Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft
File:                     oQIHcvYouPtR80dRNrd_60smmL4.mft (raw, json)
Hash identifier:          cjdQ43RVHGxNmw5P+HEENuOokrP+nJ3f0it6S7wdVcY=
Subject key identifier:   EC:1A:31:7D:22:3A:A9:3E:FE:25:39:78:80:39:30:73:AA:31:50:B2
Authority key identifier: A1:02:07:72:F6:28:B8:FB:51:F3:47:51:36:B7:7F:EB:4B:26:98:BE
Certificate issuer:       /CN=a1020772f628b8fb51f3475136b77feb4b2698be
Certificate serial:       01976327DA2E5D884C4FE93AE3101E4A8090
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft
Manifest number:          11D2
Signing time:             Thu 12 Jun 2025 08:00:45 +0000
Manifest this update:     Thu 12 Jun 2025 08:00:45 +0000
Manifest next update:     Fri 13 Jun 2025 08:00:45 +0000
Files and hashes:         1: Xn7HlAmazqZObEY4Svfv4ZbMChM.roa (hash: 900LVbegyuqsxm1Su/VFGub5Wi1DlW68cWbr8g1USwo=)
                          2: oQIHcvYouPtR80dRNrd_60smmL4.crl (hash: tAJ7vlTWsvW/WEofSeMX9SqXNaCLIDRE3zisQIVkLm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 08:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:27:da:2e:5d:88:4c:4f:e9:3a:e3:10:1e:4a:80:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1020772f628b8fb51f3475136b77feb4b2698be
        Validity
            Not Before: Jun 12 08:00:45 2025 GMT
            Not After : Jun 13 08:00:45 2025 GMT
        Subject: CN=ec1a317d223aa93efe25397880393073aa3150b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:4f:37:57:d9:d4:38:25:57:da:e3:b0:0a:cc:
                    fb:7f:de:ca:65:b0:d0:24:09:7e:d0:af:03:f3:14:
                    ac:aa:05:b7:3c:bb:d6:a5:2c:bb:ec:0c:1f:fc:16:
                    ba:a8:bf:5e:98:3f:d9:c8:3c:d1:7f:0b:4f:02:91:
                    8f:4c:09:b8:ab:49:36:0a:3f:b8:e6:3e:cd:57:d8:
                    33:24:8f:80:1e:89:3f:54:1c:a3:82:29:ff:62:f3:
                    b0:58:ae:8f:27:2b:ec:f6:57:68:18:ef:a3:19:7e:
                    4c:67:1e:91:f9:9e:72:78:b7:d4:1a:e4:db:09:28:
                    42:a1:6a:87:8e:b2:1c:db:f5:71:51:49:80:28:90:
                    11:af:7c:fe:fe:dc:ef:e0:2f:4c:4b:d3:f3:da:53:
                    6c:9a:c0:4a:99:f1:c4:9d:0a:3e:95:8c:c8:6b:7a:
                    ef:c6:9b:aa:5c:0d:8f:a9:68:2f:83:da:dc:62:1a:
                    56:cf:98:fa:5c:bf:e6:37:f0:8a:7f:16:86:c2:0d:
                    12:db:9a:ff:3e:05:f9:d9:7b:c4:c7:4e:cd:9e:e7:
                    a5:5d:b8:ce:0f:cf:79:f4:5b:ae:3d:01:eb:68:8c:
                    ac:30:04:28:a6:4c:83:e4:a7:37:97:7d:ec:75:b1:
                    df:65:44:ae:90:3d:2a:e2:6d:00:03:38:5b:b2:0e:
                    ac:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:1A:31:7D:22:3A:A9:3E:FE:25:39:78:80:39:30:73:AA:31:50:B2
