Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          1PApTaDVhEe0ikVMGTbmcRVtgZyCS8CHEDf9vEAhB/Q=
Subject key identifier:   01:BB:02:38:BD:A4:80:2A:74:2F:C8:55:66:8C:3C:2B:42:18:27:22
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       0197586D8EDB80B0CFC6A5FB48FEB36C5995
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A8A
Signing time:             Tue 10 Jun 2025 06:01:04 +0000
Manifest this update:     Tue 10 Jun 2025 06:01:04 +0000
Manifest next update:     Wed 11 Jun 2025 06:01:04 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: 0cfOOBoKdlZIG9+OJhcJcjHXhvBgX5OjQvxewFNfYFM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 06:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:6d:8e:db:80:b0:cf:c6:a5:fb:48:fe:b3:6c:59:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 10 06:01:04 2025 GMT
            Not After : Jun 11 06:01:04 2025 GMT
        Subject: CN=01bb0238bda4802a742fc855668c3c2b42182722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:09:b0:1e:8c:33:f0:42:c5:14:95:b1:e1:aa:
                    05:61:55:5f:67:e1:62:eb:be:ee:51:08:9b:9d:85:
                    e7:38:19:11:a8:0d:94:48:ac:5e:3a:e6:0a:95:cf:
                    9f:29:34:38:a1:f6:45:4f:a1:e9:71:b3:cc:ca:ad:
                    af:54:17:a8:27:de:31:a4:61:1d:e7:e9:ec:1a:a8:
                    77:48:cf:86:93:6d:31:ce:22:19:3a:e2:9e:7e:2f:
                    03:6d:c5:d6:f7:57:3b:d6:12:70:df:1c:4f:5c:db:
                    e8:13:6e:c8:cc:01:2f:c3:62:4b:f1:13:6a:b4:7e:
                    c7:58:ba:48:5c:b8:d1:f1:1d:27:99:64:c5:37:42:
                    a7:7c:75:51:64:5a:b5:06:4e:13:71:28:24:ce:ec:
                    18:4b:d2:fc:61:c3:2f:cf:31:c4:fc:f1:7e:c1:15:
                    42:b1:1d:61:d7:b2:c5:3d:eb:4b:cb:43:d8:a8:fc:
                    ef:b9:f5:63:06:92:b0:56:28:77:b7:72:47:2b:fb:
                    cb:39:88:2c:fe:e6:0d:69:00:b1:b8:d1:3e:35:98:
                    46:31:9d:81:61:2e:70:64:12:29:ce:b5:a7:91:75:
                    f3:15:b3:8f:48:24:04:1a:dc:47:b1:2d:04:b7:be:
                    8e:06:05:02:6c:af:01:aa:aa:38:fa:75:52:5e:72:
                    84:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:BB:02:38:BD:A4:80:2A:74:2F:C8:55:66:8C:3C:2B:42:18:27:22
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:2b:5d:dc:8f:68:b7:5d:96:0a:92:7a:5f:98:63:b3:ca:39:
         7b:a5:df:de:68:5f:c8:0c:12:44:31:d7:37:1f:13:22:01:10:
         5a:e8:61:02:07:cf:0b:a2:c0:16:5b:5a:d6:fd:60:b4:3c:7d:
         e2:86:31:95:d2:4d:76:59:71:56:41:a9:fa:85:ac:b6:65:2b:
         de:5d:71:51:5f:2a:c1:80:92:b8:c1:63:20:79:f0:b3:82:66:
         60:35:de:92:59:66:9d:78:e3:7d:53:f5:9e:2d:b2:db:88:d8:
         55:ae:c2:48:b0:e2:c3:b7:06:ef:51:38:83:c6:fa:ad:8a:2a:
         8b:d4:97:eb:a1:a2:19:cc:10:73:3a:88:84:bb:85:43:ee:91:
         7c:7d:a8:41:c4:ae:e8:8d:27:f0:f8:65:6a:33:eb:43:9b:44:
         92:a2:f2:16:4b:c8:88:49:df:78:ae:85:d8:a8:17:6f:db:12:
         4a:60:c6:ce:1e:20:bb:75:7f:7d:b2:57:48:47:9f:cf:74:8c:
         36:3c:23:53:8a:ea:a4:54:d9:00:bc:74:ce:d6:9e:ae:80:e3:
         0d:65:c4:da:26:d1:ae:5e:8f:62:3b:31:12:1a:62:e2:a8:cd:
         ad:86:f9:81:f2:34:46:11:ef:1a:59:18:61:0c:82:82:73:f0:
         5b:76:57:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYbY7bgLDPxqX7SP6zbFmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjEwMDYwMTA0WhcNMjUwNjExMDYwMTA0WjAzMTEwLwYDVQQD
EygwMWJiMDIzOGJkYTQ4MDJhNzQyZmM4NTU2NjhjM2MyYjQyMTgyNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gmwHowz8ELFFJWx4aoFYVVfZ+Fi
677uUQibnYXnOBkRqA2USKxeOuYKlc+fKTQ4ofZFT6HpcbPMyq2vVBeoJ94xpGEd
5+nsGqh3SM+Gk20xziIZOuKefi8DbcXW91c71hJw3xxPXNvoE27IzAEvw2JL8RNq
tH7HWLpIXLjR8R0nmWTFN0KnfHVRZFq1Bk4TcSgkzuwYS9L8YcMvzzHE/PF+wRVC
sR1h17LFPetLy0PYqPzvufVjBpKwVih3t3JHK/vLOYgs/uYNaQCxuNE+NZhGMZ2B
YS5wZBIpzrWnkXXzFbOPSCQEGtxHsS0Et76OBgUCbK8Bqqo4+nVSXnKEwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAG7Aji9pIAqdC/IVWaMPCtCGCciMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZCtd3I9o
t12WCpJ6X5hjs8o5e6Xf3mhfyAwSRDHXNx8TIgEQWuhhAgfPC6LAFlta1v1gtDx9
4oYxldJNdllxVkGp+oWstmUr3l1xUV8qwYCSuMFjIHnws4JmYDXekllmnXjjfVP1
ni2y24jYVa7CSLDiw7cG71E4g8b6rYoqi9SX66GiGcwQczqIhLuFQ+6RfH2oQcSu
6I0n8PhlajPrQ5tEkqLyFkvIiEnfeK6F2KgXb9sSSmDGzh4gu3V/fbJXSEefz3SM
NjwjU4rqpFTZALx0ztaeroDjDWXE2ibRrl6PYjsxEhpi4qjNrYb5gfI0RhHvGlkY
YQyCgnPwW3ZXOw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:50:49 2025 by rpki-client