Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
File:                     o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft (raw, json)
Hash identifier:          H9kUqasgTGfrfkGx0be2W0eEpmfo3qOqsNc5ihI13x4=
Subject key identifier:   73:28:86:0D:09:60:25:DF:A6:C9:6F:D3:C8:50:7B:42:20:5F:CF:54
Authority key identifier: A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
Certificate issuer:       /CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Certificate serial:       019764A809F1DFDBDD5B4C93A7A34FF6E82A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
Manifest number:          1298
Signing time:             Thu 12 Jun 2025 15:00:23 +0000
Manifest this update:     Thu 12 Jun 2025 15:00:23 +0000
Manifest next update:     Fri 13 Jun 2025 15:00:23 +0000
Files and hashes:         1: KHmBEFAHu1D8g7BNr6DM90HcrdE.roa (hash: cHCWZbVIixRYPkJFTsJoo7AK/4mwhNH2E0rmOh1q4HI=)
                          2: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl (hash: 6l48ZbLKPSdbsWmTsb/0M0f/UDhGPNSOk9dAgfN9LBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:a8:09:f1:df:db:dd:5b:4c:93:a7:a3:4f:f6:e8:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3d3907f811cb83f16b816785e380bc24c8ac193
        Validity
            Not Before: Jun 12 15:00:23 2025 GMT
            Not After : Jun 13 15:00:23 2025 GMT
        Subject: CN=7328860d096025dfa6c96fd3c8507b42205fcf54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:95:a4:47:ef:9e:34:68:56:2c:2c:4c:92:03:
                    5d:15:59:1f:2c:47:9d:76:01:b4:61:f6:72:c5:89:
                    dc:f6:79:fe:ab:07:02:eb:4c:3e:6d:0e:c2:90:0b:
                    8f:ec:bb:fb:98:77:53:3e:82:39:21:18:f8:14:f4:
                    9b:e2:a5:fa:3b:bb:d0:b5:03:25:68:08:35:1f:f8:
                    a9:38:8e:55:0f:7f:45:d3:fc:3d:08:30:05:72:a7:
                    b8:d3:ab:84:fe:92:0d:55:cb:c7:94:ca:1d:af:cb:
                    a8:9c:7e:1b:3e:b5:96:1b:27:e3:8d:46:30:b8:ef:
                    ff:a9:92:e6:3f:f4:2b:61:d9:1b:93:49:67:c0:13:
                    1b:86:cf:43:b1:09:2c:5e:cc:5c:4d:f9:80:5d:a5:
                    ca:2c:4e:48:62:e7:52:7a:8e:64:ca:21:d9:19:53:
                    26:0d:5a:02:f0:91:78:83:17:ec:e3:16:c3:1e:d8:
                    72:a1:54:4f:8d:e6:6c:5c:5e:54:83:2f:18:fa:b2:
                    d0:07:0d:08:84:40:fe:a5:1f:2e:8e:bb:9d:20:0c:
                    9e:d5:e2:a1:3a:8a:6d:9e:b1:e1:4b:07:ee:cc:4b:
                    3e:b6:79:dc:61:8d:48:9c:fc:75:11:80:1c:c1:b7:
                    27:f2:f9:09:8f:d4:18:78:d7:db:95:61:d2:b0:26:
                    4c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:28:86:0D:09:60:25:DF:A6:C9:6F:D3:C8:50:7B:42:20:5F:CF:54
            X509v3 Authority Key Identifier:
                keyid:A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:83:c9:15:d0:b4:5a:d7:9f:3e:26:07:56:46:1e:f1:78:de:
         69:89:ff:18:b5:a0:06:c2:eb:2e:40:ed:68:ea:7b:4a:21:56:
         f8:8f:7b:06:b2:09:b1:a7:df:7f:b2:7d:df:13:c9:53:0d:e7:
         ce:99:be:a0:c2:12:df:ba:e7:d3:b3:dc:4b:e9:97:a9:aa:b1:
         38:84:43:97:b0:a1:f4:dc:e0:64:c6:a1:d0:ea:c4:25:bf:76:
         62:a6:bc:12:a0:ca:0e:de:3c:63:ce:79:38:b3:1b:10:74:0d:
         90:cc:63:0b:13:21:fb:2a:29:d0:50:66:0c:ef:89:13:3d:1e:
         81:3e:57:d6:c2:f1:a3:8b:7e:98:1c:6b:5e:30:fa:e2:9f:a8:
         cf:67:1d:1e:72:f7:7c:a3:e5:81:f7:dd:b4:e7:d4:4b:60:81:
         ad:05:91:ab:66:11:27:08:10:1d:28:b2:6a:64:95:a5:eb:ed:
         f5:59:e6:05:e4:ba:ca:a3:a0:04:bb:57:68:3a:09:cd:f4:a9:
         af:40:7c:7f:47:87:f4:f3:b4:14:b9:8c:d3:97:b7:d5:62:2b:
         28:39:83:9d:e6:50:f8:5a:96:88:6c:e5:07:46:15:9a:38:a3:
         4f:50:76:6e:a3:6e:2c:cf:1c:65:bd:ec:0e:54:18:d1:75:1f:
         55:1a:2f:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkqAnx39vdW0yTp6NP9ugqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDM5MDdmODExY2I4M2YxNmI4MTY3ODVlMzgwYmMyNGM4
YWMxOTMwHhcNMjUwNjEyMTUwMDIzWhcNMjUwNjEzMTUwMDIzWjAzMTEwLwYDVQQD
Eyg3MzI4ODYwZDA5NjAyNWRmYTZjOTZmZDNjODUwN2I0MjIwNWZjZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5WkR++eNGhWLCxMkgNdFVkfLEed
dgG0YfZyxYnc9nn+qwcC60w+bQ7CkAuP7Lv7mHdTPoI5IRj4FPSb4qX6O7vQtQMl
aAg1H/ipOI5VD39F0/w9CDAFcqe406uE/pINVcvHlModr8uonH4bPrWWGyfjjUYw
uO//qZLmP/QrYdkbk0lnwBMbhs9DsQksXsxcTfmAXaXKLE5IYudSeo5kyiHZGVMm
DVoC8JF4gxfs4xbDHthyoVRPjeZsXF5Ugy8Y+rLQBw0IhED+pR8ujrudIAye1eKh
OoptnrHhSwfuzEs+tnncYY1InPx1EYAcwbcn8vkJj9QYeNfblWHSsCZMSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMohg0JYCXfpslv08hQe0IgX89UMB8GA1UdIwQY
MBaAFKPTkH+BHLg/FrgWeF44C8JMisGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2It
MzMyMDI3MWZiM2FjLzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2ItMzMyMDI3MWZiM2Fj
LzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhIPJFdC0
WtefPiYHVkYe8XjeaYn/GLWgBsLrLkDtaOp7SiFW+I97BrIJsafff7J93xPJUw3n
zpm+oMIS37rn07PcS+mXqaqxOIRDl7Ch9NzgZMah0OrEJb92Yqa8EqDKDt48Y855
OLMbEHQNkMxjCxMh+yop0FBmDO+JEz0egT5X1sLxo4t+mBxrXjD64p+oz2cdHnL3
fKPlgffdtOfUS2CBrQWRq2YRJwgQHSiyamSVpevt9VnmBeS6yqOgBLtXaDoJzfSp
r0B8f0eH9PO0FLmM05e31WIrKDmDneZQ+FqWiGzlB0YVmjijT1B2bqNuLM8cZb3s
DlQY0XUfVRovAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:41:06 2025 by rpki-client