            X509v3 Authority Key Identifier:
                keyid:A1:02:07:72:F6:28:B8:FB:51:F3:47:51:36:B7:7F:EB:4B:26:98:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:cb:9d:5c:f4:7e:db:82:b7:2d:32:c5:36:b0:05:a1:33:e6:
         20:73:84:f3:95:5b:a0:90:46:98:ec:20:f0:df:9f:46:f8:8e:
         7a:fb:bb:3d:04:95:6a:b9:ed:6b:fb:e4:ca:5c:72:19:22:1d:
         c0:99:ce:b7:af:e9:a4:c8:2c:bb:73:9f:9b:03:b0:52:13:31:
         a9:9b:ce:ab:9a:3d:03:63:9b:72:10:82:09:1e:e6:1a:65:3b:
         90:6b:16:20:3c:9e:1f:2c:f3:39:42:af:2f:73:dd:d5:40:7f:
         cc:f9:e6:08:36:c3:ce:0b:b8:3d:88:43:4b:ef:94:e1:9a:ac:
         9f:c7:d7:c2:0b:f6:71:38:0d:9b:a4:90:72:9d:d3:68:39:94:
         f3:cd:2b:44:5a:be:b6:31:da:0f:bd:fe:db:59:88:81:eb:3a:
         26:a7:2c:b6:04:66:3d:d8:71:4c:3a:89:65:ab:26:45:ba:53:
         a5:a7:da:ed:e0:ce:6b:7e:51:bb:de:a3:91:df:d0:e5:5e:40:
         3d:e7:58:37:6b:ba:e7:69:c8:14:4b:7c:7d:61:00:db:16:43:
         64:ee:00:70:c7:42:a6:c4:f0:e7:49:83:4b:79:77:df:0a:83:
         c7:51:33:1b:0f:10:d7:42:4d:47:00:98:c8:ca:77:22:b7:07:
         be:c0:ea:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjJ9ouXYhMT+k64xAeSoCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMDIwNzcyZjYyOGI4ZmI1MWYzNDc1MTM2Yjc3ZmViNGIy
Njk4YmUwHhcNMjUwNjEyMDgwMDQ1WhcNMjUwNjEzMDgwMDQ1WjAzMTEwLwYDVQQD
EyhlYzFhMzE3ZDIyM2FhOTNlZmUyNTM5Nzg4MDM5MzA3M2FhMzE1MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU83V9nUOCVX2uOwCsz7f97KZbDQ
JAl+0K8D8xSsqgW3PLvWpSy77Awf/Ba6qL9emD/ZyDzRfwtPApGPTAm4q0k2Cj+4
5j7NV9gzJI+AHok/VByjgin/YvOwWK6PJyvs9ldoGO+jGX5MZx6R+Z5yeLfUGuTb
CShCoWqHjrIc2/VxUUmAKJARr3z+/tzv4C9MS9Pz2lNsmsBKmfHEnQo+lYzIa3rv
xpuqXA2PqWgvg9rcYhpWz5j6XL/mN/CKfxaGwg0S25r/PgX52XvEx07NnuelXbjO
D8959FuuPQHraIysMAQopkyD5Kc3l33sdbHfZUSukD0q4m0AAzhbsg6sVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwaMX0iOqk+/iU5eIA5MHOqMVCyMB8GA1UdIwQY
MBaAFKECB3L2KLj7UfNHUTa3f+tLJpi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NTA0MzEtNjE3NC00N2QyLThiYWIt
NTFhZjgyOTY1ZTMzLzEvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NTA0MzEtNjE3NC00N2QyLThiYWItNTFhZjgyOTY1ZTMz
LzEvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAosudXPR+
24K3LTLFNrAFoTPmIHOE85VboJBGmOwg8N+fRviOevu7PQSVarnta/vkylxyGSId
wJnOt6/ppMgsu3OfmwOwUhMxqZvOq5o9A2ObchCCCR7mGmU7kGsWIDyeHyzzOUKv
L3Pd1UB/zPnmCDbDzgu4PYhDS++U4Zqsn8fXwgv2cTgNm6SQcp3TaDmU880rRFq+
tjHaD73+21mIges6JqcstgRmPdhxTDqJZasmRbpTpafa7eDOa35Ru96jkd/Q5V5A
PedYN2u652nIFEt8fWEA2xZDZO4AcMdCpsTw50mDS3l33wqDx1EzGw8Q10JNRwCY
yMp3IrcHvsDqmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:04:12 2025 by rpki-client