Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          cTgcYAaSRvH7+E1O0UsFoZOBUKqAKalrdiDi+eUH8EE=
Subject key identifier:   33:54:2C:0D:16:91:F3:6B:A8:E4:76:A4:8D:FC:9D:1F:CB:64:AD:79
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       01976DAB50457585E51427757C1895EC7116
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A95
Signing time:             Sat 14 Jun 2025 09:00:32 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:32 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:32 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: RFI+z7geqGIv6qhg+QkfEdVbtqNrjGbSmL1F1qRoH5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:50:45:75:85:e5:14:27:75:7c:18:95:ec:71:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 14 09:00:32 2025 GMT
            Not After : Jun 15 09:00:32 2025 GMT
        Subject: CN=33542c0d1691f36ba8e476a48dfc9d1fcb64ad79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:16:0a:c6:6e:bc:e2:29:d5:d7:81:e4:a8:48:
                    c0:6c:cc:16:de:7d:dc:5f:f4:0c:7f:4d:ec:a3:b4:
                    df:e3:92:56:5c:53:d8:2d:c6:9a:7c:6a:46:a7:2d:
                    01:6f:f3:50:a9:54:53:8e:53:93:7f:29:60:a3:8b:
                    e1:ea:f4:c9:36:b6:07:a0:2b:69:92:ea:2d:a7:2c:
                    f6:3f:55:16:d0:6a:18:a1:cb:d3:92:c0:0f:1f:fa:
                    61:47:ff:bb:af:3e:e1:fe:1a:72:6c:75:07:51:f6:
                    23:07:8e:41:3f:4e:4b:56:d7:0f:5a:99:08:b0:00:
                    c3:9f:be:a6:30:7f:77:24:4a:9f:77:a1:d8:9b:26:
                    cf:3e:98:79:f8:f3:59:29:93:fb:5d:4b:35:3f:b8:
                    f7:c8:bf:bc:a0:6c:f0:96:23:8f:1e:96:e2:bc:65:
                    d2:65:f3:44:eb:06:e9:6c:73:ce:96:90:94:cb:c6:
                    1a:b7:cf:ce:a8:ff:47:31:63:00:80:92:d5:08:99:
                    b9:f5:63:da:69:c8:16:60:d6:9a:4a:db:bd:71:bb:
                    42:f0:4e:e6:0d:08:4a:12:5e:07:20:f3:4c:2f:76:
                    16:16:41:39:87:73:03:1b:83:76:13:f9:20:32:8e:
                    f3:8e:f3:7a:19:30:48:29:60:f9:3f:06:4a:31:ce:
                    40:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:54:2C:0D:16:91:F3:6B:A8:E4:76:A4:8D:FC:9D:1F:CB:64:AD:79
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:d8:00:f9:77:a3:e7:eb:3c:41:a1:c4:cb:e0:d3:1c:58:ef:
         d2:51:86:18:27:ed:13:10:78:61:54:4c:36:44:05:07:8a:01:
         46:9d:87:de:9d:3a:ff:82:5e:45:0b:da:30:4b:b6:d4:ed:5d:
         b3:12:dd:06:ec:3e:49:4a:30:45:05:ee:90:71:84:be:d5:2c:
         1e:e9:64:77:9d:aa:e3:8b:37:1e:9c:74:11:c9:1a:34:cf:ca:
         7c:a2:10:a3:ae:c2:e9:e4:27:7c:1d:c6:49:d4:18:20:52:c8:
         02:79:90:24:4d:b9:bb:c8:86:2a:3d:35:a0:ec:72:72:ae:fe:
         f5:c4:c1:82:5b:e0:b9:e7:76:92:c2:7e:00:eb:25:6b:06:49:
         cc:c0:44:78:d6:ea:30:44:03:f1:7c:5f:dc:78:2a:f7:29:64:
         56:a8:e1:9a:63:ff:d6:2f:d4:3c:67:7f:92:75:bd:76:c8:f1:
         5b:d0:e8:ce:ff:44:e4:fd:72:11:d6:63:31:e5:12:0d:6c:0b:
         95:7f:a9:fa:0b:8e:f5:aa:59:23:60:81:1a:47:40:7c:e9:bd:
         e4:c6:ea:a4:58:1b:c1:e3:f6:63:74:8f:fe:a6:3d:53:e0:58:
         ff:7b:26:56:22:4c:47:58:d2:52:93:41:e5:47:28:9e:99:02:
         6f:71:e1:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq1BFdYXlFCd1fBiV7HEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjE0MDkwMDMyWhcNMjUwNjE1MDkwMDMyWjAzMTEwLwYDVQQD
EygzMzU0MmMwZDE2OTFmMzZiYThlNDc2YTQ4ZGZjOWQxZmNiNjRhZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RYKxm684inV14HkqEjAbMwW3n3c
X/QMf03so7Tf45JWXFPYLcaafGpGpy0Bb/NQqVRTjlOTfylgo4vh6vTJNrYHoCtp
kuotpyz2P1UW0GoYocvTksAPH/phR/+7rz7h/hpybHUHUfYjB45BP05LVtcPWpkI
sADDn76mMH93JEqfd6HYmybPPph5+PNZKZP7XUs1P7j3yL+8oGzwliOPHpbivGXS
ZfNE6wbpbHPOlpCUy8Yat8/OqP9HMWMAgJLVCJm59WPaacgWYNaaStu9cbtC8E7m
DQhKEl4HIPNML3YWFkE5h3MDG4N2E/kgMo7zjvN6GTBIKWD5PwZKMc5ASwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNULA0WkfNrqOR2pI38nR/LZK15MB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAntgA+Xej
5+s8QaHEy+DTHFjv0lGGGCftExB4YVRMNkQFB4oBRp2H3p06/4JeRQvaMEu21O1d
sxLdBuw+SUowRQXukHGEvtUsHulkd52q44s3Hpx0EckaNM/KfKIQo67C6eQnfB3G
SdQYIFLIAnmQJE25u8iGKj01oOxycq7+9cTBglvgued2ksJ+AOslawZJzMBEeNbq
MEQD8Xxf3Hgq9ylkVqjhmmP/1i/UPGd/knW9dsjxW9Dozv9E5P1yEdZjMeUSDWwL
lX+p+guO9apZI2CBGkdAfOm95MbqpFgbweP2Y3SP/qY9U+BY/3smViJMR1jSUpNB
5UconpkCb3Hhfw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:46:05 2025 by rpki-client