Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          StYR9KyTzfrb2QQEqefo6j170cxXMB3M0KyuzQ0L8vM=
Subject key identifier:   FA:88:A1:E0:53:DF:66:E4:EF:BA:0A:22:5B:3A:AC:DA:64:23:A8:90
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       0197567EAD5796CA2DF83DEC1F21E28D1D35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A89
Signing time:             Mon 09 Jun 2025 21:00:31 +0000
Manifest this update:     Mon 09 Jun 2025 21:00:31 +0000
Manifest next update:     Tue 10 Jun 2025 21:00:31 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: wPr7wn/I83NoGg9WWyNwHwrzoSGZHHYzcNsIDfiSF3Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 21:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:7e:ad:57:96:ca:2d:f8:3d:ec:1f:21:e2:8d:1d:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun  9 21:00:31 2025 GMT
            Not After : Jun 10 21:00:31 2025 GMT
        Subject: CN=fa88a1e053df66e4efba0a225b3aacda6423a890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:90:24:45:20:8f:38:1b:6e:d4:fd:2c:07:83:
                    62:44:4f:e9:a6:1f:55:8c:6e:2a:3a:e2:b5:74:ba:
                    96:5a:48:7e:a3:c0:9e:bd:5b:c4:7e:fa:5d:57:a9:
                    77:a7:00:05:71:34:bc:99:cc:42:68:e9:fe:0c:2c:
                    68:c1:07:57:9d:94:80:2e:c1:2b:c4:b7:9c:36:0f:
                    ae:7f:0d:c9:de:eb:10:60:fe:e1:32:e2:e7:19:a2:
                    b9:cd:f1:92:f7:9a:72:76:c7:7b:c8:e0:83:8a:36:
                    8a:52:2a:6f:ae:11:7d:49:ea:2e:8d:20:9b:7b:7c:
                    a7:36:34:a1:9c:69:92:54:9c:42:c2:be:a6:dd:a5:
                    9c:9f:23:1f:dd:78:e1:93:64:c1:1b:d3:be:6a:1d:
                    f0:1c:3d:04:73:07:36:1f:1d:a0:70:01:cd:ae:1f:
                    c8:84:60:18:95:7a:27:2b:e4:ec:ef:f6:f6:98:79:
                    2d:ac:88:ba:60:90:a7:9b:bf:5d:86:10:32:17:99:
                    6a:6f:3a:0a:2e:11:66:73:db:a6:3d:9f:72:29:7d:
                    fe:45:63:56:1b:25:d9:bd:32:2e:66:6f:7b:fa:51:
                    73:de:6e:86:ba:36:5c:ed:5b:7d:c1:fc:48:6a:ed:
                    48:0e:60:84:e9:24:d4:f5:95:cc:08:74:26:09:49:
                    ee:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:88:A1:E0:53:DF:66:E4:EF:BA:0A:22:5B:3A:AC:DA:64:23:A8:90
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:3d:66:2e:66:86:0d:fe:a6:52:95:6a:a8:bf:db:e8:de:04:
         e8:50:40:0a:4f:43:19:73:42:20:1d:21:5c:b1:84:4d:d1:16:
         f8:3a:46:51:b4:4c:6a:94:7a:7d:1b:15:ea:89:a4:d8:31:26:
         b9:b4:a8:bb:f6:6c:86:03:24:e5:48:47:e0:7f:ab:45:a3:96:
         a4:d7:0d:35:13:0c:d7:fa:ff:58:94:91:22:4a:f6:00:c4:7d:
         50:8c:59:21:3b:49:06:34:51:1f:44:44:c2:2e:fb:9c:79:78:
         07:e9:0f:0c:ee:dd:e9:92:cb:e2:fe:7e:4a:f9:28:04:b6:3d:
         2e:b5:c6:26:0b:94:72:3a:9d:0f:13:4f:de:27:05:7e:e7:da:
         ce:6b:93:71:8a:e0:3d:42:21:8f:8f:61:c4:62:bb:a5:69:c8:
         b7:e5:5e:88:2e:f5:09:0e:de:ee:a1:14:89:e5:86:a2:17:c6:
         d4:ac:42:89:d5:f0:22:82:27:56:87:1b:61:d5:06:bb:13:a1:
         99:05:3b:3d:d5:39:5b:c6:11:88:d0:0c:d8:ac:f9:f7:61:f5:
         59:9d:56:1f:3f:d1:66:6a:ae:71:23:12:a1:57:99:3b:15:77:
         51:3a:7c:a9:bd:b8:f4:5d:e8:69:0d:63:5b:d5:e7:fb:84:c8:
         60:ba:46:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWfq1Xlsot+D3sHyHijR01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjA5MjEwMDMxWhcNMjUwNjEwMjEwMDMxWjAzMTEwLwYDVQQD
EyhmYTg4YTFlMDUzZGY2NmU0ZWZiYTBhMjI1YjNhYWNkYTY0MjNhODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpAkRSCPOBtu1P0sB4NiRE/pph9V
jG4qOuK1dLqWWkh+o8CevVvEfvpdV6l3pwAFcTS8mcxCaOn+DCxowQdXnZSALsEr
xLecNg+ufw3J3usQYP7hMuLnGaK5zfGS95pydsd7yOCDijaKUipvrhF9SeoujSCb
e3ynNjShnGmSVJxCwr6m3aWcnyMf3Xjhk2TBG9O+ah3wHD0Ecwc2Hx2gcAHNrh/I
hGAYlXonK+Ts7/b2mHktrIi6YJCnm79dhhAyF5lqbzoKLhFmc9umPZ9yKX3+RWNW
GyXZvTIuZm97+lFz3m6GujZc7Vt9wfxIau1IDmCE6STU9ZXMCHQmCUnuqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqIoeBT32bk77oKIls6rNpkI6iQMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZz1mLmaG
Df6mUpVqqL/b6N4E6FBACk9DGXNCIB0hXLGETdEW+DpGUbRMapR6fRsV6omk2DEm
ubSou/ZshgMk5UhH4H+rRaOWpNcNNRMM1/r/WJSRIkr2AMR9UIxZITtJBjRRH0RE
wi77nHl4B+kPDO7d6ZLL4v5+SvkoBLY9LrXGJguUcjqdDxNP3icFfufazmuTcYrg
PUIhj49hxGK7pWnIt+VeiC71CQ7e7qEUieWGohfG1KxCidXwIoInVocbYdUGuxOh
mQU7PdU5W8YRiNAM2Kz592H1WZ1WHz/RZmqucSMSoVeZOxV3UTp8qb249F3oaQ1j
W9Xn+4TIYLpG4Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:43:51 2025 by rpki-client