Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
File:                     o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft (raw, json)
Hash identifier:          s3o0bTvebdkrQxUjse/Vb9irzjR/RfRBDIspwj+mtig=
Subject key identifier:   F9:2E:A6:57:C0:32:E7:91:F0:1C:7E:14:74:FA:38:90:42:BA:CA:6E
Authority key identifier: A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
Certificate issuer:       /CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Certificate serial:       01976696E5F87B87D17F6EB79727156F44CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
Manifest number:          1299
Signing time:             Fri 13 Jun 2025 00:00:54 +0000
Manifest this update:     Fri 13 Jun 2025 00:00:54 +0000
Manifest next update:     Sat 14 Jun 2025 00:00:54 +0000
Files and hashes:         1: KHmBEFAHu1D8g7BNr6DM90HcrdE.roa (hash: cHCWZbVIixRYPkJFTsJoo7AK/4mwhNH2E0rmOh1q4HI=)
                          2: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl (hash: vzDZxpSGWg2/N1bJUqv3inKvpAv8ql1mtFVodtc1ENY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 00:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:96:e5:f8:7b:87:d1:7f:6e:b7:97:27:15:6f:44:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3d3907f811cb83f16b816785e380bc24c8ac193
        Validity
            Not Before: Jun 13 00:00:54 2025 GMT
            Not After : Jun 14 00:00:54 2025 GMT
        Subject: CN=f92ea657c032e791f01c7e1474fa389042baca6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7c:6c:e9:b5:62:ec:84:70:4f:71:7c:86:3c:
                    be:f6:6a:e1:54:39:b4:79:7a:f5:2f:bb:4d:6a:60:
                    ee:59:18:7e:56:fc:ba:2a:d0:55:3c:a7:e3:75:e1:
                    40:74:b5:7f:ed:89:02:70:87:c9:a9:92:9d:cf:d5:
                    09:47:53:11:45:21:bb:12:e6:45:b6:c0:31:bb:10:
                    e7:d7:97:e8:3b:16:67:95:81:49:ef:cc:68:f4:fc:
                    a9:c7:12:c5:c6:74:ce:53:32:8a:bc:4b:26:13:66:
                    72:a6:71:59:38:57:7c:e7:75:e4:ed:c0:bb:04:de:
                    34:87:ac:df:2b:1d:29:d8:ff:fb:4a:3b:c0:20:12:
                    c4:61:3d:03:3a:36:78:fc:3c:29:cc:16:a1:f4:5d:
                    f0:2e:b5:54:65:43:a1:a3:94:47:63:f2:b1:b9:bf:
                    dc:03:87:7f:8a:8e:97:8f:32:67:ed:b9:7c:d9:5f:
                    eb:1f:03:17:c4:58:73:0c:6a:17:c4:79:d4:fa:85:
                    2a:97:20:56:74:b4:c2:de:33:c8:d3:8d:cf:e2:bf:
                    62:d2:1b:72:4e:e4:bc:d8:20:62:f4:31:39:42:d9:
                    b3:36:1e:cf:d6:05:6b:e2:20:13:b4:9d:12:79:74:
                    d4:82:fd:6f:dc:03:a1:3a:93:db:c4:9f:01:57:64:
                    3d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:2E:A6:57:C0:32:E7:91:F0:1C:7E:14:74:FA:38:90:42:BA:CA:6E
            X509v3 Authority Key Identifier:
                keyid:A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:76:0c:2c:52:5a:79:db:28:bd:0c:e2:4f:5f:cc:b8:3d:f7:
         0a:68:a8:8b:14:2a:c4:26:92:5f:63:05:2d:db:de:8d:66:56:
         a4:56:ab:67:ea:05:ae:ce:b2:66:df:35:a8:51:6e:1e:d6:7e:
         1f:03:28:25:8a:85:81:41:8a:7f:c9:63:3e:fe:d8:d1:b9:3c:
         45:3b:f5:03:db:3b:51:62:54:08:73:93:4f:44:e8:1c:88:0a:
         d7:37:ac:69:a5:62:30:21:af:9a:e7:bc:ba:25:11:fd:e4:ea:
         e1:ad:4a:a9:9a:2f:28:e2:dd:71:2e:e3:3a:37:61:22:89:c6:
         f7:9c:a2:e7:63:ed:c9:c3:22:61:d4:58:2a:7b:b7:40:f2:6a:
         41:d8:b6:b8:89:5a:4b:fb:08:b3:51:c0:8c:aa:84:0f:83:6e:
         dd:a1:e7:20:94:60:65:e0:c8:fe:8d:f3:c2:39:28:50:c7:80:
         6b:c5:af:33:01:3a:1c:c3:8b:d8:de:39:5b:4a:fa:fa:88:24:
         51:bb:75:9d:d5:10:e1:82:29:02:85:f7:f2:d0:6c:ae:29:31:
         99:8b:42:72:ee:2d:2a:34:db:ef:a0:32:af:1e:64:e2:2f:ea:
         0a:9d:1e:b6:df:5f:5a:f6:7e:b2:03:3f:de:53:c4:d5:43:7b:
         8c:e5:95:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmluX4e4fRf263lycVb0TPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDM5MDdmODExY2I4M2YxNmI4MTY3ODVlMzgwYmMyNGM4
YWMxOTMwHhcNMjUwNjEzMDAwMDU0WhcNMjUwNjE0MDAwMDU0WjAzMTEwLwYDVQQD
EyhmOTJlYTY1N2MwMzJlNzkxZjAxYzdlMTQ3NGZhMzg5MDQyYmFjYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3xs6bVi7IRwT3F8hjy+9mrhVDm0
eXr1L7tNamDuWRh+Vvy6KtBVPKfjdeFAdLV/7YkCcIfJqZKdz9UJR1MRRSG7EuZF
tsAxuxDn15foOxZnlYFJ78xo9PypxxLFxnTOUzKKvEsmE2ZypnFZOFd853Xk7cC7
BN40h6zfKx0p2P/7SjvAIBLEYT0DOjZ4/DwpzBah9F3wLrVUZUOho5RHY/Kxub/c
A4d/io6XjzJn7bl82V/rHwMXxFhzDGoXxHnU+oUqlyBWdLTC3jPI043P4r9i0hty
TuS82CBi9DE5QtmzNh7P1gVr4iATtJ0SeXTUgv1v3AOhOpPbxJ8BV2Q9KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkuplfAMueR8Bx+FHT6OJBCuspuMB8GA1UdIwQY
MBaAFKPTkH+BHLg/FrgWeF44C8JMisGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2It
MzMyMDI3MWZiM2FjLzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2ItMzMyMDI3MWZiM2Fj
LzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3YMLFJa
edsovQziT1/MuD33CmioixQqxCaSX2MFLdvejWZWpFarZ+oFrs6yZt81qFFuHtZ+
HwMoJYqFgUGKf8ljPv7Y0bk8RTv1A9s7UWJUCHOTT0ToHIgK1zesaaViMCGvmue8
uiUR/eTq4a1KqZovKOLdcS7jOjdhIonG95yi52PtycMiYdRYKnu3QPJqQdi2uIla
S/sIs1HAjKqED4Nu3aHnIJRgZeDI/o3zwjkoUMeAa8WvMwE6HMOL2N45W0r6+ogk
Ubt1ndUQ4YIpAoX38tBsrikxmYtCcu4tKjTb76Ayrx5k4i/qCp0ett9fWvZ+sgM/
3lPE1UN7jOWVmg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 09:34:23 2025 by rpki-client