Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          G05/0Hj64XvFjeYyzMLn/0Zj+x3pAWijeLfb80rIzew=
Subject key identifier:   36:A2:9D:26:8F:B1:00:60:45:BF:1B:BD:F4:B3:EF:3F:2C:37:01:C2
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       01975C80AB9544AA584CB5EDE3A30E136046
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C16
Signing time:             Wed 11 Jun 2025 01:00:25 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:25 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:25 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: ex46NGxVgQPynOuuIn1hOlji0b62UizeHl5zl46Yc4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:80:ab:95:44:aa:58:4c:b5:ed:e3:a3:0e:13:60:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun 11 01:00:25 2025 GMT
            Not After : Jun 12 01:00:25 2025 GMT
        Subject: CN=36a29d268fb1006045bf1bbdf4b3ef3f2c3701c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:13:38:d1:63:cb:c4:76:91:f4:db:ff:bd:2c:
                    1c:1e:2a:fb:e8:45:27:b9:37:b3:2b:a5:c6:35:99:
                    8d:83:fa:62:a7:4d:99:ab:ce:e8:b1:51:20:56:1f:
                    1f:9a:ea:f0:75:80:2a:4a:55:21:98:b8:fe:39:9e:
                    f4:be:26:7e:ae:69:ad:d9:85:5e:27:36:5e:95:a4:
                    49:95:2b:ae:6a:5c:37:87:bb:31:65:06:2e:63:13:
                    e3:44:39:55:42:de:9e:3f:af:99:89:ec:5c:ee:7c:
                    44:d2:c5:f0:f7:7e:36:94:b9:cb:f2:67:41:d6:12:
                    85:94:ad:fb:b2:0f:f9:e3:b3:45:ca:74:01:1a:a8:
                    44:8c:8a:3d:05:8a:2a:08:a5:39:36:42:8c:25:b2:
                    74:69:ee:c0:68:ec:ae:ec:b4:e9:68:06:9d:05:4c:
                    a1:02:59:d2:67:e4:3c:c8:26:b9:26:ef:29:0b:3c:
                    7d:75:94:3b:de:44:a6:5c:b1:95:7d:a7:09:86:d0:
                    d7:75:28:0b:9a:11:a2:52:df:9e:78:41:98:c8:fa:
                    76:3c:df:a9:34:36:48:a1:d3:75:bf:9f:68:ac:19:
                    c6:c3:a0:2f:2d:13:8c:4f:cd:49:eb:37:8a:de:66:
                    76:a4:7c:3c:36:29:86:d4:21:1a:38:67:bf:5f:d7:
                    ef:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:A2:9D:26:8F:B1:00:60:45:BF:1B:BD:F4:B3:EF:3F:2C:37:01:C2
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:a7:15:15:40:09:76:7e:2c:85:ea:1c:b8:26:7d:2a:e3:e4:
         e2:62:b9:33:67:46:7a:c0:89:b0:61:d5:5f:f8:5b:9a:13:0d:
         55:a6:b6:3f:ac:5e:f6:e9:1a:b2:92:5f:05:a7:a8:d3:c9:86:
         75:c6:1b:3f:02:70:4f:1f:7b:7c:d4:b3:fb:0d:4b:5f:54:42:
         da:64:38:90:e8:74:45:a4:2c:1b:aa:32:4f:08:8f:33:5a:9b:
         ce:5b:e4:e7:39:a8:65:5a:de:8e:94:ef:26:89:73:98:17:05:
         ea:40:88:2b:3c:68:de:40:ea:86:6a:e4:d9:e1:1a:36:32:55:
         97:9f:36:d6:48:64:c3:c6:e8:5f:42:e6:6c:e9:dc:fd:de:17:
         da:1b:a9:c5:3c:c6:00:6a:09:c2:e8:09:a5:f8:bf:d8:2d:3e:
         5a:bb:44:09:a0:86:17:e6:03:b4:f8:11:b6:a1:08:48:93:ad:
         6f:55:02:c4:23:05:09:26:42:cb:af:8a:d5:39:b3:60:ed:ed:
         7e:56:f5:5f:de:4b:1b:1d:29:27:ba:58:4e:8a:a7:aa:95:e6:
         a4:74:24:5e:91:d9:d6:13:d5:b3:47:0a:df:35:46:dc:1d:0a:
         3d:d7:b4:da:a2:42:d1:70:0d:13:46:52:39:44:6b:60:dc:36:
         16:af:cd:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgKuVRKpYTLXt46MOE2BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjExMDEwMDI1WhcNMjUwNjEyMDEwMDI1WjAzMTEwLwYDVQQD
EygzNmEyOWQyNjhmYjEwMDYwNDViZjFiYmRmNGIzZWYzZjJjMzcwMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBM40WPLxHaR9Nv/vSwcHir76EUn
uTezK6XGNZmNg/pip02Zq87osVEgVh8fmurwdYAqSlUhmLj+OZ70viZ+rmmt2YVe
JzZelaRJlSuualw3h7sxZQYuYxPjRDlVQt6eP6+Ziexc7nxE0sXw9342lLnL8mdB
1hKFlK37sg/547NFynQBGqhEjIo9BYoqCKU5NkKMJbJ0ae7AaOyu7LTpaAadBUyh
AlnSZ+Q8yCa5Ju8pCzx9dZQ73kSmXLGVfacJhtDXdSgLmhGiUt+eeEGYyPp2PN+p
NDZIodN1v59orBnGw6AvLROMT81J6zeK3mZ2pHw8NimG1CEaOGe/X9fvGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDainSaPsQBgRb8bvfSz7z8sNwHCMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiacVFUAJ
dn4sheocuCZ9KuPk4mK5M2dGesCJsGHVX/hbmhMNVaa2P6xe9ukaspJfBaeo08mG
dcYbPwJwTx97fNSz+w1LX1RC2mQ4kOh0RaQsG6oyTwiPM1qbzlvk5zmoZVrejpTv
JolzmBcF6kCIKzxo3kDqhmrk2eEaNjJVl5821khkw8boX0LmbOnc/d4X2hupxTzG
AGoJwugJpfi/2C0+WrtECaCGF+YDtPgRtqEISJOtb1UCxCMFCSZCy6+K1TmzYO3t
flb1X95LGx0pJ7pYToqnqpXmpHQkXpHZ1hPVs0cK3zVG3B0KPde02qJC0XANE0ZS
OURrYNw2Fq/N7A==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:20:20 2025 by rpki-client