Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft
File:                     oQIHcvYouPtR80dRNrd_60smmL4.mft (raw, json)
Hash identifier:          2kYrqtEjkF2GzzJh3z9MvY9wvMSzPOAbcmmRe6Wb5Ms=
Subject key identifier:   A1:D3:1F:E5:8F:37:FB:B9:C6:A2:57:51:9B:5D:D2:B9:59:2E:57:82
Authority key identifier: A1:02:07:72:F6:28:B8:FB:51:F3:47:51:36:B7:7F:EB:4B:26:98:BE
Certificate issuer:       /CN=a1020772f628b8fb51f3475136b77feb4b2698be
Certificate serial:       019753B464E453B861AB7D56F2A32074ADFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft
Manifest number:          11CA
Signing time:             Mon 09 Jun 2025 08:00:20 +0000
Manifest this update:     Mon 09 Jun 2025 08:00:20 +0000
Manifest next update:     Tue 10 Jun 2025 08:00:20 +0000
Files and hashes:         1: Xn7HlAmazqZObEY4Svfv4ZbMChM.roa (hash: 900LVbegyuqsxm1Su/VFGub5Wi1DlW68cWbr8g1USwo=)
                          2: oQIHcvYouPtR80dRNrd_60smmL4.crl (hash: Os8dne6M1h6wWizXbVf3cuzWQ+oxcd4mF8gp7JoeAqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:b4:64:e4:53:b8:61:ab:7d:56:f2:a3:20:74:ad:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1020772f628b8fb51f3475136b77feb4b2698be
        Validity
            Not Before: Jun  9 08:00:20 2025 GMT
            Not After : Jun 10 08:00:20 2025 GMT
        Subject: CN=a1d31fe58f37fbb9c6a257519b5dd2b9592e5782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cd:f9:44:d7:4f:53:78:69:3d:1d:ea:54:f0:
                    32:64:f0:05:6e:8e:53:94:a0:e8:98:bb:21:e5:78:
                    67:9c:fe:cd:a0:2b:89:ec:b3:50:60:2d:1d:48:de:
                    02:04:df:ad:fc:e7:d6:3c:11:6e:1d:6b:a1:6d:b3:
                    b1:97:fb:4d:32:aa:b7:a9:0f:e0:76:69:f7:c8:22:
                    ba:70:8c:f3:3a:c3:5d:d5:cd:95:19:9c:78:96:66:
                    a1:0f:1a:0f:29:6e:ad:79:6b:74:23:36:81:4a:1d:
                    53:d2:a4:58:5d:c9:71:e5:7b:4f:36:02:47:f0:76:
                    4c:c4:ee:f0:83:4f:2d:c5:07:8b:a1:34:6d:9e:c6:
                    7a:26:ed:15:9d:81:10:42:7b:f4:00:ec:4c:08:5f:
                    91:7e:00:c9:fc:44:cb:06:e7:ae:b0:0d:aa:59:ea:
                    06:f8:8e:30:e5:d7:45:c3:e0:f6:10:0d:7a:ce:9f:
                    e4:eb:29:06:08:f3:db:ac:15:3b:fb:bc:37:d4:df:
                    a6:e3:1f:eb:5b:4d:b0:3c:92:67:3e:7a:83:d0:9a:
                    d7:01:5f:4a:ce:b8:98:ad:27:2a:ae:6e:04:aa:63:
                    2d:39:aa:b2:02:c1:5a:e8:e4:c5:35:06:8c:82:c5:
                    f1:e3:28:2a:97:19:b5:b0:aa:03:6a:61:b5:d3:3f:
                    7b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:D3:1F:E5:8F:37:FB:B9:C6:A2:57:51:9B:5D:D2:B9:59:2E:57:82
