Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
File:                     o7HPJ-q7mfazXewahDm21lPc4zo.mft (raw, json)
Hash identifier:          fA45/RDqkqdKthgoBUD4mlPNaxBCropiG9YnlFtEwKY=
Subject key identifier:   AC:14:82:0F:06:87:81:74:C9:7E:21:DD:FC:2D:DB:41:19:0F:36:51
Authority key identifier: A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A
Certificate issuer:       /CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
Certificate serial:       019760273B3ACB03CEB84370188790AA3CA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
Manifest number:          1585
Signing time:             Wed 11 Jun 2025 18:01:13 +0000
Manifest this update:     Wed 11 Jun 2025 18:01:13 +0000
Manifest next update:     Thu 12 Jun 2025 18:01:13 +0000
Files and hashes:         1: o7HPJ-q7mfazXewahDm21lPc4zo.crl (hash: /Gekav6TjwpQF2ZDEZwssVTcetxJsZO32V8VckaZIqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:27:3b:3a:cb:03:ce:b8:43:70:18:87:90:aa:3c:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
        Validity
            Not Before: Jun 11 18:01:13 2025 GMT
            Not After : Jun 12 18:01:13 2025 GMT
        Subject: CN=ac14820f06878174c97e21ddfc2ddb41190f3651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:b7:23:dc:15:81:d2:43:22:eb:57:9e:79:90:
                    64:82:d5:e3:6e:26:52:0d:d4:b5:91:2a:c3:3c:d0:
                    90:8f:5f:71:bd:ed:8c:13:43:3a:b8:d5:32:69:4e:
                    25:12:97:fc:50:0e:ea:ae:13:6c:a3:86:10:33:b7:
                    6c:b0:cb:96:0a:a1:7b:f8:60:e6:aa:ee:c0:2b:35:
                    28:26:9c:0e:4d:14:43:5b:27:ec:8b:55:fc:58:35:
                    4c:87:1f:95:c8:ed:31:72:f5:92:a4:49:1c:99:45:
                    a3:86:e8:92:6d:7d:d4:57:fa:c1:af:09:6d:05:6c:
                    e8:4f:04:11:3a:ad:18:9a:c4:21:94:62:9c:86:01:
                    08:77:e3:62:93:a3:72:5e:3b:38:5b:4c:7e:50:d3:
                    f0:08:a7:41:9d:cf:57:8c:b7:2a:43:cb:ee:d9:00:
                    68:0f:1c:de:2d:5d:33:b0:62:f1:3e:78:0f:c3:52:
                    14:4c:dd:9c:55:4f:76:6c:4f:ef:41:f6:95:fe:5c:
                    b2:4b:ef:a2:06:40:dc:f9:b8:92:af:f7:ab:50:ad:
                    12:1a:7b:28:c0:36:8d:39:69:e0:63:f9:b9:7e:24:
                    fd:9a:e6:d0:fd:fa:c3:24:ad:86:60:f9:47:b7:40:
                    b3:b4:8f:54:02:3b:6f:d9:f9:5f:e3:f5:2f:70:11:
                    50:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:14:82:0F:06:87:81:74:C9:7E:21:DD:FC:2D:DB:41:19:0F:36:51
            X509v3 Authority Key Identifier:
                keyid:A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:d5:87:01:6f:7e:0e:aa:60:b1:a7:53:d0:7e:9b:c2:c3:c8:
         69:eb:25:3d:cf:24:58:f0:4a:d9:67:65:a9:77:01:d2:78:a4:
         62:e0:63:11:53:82:b5:cc:83:8c:d9:d6:df:10:d0:cf:70:70:
         a1:f8:ab:88:52:5a:7f:ad:a8:02:c7:f0:11:f3:be:61:22:92:
         c9:b0:e2:16:08:75:b1:8c:7f:b5:1a:fe:84:dd:e9:a1:6e:7d:
         33:83:73:11:8f:6c:cc:03:e3:c3:04:9d:f0:35:af:a8:91:d2:
         da:29:4e:34:1e:2d:79:8f:67:4b:c9:1a:56:2d:3a:82:dd:53:
         f4:f2:90:6e:91:62:b1:20:15:e2:33:53:d8:9f:ee:da:ae:dd:
         6e:31:a8:66:1d:b7:ca:4b:12:40:46:04:01:89:c2:14:53:32:
         66:54:d5:60:98:d9:6f:80:e5:55:4b:53:a1:d7:00:a7:47:c9:
         76:54:64:ad:ee:8b:0c:69:a4:04:73:87:df:0e:5b:b8:e9:b6:
         e6:64:64:c4:3e:b4:94:3c:78:eb:b1:8c:99:03:b4:f0:ce:34:
         5a:9e:b0:fa:8a:d9:3d:d0:2f:6d:45:be:e4:a9:f9:8d:c2:c5:
         97:8c:ab:e6:aa:8c:02:22:67:59:99:38:fa:18:0f:9b:db:ca:
         cb:50:46:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgJzs6ywPOuENwGIeQqjypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYjFjZjI3ZWFiYjk5ZjZiMzVkZWMxYTg0MzliNmQ2NTNk
Y2UzM2EwHhcNMjUwNjExMTgwMTEzWhcNMjUwNjEyMTgwMTEzWjAzMTEwLwYDVQQD
EyhhYzE0ODIwZjA2ODc4MTc0Yzk3ZTIxZGRmYzJkZGI0MTE5MGYzNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bcj3BWB0kMi61eeeZBkgtXjbiZS
DdS1kSrDPNCQj19xve2ME0M6uNUyaU4lEpf8UA7qrhNso4YQM7dssMuWCqF7+GDm
qu7AKzUoJpwOTRRDWyfsi1X8WDVMhx+VyO0xcvWSpEkcmUWjhuiSbX3UV/rBrwlt
BWzoTwQROq0YmsQhlGKchgEId+Nik6NyXjs4W0x+UNPwCKdBnc9XjLcqQ8vu2QBo
DxzeLV0zsGLxPngPw1IUTN2cVU92bE/vQfaV/lyyS++iBkDc+biSr/erUK0SGnso
wDaNOWngY/m5fiT9mubQ/frDJK2GYPlHt0CztI9UAjtv2flf4/UvcBFQkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwUgg8Gh4F0yX4h3fwt20EZDzZRMB8GA1UdIwQY
MBaAFKOxzyfqu5n2s13sGoQ5ttZT3OM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgt
MDU3ODZiZmQ2ODU3LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgtMDU3ODZiZmQ2ODU3
LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9WHAW9+
DqpgsadT0H6bwsPIaeslPc8kWPBK2WdlqXcB0nikYuBjEVOCtcyDjNnW3xDQz3Bw
ofiriFJaf62oAsfwEfO+YSKSybDiFgh1sYx/tRr+hN3poW59M4NzEY9szAPjwwSd
8DWvqJHS2ilONB4teY9nS8kaVi06gt1T9PKQbpFisSAV4jNT2J/u2q7dbjGoZh23
yksSQEYEAYnCFFMyZlTVYJjZb4DlVUtTodcAp0fJdlRkre6LDGmkBHOH3w5buOm2
5mRkxD60lDx467GMmQO08M40Wp6w+orZPdAvbUW+5Kn5jcLFl4yr5qqMAiJnWZk4
+hgPm9vKy1BG8Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:45:57 2025 by rpki-client