Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          vtheD3fBFPDZwP78X8QHqkUkNMpKQdOeR7QC7J5dYIk=
Subject key identifier:   48:A6:32:05:BB:26:04:81:9A:13:42:39:67:B8:CD:D7:AC:8E:F2:DE
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       0197605DC71BF1986C95829027DE5FF07F3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C18
Signing time:             Wed 11 Jun 2025 19:00:47 +0000
Manifest this update:     Wed 11 Jun 2025 19:00:47 +0000
Manifest next update:     Thu 12 Jun 2025 19:00:47 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: AuKmVMHKfg8Mp2dH4pvARTqa0VR3C7Jp+olLCV0TsTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:5d:c7:1b:f1:98:6c:95:82:90:27:de:5f:f0:7f:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun 11 19:00:47 2025 GMT
            Not After : Jun 12 19:00:47 2025 GMT
        Subject: CN=48a63205bb2604819a13423967b8cdd7ac8ef2de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:34:ae:77:4e:70:46:81:e5:0f:3b:fd:d5:88:
                    85:52:1b:5b:76:6b:1f:65:3e:f5:2f:b9:ee:71:62:
                    ff:25:b0:38:01:ab:8f:72:0f:2a:dc:ba:52:a5:42:
                    76:4e:f8:b1:24:44:d2:26:30:be:38:50:3a:72:8c:
                    3c:e7:ed:c3:83:23:5d:bd:8c:2e:70:3a:1a:73:4e:
                    75:4d:72:5a:e8:42:90:fd:a1:dc:71:d0:4a:b5:56:
                    08:20:0d:e5:1e:1e:fd:de:db:ab:08:33:74:30:5a:
                    ad:01:5c:1e:71:bd:6f:90:8e:32:81:77:07:87:b1:
                    43:1c:e7:3b:a3:7f:bc:55:7c:3a:20:37:42:39:b5:
                    33:bb:e5:43:59:0d:87:a7:a3:b4:65:6d:6b:d6:c1:
                    ea:2d:d3:3e:2c:8e:25:69:b5:f6:9b:c0:66:e7:a8:
                    d8:c1:4f:a9:21:e2:b5:f6:6f:4b:b4:0b:05:a3:b7:
                    68:57:2a:6b:f7:a0:32:1b:10:6a:bb:1e:fc:98:82:
                    de:bb:0a:a4:97:f3:e6:dd:ce:b0:b2:56:e9:06:82:
                    2a:a4:82:97:42:4e:05:89:a5:75:d6:e5:38:15:97:
                    84:6d:6f:cc:5b:f3:24:45:cc:4b:54:82:db:b3:67:
                    f0:fc:00:73:9d:31:1a:14:c1:a5:0a:2f:89:0e:07:
                    a0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:A6:32:05:BB:26:04:81:9A:13:42:39:67:B8:CD:D7:AC:8E:F2:DE
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:41:df:5d:0d:8d:23:7c:a9:52:a1:d7:e0:ef:b4:a1:95:fa:
         d4:05:09:cb:e7:c7:9d:8a:34:18:e2:24:f1:57:db:47:c1:85:
         be:8f:da:b9:5c:02:98:57:b5:e6:85:6b:9b:6e:b5:9b:68:14:
         50:5e:11:1f:5c:16:fb:4c:15:42:ac:95:b7:4b:e8:42:03:33:
         d9:b0:1f:d2:c8:bd:d3:85:e3:8a:a5:dc:8a:a1:8b:65:3a:e8:
         d9:2b:e7:b8:39:95:f6:1e:c0:52:f0:54:98:1d:ad:c5:c7:a5:
         8b:f9:fb:8e:5a:41:68:54:86:1b:5c:8e:af:c6:1e:11:eb:c9:
         d9:ae:7f:86:7f:b8:39:9b:02:5d:49:25:ed:48:67:43:b7:a1:
         48:d6:41:ab:69:5a:75:ac:25:0e:64:c3:c7:fe:78:53:64:da:
         39:d0:88:cf:c4:6a:a1:28:d8:9c:0c:b7:ca:a9:48:3b:06:b0:
         ec:12:8c:51:a8:44:1c:42:7e:d9:21:23:51:99:b7:a7:aa:4a:
         d4:9c:9e:24:70:fa:e7:30:e6:bb:97:01:ff:7b:0c:ed:87:f9:
         56:f0:2d:17:e3:90:7e:9c:9d:ea:44:2c:8a:f1:b4:79:44:44:
         25:48:d8:db:2a:79:7f:80:21:ec:25:32:cd:e0:22:65:88:6e:
         61:9b:18:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgXccb8ZhslYKQJ95f8H86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjExMTkwMDQ3WhcNMjUwNjEyMTkwMDQ3WjAzMTEwLwYDVQQD
Eyg0OGE2MzIwNWJiMjYwNDgxOWExMzQyMzk2N2I4Y2RkN2FjOGVmMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujSud05wRoHlDzv91YiFUhtbdmsf
ZT71L7nucWL/JbA4AauPcg8q3LpSpUJ2TvixJETSJjC+OFA6cow85+3DgyNdvYwu
cDoac051TXJa6EKQ/aHccdBKtVYIIA3lHh793turCDN0MFqtAVwecb1vkI4ygXcH
h7FDHOc7o3+8VXw6IDdCObUzu+VDWQ2Hp6O0ZW1r1sHqLdM+LI4labX2m8Bm56jY
wU+pIeK19m9LtAsFo7doVypr96AyGxBqux78mILeuwqkl/Pm3c6wslbpBoIqpIKX
Qk4FiaV11uU4FZeEbW/MW/MkRcxLVILbs2fw/ABznTEaFMGlCi+JDgegVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEimMgW7JgSBmhNCOWe4zdesjvLeMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkHfXQ2N
I3ypUqHX4O+0oZX61AUJy+fHnYo0GOIk8VfbR8GFvo/auVwCmFe15oVrm261m2gU
UF4RH1wW+0wVQqyVt0voQgMz2bAf0si904XjiqXciqGLZTro2SvnuDmV9h7AUvBU
mB2txceli/n7jlpBaFSGG1yOr8YeEevJ2a5/hn+4OZsCXUkl7UhnQ7ehSNZBq2la
dawlDmTDx/54U2TaOdCIz8RqoSjYnAy3yqlIOwaw7BKMUahEHEJ+2SEjUZm3p6pK
1JyeJHD65zDmu5cB/3sM7Yf5VvAtF+OQfpyd6kQsivG0eUREJUjY2yp5f4Ah7CUy
zeAiZYhuYZsYUg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 00:01:18 2025 by rpki-client