Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
File:                     k0F7oKbrs_OxuCr3UPviioakGzU.mft (raw, json)
Hash identifier:          Kpns+IgQsZe7IvYwDTaUVd3bS4Ruj3H01/HKyjUSlc8=
Subject key identifier:   0A:0E:2E:4F:30:D3:FA:CB:E2:03:F6:9B:16:87:97:30:06:F8:38:8A
Authority key identifier: 93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35
Certificate issuer:       /CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
Certificate serial:       01975DCAF2BFE2BF27FAFD7100F05AFAC9FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
Manifest number:          08A8
Signing time:             Wed 11 Jun 2025 07:01:10 +0000
Manifest this update:     Wed 11 Jun 2025 07:01:10 +0000
Manifest next update:     Thu 12 Jun 2025 07:01:10 +0000
Files and hashes:         1: k0F7oKbrs_OxuCr3UPviioakGzU.crl (hash: acXEBefAQkoRp9UN1e3QwMs9zTB5lgbLLKYcfdZmLJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:ca:f2:bf:e2:bf:27:fa:fd:71:00:f0:5a:fa:c9:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
        Validity
            Not Before: Jun 11 07:01:10 2025 GMT
            Not After : Jun 12 07:01:10 2025 GMT
        Subject: CN=0a0e2e4f30d3facbe203f69b1687973006f8388a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5f:2a:4a:9d:a0:96:17:11:f6:60:33:a8:b1:
                    d7:0c:8d:13:4f:01:ba:79:53:4e:c0:6b:55:02:c6:
                    38:19:1f:bc:af:96:7c:4a:47:01:71:26:97:05:90:
                    af:d7:d0:01:b5:e3:00:58:23:c5:a9:68:cc:ef:b0:
                    e7:60:ea:a2:db:bc:ca:cd:16:76:8e:ed:16:97:b4:
                    68:5a:40:06:9e:11:45:25:5e:fa:dd:b3:c5:50:a8:
                    0e:b2:d6:f7:db:a6:87:7e:50:3d:68:7f:dc:e1:3e:
                    39:76:5e:e2:46:f9:4b:57:1a:f4:3d:90:f1:64:7c:
                    49:e6:1a:a9:f1:6b:fa:92:fe:14:fa:4c:f7:6e:a6:
                    22:79:b3:95:1f:f6:d4:9b:58:cb:80:f0:77:28:ec:
                    39:21:2e:f6:32:4c:3a:26:3c:de:72:52:33:81:6c:
                    8e:5b:70:ae:75:d7:37:f3:36:ca:c4:a6:81:c6:4a:
                    7e:d1:81:98:78:f7:dc:7d:13:a7:b0:81:c1:35:4f:
                    88:16:62:3b:86:46:7b:86:23:e2:b7:c1:04:bf:ae:
                    c4:f1:75:a0:04:83:38:54:5d:df:d9:36:72:5e:aa:
                    08:06:0d:95:de:25:67:74:45:d6:08:b0:62:74:0e:
                    8b:6c:b4:74:a3:b4:bb:32:aa:7f:75:f4:94:2f:6b:
                    26:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:0E:2E:4F:30:D3:FA:CB:E2:03:F6:9B:16:87:97:30:06:F8:38:8A
            X509v3 Authority Key Identifier:
                keyid:93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:cc:e3:3b:1f:06:9d:20:17:a1:6a:e4:f4:2b:02:48:be:9e:
         ac:7d:6e:d9:ca:5d:f6:27:4e:cc:9c:05:5a:c0:8d:68:11:cd:
         b6:5d:58:40:04:34:18:27:ae:11:5c:c9:1e:29:ae:23:01:4e:
         4e:9b:23:5e:bf:58:68:c4:23:b3:7b:19:f7:21:8a:27:21:88:
         72:ce:14:09:cf:5f:57:73:ee:02:57:0d:5d:9e:fa:0c:f0:3a:
         a4:e0:09:b8:fd:39:fa:d0:e2:3a:54:e2:58:03:82:b0:4e:1a:
         54:fb:86:47:a7:00:cd:f7:e3:a4:10:06:0a:11:1c:dc:40:28:
         83:bf:50:38:5e:9c:05:00:3e:e8:20:a6:74:c3:68:35:81:68:
         ab:0a:9e:a8:99:b5:51:89:c3:91:be:e2:33:39:c5:ba:3c:c8:
         4f:e7:20:28:5b:24:ca:6b:31:13:bf:67:46:fc:55:fc:8b:79:
         1f:a5:88:4c:d2:6b:84:55:aa:80:12:2f:90:d1:32:68:df:5c:
         56:64:ee:46:61:90:83:f0:ac:a2:a2:ef:d2:52:df:1c:76:62:
         49:bc:28:3f:a9:64:c7:5b:09:09:04:46:c0:7b:c7:67:d1:8a:
         76:eb:28:93:63:b2:90:96:e5:a7:26:dc:44:58:48:98:fe:c5:
         68:bf:02:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddyvK/4r8n+v1xAPBa+sn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNDE3YmEwYTZlYmIzZjNiMWI4MmFmNzUwZmJlMjhhODZh
NDFiMzUwHhcNMjUwNjExMDcwMTEwWhcNMjUwNjEyMDcwMTEwWjAzMTEwLwYDVQQD
EygwYTBlMmU0ZjMwZDNmYWNiZTIwM2Y2OWIxNjg3OTczMDA2ZjgzODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl8qSp2glhcR9mAzqLHXDI0TTwG6
eVNOwGtVAsY4GR+8r5Z8SkcBcSaXBZCv19ABteMAWCPFqWjM77DnYOqi27zKzRZ2
ju0Wl7RoWkAGnhFFJV763bPFUKgOstb326aHflA9aH/c4T45dl7iRvlLVxr0PZDx
ZHxJ5hqp8Wv6kv4U+kz3bqYiebOVH/bUm1jLgPB3KOw5IS72Mkw6JjzeclIzgWyO
W3Cuddc38zbKxKaBxkp+0YGYePfcfROnsIHBNU+IFmI7hkZ7hiPit8EEv67E8XWg
BIM4VF3f2TZyXqoIBg2V3iVndEXWCLBidA6LbLR0o7S7Mqp/dfSUL2sm8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoOLk8w0/rL4gP2mxaHlzAG+DiKMB8GA1UdIwQY
MBaAFJNBe6Cm67Pzsbgq91D74oqGpBs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMt
NzI4ZmQ2YmFiYWZmLzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMtNzI4ZmQ2YmFiYWZm
LzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi8zjOx8G
nSAXoWrk9CsCSL6erH1u2cpd9idOzJwFWsCNaBHNtl1YQAQ0GCeuEVzJHimuIwFO
TpsjXr9YaMQjs3sZ9yGKJyGIcs4UCc9fV3PuAlcNXZ76DPA6pOAJuP05+tDiOlTi
WAOCsE4aVPuGR6cAzffjpBAGChEc3EAog79QOF6cBQA+6CCmdMNoNYFoqwqeqJm1
UYnDkb7iMznFujzIT+cgKFskymsxE79nRvxV/It5H6WITNJrhFWqgBIvkNEyaN9c
VmTuRmGQg/CsoqLv0lLfHHZiSbwoP6lkx1sJCQRGwHvHZ9GKdusok2OykJblpybc
RFhImP7FaL8CUg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:46:33 2025 by rpki-client