6fSo1uQ
+moicUwABSwtuWZpDk7CGON4uEJ1PFWliwYfO2oDcaY64IW4Bd33f9p/L35tXUwG
sIAyplDmEuM+LL7kRcWSljpt7jnj6MsFkQZVNjDMP9aD328t1LjKjxBKT2MrxcBe
8D/pKV4PQKO8NQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:40:11 2025 by rpki-client