Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          RwWaNEqN7YN6CiJKK/kojts2GYnjE8zEeoe4gUbDIQM=
Subject key identifier:   17:94:64:30:A7:FA:43:F4:57:25:68:30:1D:9A:3A:DD:87:A2:C2:02
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       01975A5B3F517C398B7620EBDE51731D15E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A8B
Signing time:             Tue 10 Jun 2025 15:00:18 +0000
Manifest this update:     Tue 10 Jun 2025 15:00:18 +0000
Manifest next update:     Wed 11 Jun 2025 15:00:18 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: qpLdNcACiwOFoLpif+CLYeCANUwc7Cd44Cdb6TFhyOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:5b:3f:51:7c:39:8b:76:20:eb:de:51:73:1d:15:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 10 15:00:18 2025 GMT
            Not After : Jun 11 15:00:18 2025 GMT
        Subject: CN=17946430a7fa43f4572568301d9a3add87a2c202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ef:50:d7:5f:9c:a8:f0:7c:3c:e5:7e:47:6f:
                    0f:51:d7:bd:15:7b:3b:85:9a:d5:9c:99:77:41:d0:
                    b2:25:ee:6e:86:c8:15:43:46:82:5c:b8:bc:de:db:
                    d3:44:53:4a:11:eb:5e:54:cf:e2:a4:fe:3c:1b:c7:
                    c5:57:f5:9e:6d:a0:e4:79:d2:42:32:54:12:39:4d:
                    c3:9c:f1:31:2f:e4:0b:0c:27:d4:36:43:7e:44:44:
                    6b:b0:c1:d6:f3:8b:35:ef:a7:f5:12:05:90:37:14:
                    81:6c:7d:68:31:9a:97:08:7d:58:6c:07:89:96:62:
                    2b:8f:d5:fa:be:ba:f9:6e:95:64:14:cd:d6:0d:0d:
                    f7:58:a5:21:2f:b1:3c:91:4e:af:23:63:89:d6:26:
                    3a:9e:4d:c1:13:85:6a:ad:1c:0e:88:14:39:83:fe:
                    4d:58:6f:55:ac:7b:83:a3:9b:ca:1e:d1:3a:5e:91:
                    59:a8:2a:e8:02:58:c3:01:35:85:5c:10:f4:90:b4:
                    be:34:05:32:ec:f7:75:93:d7:db:46:a5:f6:76:e7:
                    3f:03:f4:1e:c7:38:d0:b3:52:d4:fb:6f:fb:ef:19:
                    7d:52:7d:d0:65:e7:7d:9d:42:70:2d:f7:5d:33:6f:
                    4e:41:59:7a:f7:68:57:23:a5:2b:17:64:8e:a7:f8:
                    01:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:94:64:30:A7:FA:43:F4:57:25:68:30:1D:9A:3A:DD:87:A2:C2:02
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:1d:6e:dc:57:1f:97:4e:6f:2f:02:f8:6b:cd:85:7b:5a:97:
         de:a6:40:f0:bb:7a:03:57:f8:69:9d:bd:8a:d4:08:91:f1:98:
         48:97:6e:b4:7c:38:cf:1d:1a:0b:5e:54:be:97:5e:52:74:36:
         18:70:b0:b3:3f:49:75:94:46:51:af:07:0e:f5:8e:e3:cd:7f:
         af:51:02:35:80:2e:10:dc:47:54:6c:54:d4:ea:d6:87:c4:ef:
         64:1c:18:83:27:ed:83:b5:0a:76:f2:b3:de:68:72:88:7e:d7:
         48:ea:9e:87:08:a7:b5:51:00:07:d9:c0:0f:d9:fe:cb:82:5e:
         60:b2:5b:54:ce:da:66:f2:9a:1b:f1:d4:6e:00:9c:fc:0c:2d:
         1d:b3:ca:6b:6d:5d:a0:74:af:a2:3e:fc:cf:34:53:f7:ab:b2:
         0e:20:75:0c:3e:af:67:76:8a:e6:7c:83:e7:60:cc:8e:83:c4:
         89:d9:db:ad:d5:3d:49:aa:c8:d2:f4:bd:d7:0e:b5:3a:c6:2b:
         25:45:0e:b7:d9:96:c1:38:36:3f:60:ee:2c:4a:42:ea:9e:bf:
         d8:cc:de:af:c6:dd:40:82:b2:23:2b:df:e0:af:59:0c:35:55:
         50:86:c2:41:3d:b9:76:89:31:a7:e6:af:43:95:86:f8:81:25:
         9f:4c:c5:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaWz9RfDmLdiDr3lFzHRXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjEwMTUwMDE4WhcNMjUwNjExMTUwMDE4WjAzMTEwLwYDVQQD
EygxNzk0NjQzMGE3ZmE0M2Y0NTcyNTY4MzAxZDlhM2FkZDg3YTJjMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+9Q11+cqPB8POV+R28PUde9FXs7
hZrVnJl3QdCyJe5uhsgVQ0aCXLi83tvTRFNKEeteVM/ipP48G8fFV/WebaDkedJC
MlQSOU3DnPExL+QLDCfUNkN+RERrsMHW84s176f1EgWQNxSBbH1oMZqXCH1YbAeJ
lmIrj9X6vrr5bpVkFM3WDQ33WKUhL7E8kU6vI2OJ1iY6nk3BE4VqrRwOiBQ5g/5N
WG9VrHuDo5vKHtE6XpFZqCroAljDATWFXBD0kLS+NAUy7Pd1k9fbRqX2duc/A/Qe
xzjQs1LU+2/77xl9Un3QZed9nUJwLfddM29OQVl692hXI6UrF2SOp/gBHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeUZDCn+kP0VyVoMB2aOt2HosICMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYR1u3Fcf
l05vLwL4a82Fe1qX3qZA8Lt6A1f4aZ29itQIkfGYSJdutHw4zx0aC15UvpdeUnQ2
GHCwsz9JdZRGUa8HDvWO481/r1ECNYAuENxHVGxU1OrWh8TvZBwYgyftg7UKdvKz
3mhyiH7XSOqehwintVEAB9nAD9n+y4JeYLJbVM7aZvKaG/HUbgCc/AwtHbPKa21d
oHSvoj78zzRT96uyDiB1DD6vZ3aK5nyD52DMjoPEidnbrdU9SarI0vS91w61OsYr
JUUOt9mWwTg2P2DuLEpC6p6/2Mzer8bdQIKyIyvf4K9ZDDVVUIbCQT25dokxp+av
Q5WG+IEln0zF1A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 22:59:38 2025 by rpki-client