Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
File:                     k0F7oKbrs_OxuCr3UPviioakGzU.mft (raw, json)
Hash identifier:          Qr92Iq5tmh8B8jb2XRAKBEnND2mf0TSzd2nIF1BK+/U=
Subject key identifier:   1D:3D:7A:DD:7B:E3:D8:E3:01:B4:78:67:63:2E:96:DC:4C:0B:F5:E2
Authority key identifier: 93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35
Certificate issuer:       /CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
Certificate serial:       01975422F671925D5B65340C31D7A355270F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
Manifest number:          08A3
Signing time:             Mon 09 Jun 2025 10:01:06 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:06 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:06 +0000
Files and hashes:         1: k0F7oKbrs_OxuCr3UPviioakGzU.crl (hash: xC09vRCDmMHhhs8qQH1SWFPRv2BXPCLqa6d2zFdqgAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:f6:71:92:5d:5b:65:34:0c:31:d7:a3:55:27:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
        Validity
            Not Before: Jun  9 10:01:06 2025 GMT
            Not After : Jun 10 10:01:06 2025 GMT
        Subject: CN=1d3d7add7be3d8e301b47867632e96dc4c0bf5e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:dc:35:7a:c4:6d:b9:1e:6f:c0:55:21:04:b7:
                    2f:e8:d7:4d:0a:92:9d:99:e1:04:b1:05:65:95:8a:
                    92:e4:5b:29:42:a2:a5:1a:82:b0:d7:40:88:b7:97:
                    68:c6:10:83:c8:fa:a4:58:7d:35:b3:0a:a8:01:02:
                    ed:d0:77:91:e7:79:fd:df:a6:31:fa:1d:5f:db:02:
                    45:89:00:51:57:de:4f:62:a1:04:56:e8:68:d3:82:
                    ab:d5:c1:13:ea:37:44:f1:c4:4b:c5:b4:91:c2:3d:
                    47:80:69:28:71:45:01:7a:48:08:0b:83:72:89:de:
                    89:e5:d1:fa:54:3f:d8:97:38:38:44:8a:8c:56:81:
                    55:ba:db:35:12:18:e9:bb:fa:a5:5b:c9:c1:c2:1b:
                    42:e9:3f:36:90:48:93:34:42:b5:63:0e:81:9e:03:
                    58:3b:61:5c:c6:65:e4:2b:2f:de:63:61:68:46:89:
                    b4:3e:84:75:fa:42:51:ce:96:e7:17:74:ec:b5:95:
                    ec:dd:62:7e:af:b9:0c:ce:b7:bb:6c:a9:51:9b:ff:
                    81:f1:8a:68:a1:53:b7:05:11:6f:4d:ba:c2:d1:12:
                    0d:f5:e0:dd:b5:c0:c0:42:02:bc:4a:ad:69:a6:1d:
                    ae:4b:2d:02:46:2c:40:59:e2:a8:4a:0d:02:36:4a:
                    1f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:3D:7A:DD:7B:E3:D8:E3:01:B4:78:67:63:2E:96:DC:4C:0B:F5:E2
            X509v3 Authority Key Identifier:
                keyid:93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:54:83:b7:7d:87:fe:c4:7a:61:f0:7d:84:ab:d9:99:7d:56:
         41:18:95:a8:7d:c2:c4:8b:e5:b5:40:ff:d2:9f:e9:eb:e3:a7:
         09:be:bd:99:88:18:59:9b:a4:47:48:0e:ee:50:b8:57:84:b8:
         8f:68:9d:02:1b:4f:15:57:1a:5b:cc:a7:77:d8:b9:d4:0b:70:
         81:ce:87:87:13:76:3e:87:b4:89:27:17:b2:b5:bd:bb:42:65:
         f4:e8:c1:7f:54:a4:38:8b:6a:4f:f7:05:7a:2a:fb:fd:b4:08:
         6f:c8:96:2e:10:ff:94:b6:dc:42:a4:78:f9:8b:7b:45:d9:91:
         43:54:dd:17:75:37:47:c9:13:c2:af:5f:59:27:ad:7f:3f:7f:
         35:27:da:ba:74:94:91:ad:0d:ec:1d:b9:e9:29:71:13:60:aa:
         be:2c:52:bb:26:fe:1c:bc:d0:25:48:9e:b1:ca:52:4f:4e:87:
         45:42:9c:05:e1:cd:d4:94:8c:2f:cb:7f:56:d1:88:7e:28:9c:
         49:ed:12:e0:3b:b9:1f:f8:8b:cb:b7:ab:91:fc:11:b6:fd:04:
         87:ba:be:1d:d3:f2:ff:e3:e1:05:b9:02:36:cf:0f:3a:90:e6:
         2e:2c:4a:14:6c:49:91:67:5d:69:33:6e:ee:23:1b:28:f8:2d:
         44:ad:fe:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIvZxkl1bZTQMMdejVScPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNDE3YmEwYTZlYmIzZjNiMWI4MmFmNzUwZmJlMjhhODZh
NDFiMzUwHhcNMjUwNjA5MTAwMTA2WhcNMjUwNjEwMTAwMTA2WjAzMTEwLwYDVQQD
EygxZDNkN2FkZDdiZTNkOGUzMDFiNDc4Njc2MzJlOTZkYzRjMGJmNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69w1esRtuR5vwFUhBLcv6NdNCpKd
meEEsQVllYqS5FspQqKlGoKw10CIt5doxhCDyPqkWH01swqoAQLt0HeR53n936Yx
+h1f2wJFiQBRV95PYqEEVuho04Kr1cET6jdE8cRLxbSRwj1HgGkocUUBekgIC4Ny
id6J5dH6VD/Ylzg4RIqMVoFVuts1Ehjpu/qlW8nBwhtC6T82kEiTNEK1Yw6BngNY
O2FcxmXkKy/eY2FoRom0PoR1+kJRzpbnF3TstZXs3WJ+r7kMzre7bKlRm/+B8Ypo
oVO3BRFvTbrC0RIN9eDdtcDAQgK8Sq1pph2uSy0CRixAWeKoSg0CNkofKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB09et1749jjAbR4Z2MultxMC/XiMB8GA1UdIwQY
MBaAFJNBe6Cm67Pzsbgq91D74oqGpBs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMt
NzI4ZmQ2YmFiYWZmLzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMtNzI4ZmQ2YmFiYWZm
LzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp1SDt32H
/sR6YfB9hKvZmX1WQRiVqH3CxIvltUD/0p/p6+OnCb69mYgYWZukR0gO7lC4V4S4
j2idAhtPFVcaW8ynd9i51Atwgc6HhxN2Poe0iScXsrW9u0Jl9OjBf1SkOItqT/cF
eir7/bQIb8iWLhD/lLbcQqR4+Yt7RdmRQ1TdF3U3R8kTwq9fWSetfz9/NSfaunSU
ka0N7B256SlxE2CqvixSuyb+HLzQJUiescpST06HRUKcBeHN1JSML8t/VtGIfiic
Se0S4Du5H/iLy7erkfwRtv0Eh7q+HdPy/+PhBbkCNs8POpDmLixKFGxJkWddaTNu
7iMbKPgtRK3+eg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:44:29 2025 by rpki-client