            X509v3 Authority Key Identifier:
                keyid:A1:02:07:72:F6:28:B8:FB:51:F3:47:51:36:B7:7F:EB:4B:26:98:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:c8:3a:2e:3f:20:18:68:91:5b:e6:64:ba:87:b0:f2:1b:f7:
         cc:68:6c:c6:f0:20:c5:bf:dd:7e:03:68:7e:52:93:18:35:49:
         9a:27:c5:29:1f:28:71:da:00:97:84:8a:47:22:07:0a:66:0b:
         a0:de:4b:3c:24:ef:eb:fa:bc:78:1a:de:6a:d9:dc:74:54:81:
         ac:b3:d1:1e:44:de:7a:d1:e6:a0:69:d8:b6:4c:d8:9d:27:80:
         03:4b:36:20:e2:50:84:cb:58:cd:d0:6e:e7:d8:28:49:05:30:
         ee:24:ea:ce:b1:a0:bc:f8:08:22:f1:e6:4b:b3:b0:c6:0e:f0:
         22:a5:29:77:b0:e1:e3:d2:52:51:5c:2a:17:26:67:67:e7:7d:
         c4:79:0e:7c:24:d3:fd:90:e8:76:1c:5a:30:cd:55:79:a4:44:
         11:ff:c9:7c:99:6f:bd:87:80:be:f4:d3:ae:12:63:03:aa:10:
         62:6b:19:12:7c:50:ce:ab:0d:ca:3a:77:09:cf:ed:b9:7d:e6:
         ac:21:73:09:31:09:64:36:8b:b1:53:24:af:bf:d5:8f:f2:83:
         aa:99:61:a4:6f:8b:66:95:cb:83:02:14:24:f1:6e:01:72:a3:
         8b:3f:ba:20:46:ad:7e:5d:c9:b5:e2:84:1a:b9:f8:1d:50:27:
         7d:b5:76:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTtGTkU7hhq31W8qMgdK36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMDIwNzcyZjYyOGI4ZmI1MWYzNDc1MTM2Yjc3ZmViNGIy
Njk4YmUwHhcNMjUwNjA5MDgwMDIwWhcNMjUwNjEwMDgwMDIwWjAzMTEwLwYDVQQD
EyhhMWQzMWZlNThmMzdmYmI5YzZhMjU3NTE5YjVkZDJiOTU5MmU1NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts35RNdPU3hpPR3qVPAyZPAFbo5T
lKDomLsh5XhnnP7NoCuJ7LNQYC0dSN4CBN+t/OfWPBFuHWuhbbOxl/tNMqq3qQ/g
dmn3yCK6cIzzOsNd1c2VGZx4lmahDxoPKW6teWt0IzaBSh1T0qRYXclx5XtPNgJH
8HZMxO7wg08txQeLoTRtnsZ6Ju0VnYEQQnv0AOxMCF+RfgDJ/ETLBueusA2qWeoG
+I4w5ddFw+D2EA16zp/k6ykGCPPbrBU7+7w31N+m4x/rW02wPJJnPnqD0JrXAV9K
zriYrScqrm4EqmMtOaqyAsFa6OTFNQaMgsXx4ygqlxm1sKoDamG10z97dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHTH+WPN/u5xqJXUZtd0rlZLleCMB8GA1UdIwQY
MBaAFKECB3L2KLj7UfNHUTa3f+tLJpi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NTA0MzEtNjE3NC00N2QyLThiYWIt
NTFhZjgyOTY1ZTMzLzEvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NTA0MzEtNjE3NC00N2QyLThiYWItNTFhZjgyOTY1ZTMz
LzEvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8g6Lj8g
GGiRW+Zkuoew8hv3zGhsxvAgxb/dfgNoflKTGDVJmifFKR8ocdoAl4SKRyIHCmYL
oN5LPCTv6/q8eBreatncdFSBrLPRHkTeetHmoGnYtkzYnSeAA0s2IOJQhMtYzdBu
59goSQUw7iTqzrGgvPgIIvHmS7Owxg7wIqUpd7Dh49JSUVwqFyZnZ+d9xHkOfCTT
/ZDodhxaMM1VeaREEf/JfJlvvYeAvvTTrhJjA6oQYmsZEnxQzqsNyjp3Cc/tuX3m
rCFzCTEJZDaLsVMkr7/Vj/KDqplhpG+LZpXLgwIUJPFuAXKjiz+6IEatfl3JteKE
Grn4HVAnfbV2pQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:54:50 2025 by rpki-client