Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          91UKEhnKgUkDauUz+FtfqXRsrOH37CWZJ5T9AmvV6jA=
Subject key identifier:   3F:A0:FB:7E:7D:69:48:38:B6:3E:BA:C2:3D:91:A6:2C:6A:81:DB:D7
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       019767E0149A0DA64FAE8371B294433FC159
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A92
Signing time:             Fri 13 Jun 2025 06:00:27 +0000
Manifest this update:     Fri 13 Jun 2025 06:00:27 +0000
Manifest next update:     Sat 14 Jun 2025 06:00:27 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: rREtMVitbqvgwewgSDVpZMPLFjbywH4Foxp9mxozRTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:e0:14:9a:0d:a6:4f:ae:83:71:b2:94:43:3f:c1:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 13 06:00:27 2025 GMT
            Not After : Jun 14 06:00:27 2025 GMT
        Subject: CN=3fa0fb7e7d694838b63ebac23d91a62c6a81dbd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:08:51:82:16:3c:85:ef:67:cc:0e:5a:3a:1f:
                    86:53:70:94:94:c5:34:31:e4:01:c2:84:47:45:4c:
                    ed:96:01:de:14:f5:2c:7f:44:9f:2f:39:d7:8e:df:
                    4e:9e:95:be:49:07:94:d2:86:71:77:b2:bb:b8:07:
                    41:a2:cd:de:a2:34:eb:11:81:9c:71:bc:66:d5:ac:
                    bf:72:da:1d:60:2b:c9:a6:36:48:39:61:c7:43:30:
                    73:d4:e4:3f:9b:db:57:e3:f1:dc:b3:92:74:01:00:
                    6f:d7:93:ae:94:26:81:f2:b8:8f:f5:41:4c:3a:2d:
                    a9:6b:cc:41:66:8b:fd:de:cf:e8:f4:eb:3b:c3:a0:
                    08:77:fa:6b:b1:2d:da:e6:86:3b:34:f0:a8:3a:8a:
                    65:bc:a7:cf:88:65:63:1c:45:b4:dd:8c:c3:c1:cc:
                    5e:1c:4f:30:8f:69:a8:20:a9:b3:55:73:eb:ce:d3:
                    29:c6:08:20:d3:f1:46:aa:28:2f:72:b2:52:be:3d:
                    14:00:0d:cd:f7:36:45:fc:b2:cd:05:da:50:d7:23:
                    d7:a4:89:b1:1a:29:67:ce:25:be:8b:b1:18:bd:e7:
                    74:9a:44:c8:1a:e0:07:1c:81:91:e5:be:7d:6b:2f:
                    b7:fa:ad:18:c6:ff:44:4b:a0:29:5b:fe:e0:ef:e0:
                    1f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A0:FB:7E:7D:69:48:38:B6:3E:BA:C2:3D:91:A6:2C:6A:81:DB:D7
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:da:fe:4e:34:da:9c:ab:b4:54:49:39:ad:96:05:52:27:fb:
         fe:ee:a1:bc:c9:38:9b:7f:63:ff:f0:47:75:ed:02:47:4b:00:
         4a:56:f5:a5:7e:2b:ff:95:c3:c2:2d:77:8a:e0:dc:0b:79:16:
         df:97:03:a2:66:15:f9:24:ac:a6:5a:a6:2f:f5:23:8f:bd:ab:
         bd:9e:81:40:a1:01:86:69:17:66:3b:2f:55:61:bd:ae:a1:c6:
         ad:ce:9c:3d:14:f8:3c:36:e7:e1:f9:d9:ff:23:38:f9:96:7c:
         27:79:ed:ed:07:bb:b3:66:72:b1:f1:8e:d1:fe:12:ba:e3:23:
         ec:85:bd:73:bf:e2:4b:9e:53:2e:77:b0:c3:42:08:a2:f6:22:
         95:4a:a7:49:2f:db:fc:0c:1b:94:f2:34:18:86:75:49:c6:32:
         06:de:11:9b:0a:ca:ac:0e:e5:ac:7f:02:80:c3:d0:05:57:a9:
         ef:21:d4:73:9e:d4:07:1a:3f:fc:08:a6:6c:28:a9:a7:6a:be:
         4e:36:8b:8f:d6:79:ad:fb:5e:f6:45:96:eb:1c:12:fc:76:06:
         3c:df:27:9d:48:84:08:8d:d5:68:c2:9c:8a:a0:ee:fa:aa:58:
         8b:41:fd:d4:06:ec:82:23:36:30:89:cf:a7:6c:94:6f:ed:ba:
         a2:48:82:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4BSaDaZProNxspRDP8FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjEzMDYwMDI3WhcNMjUwNjE0MDYwMDI3WjAzMTEwLwYDVQQD
EygzZmEwZmI3ZTdkNjk0ODM4YjYzZWJhYzIzZDkxYTYyYzZhODFkYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAhRghY8he9nzA5aOh+GU3CUlMU0
MeQBwoRHRUztlgHeFPUsf0SfLznXjt9OnpW+SQeU0oZxd7K7uAdBos3eojTrEYGc
cbxm1ay/ctodYCvJpjZIOWHHQzBz1OQ/m9tX4/Hcs5J0AQBv15OulCaB8riP9UFM
Oi2pa8xBZov93s/o9Os7w6AId/prsS3a5oY7NPCoOoplvKfPiGVjHEW03YzDwcxe
HE8wj2moIKmzVXPrztMpxggg0/FGqigvcrJSvj0UAA3N9zZF/LLNBdpQ1yPXpImx
GilnziW+i7EYved0mkTIGuAHHIGR5b59ay+3+q0Yxv9ES6ApW/7g7+Af6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+g+359aUg4tj66wj2RpixqgdvXMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARdr+TjTa
nKu0VEk5rZYFUif7/u6hvMk4m39j//BHde0CR0sASlb1pX4r/5XDwi13iuDcC3kW
35cDomYV+SSsplqmL/Ujj72rvZ6BQKEBhmkXZjsvVWG9rqHGrc6cPRT4PDbn4fnZ
/yM4+ZZ8J3nt7Qe7s2ZysfGO0f4SuuMj7IW9c7/iS55TLneww0IIovYilUqnSS/b
/AwblPI0GIZ1ScYyBt4RmwrKrA7lrH8CgMPQBVep7yHUc57UBxo//AimbCipp2q+
TjaLj9Z5rfte9kWW6xwS/HYGPN8nnUiECI3VaMKciqDu+qpYi0H91AbsgiM2MInP
p2yUb+26okiCaA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:17:52 2025 by rpki-client