Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          dO9KuqxPT/u8UVrshmtPOHtHcJ16dLQEeCiHXQRwDgo=
Subject key identifier:   9D:90:E0:D1:2D:7C:6D:9B:48:44:8D:B6:D5:39:BB:F3:F3:23:06:16
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       01975E381E11FC767C0B6D74144B364FD19E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A8D
Signing time:             Wed 11 Jun 2025 09:00:25 +0000
Manifest this update:     Wed 11 Jun 2025 09:00:25 +0000
Manifest next update:     Thu 12 Jun 2025 09:00:25 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: w0QBWZ4Dojsjx8oByyIcO4mTeGunT8mKXFuCeFevZJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:1e:11:fc:76:7c:0b:6d:74:14:4b:36:4f:d1:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 11 09:00:25 2025 GMT
            Not After : Jun 12 09:00:25 2025 GMT
        Subject: CN=9d90e0d12d7c6d9b48448db6d539bbf3f3230616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ff:18:7e:33:fb:bb:8c:47:a3:70:d6:a4:e1:
                    f5:9f:bb:7d:ed:a7:50:91:ee:d1:03:8c:fc:72:8b:
                    4a:10:ab:e4:d6:c7:2d:61:35:f3:74:13:8e:08:c0:
                    98:77:30:dd:bc:c9:c2:57:7a:51:37:5f:ee:16:2d:
                    b1:0b:50:f5:85:b2:d0:d0:36:b0:b7:9a:91:4f:8c:
                    38:5f:40:76:01:c1:ac:d2:15:a0:19:f0:1d:f5:1c:
                    de:6e:2a:3f:cc:f7:b1:7e:85:99:af:74:7d:8e:78:
                    b0:82:2f:c7:35:f2:61:06:b1:1c:8e:b9:17:ec:85:
                    56:2f:66:3b:2d:05:ed:1e:34:36:a1:63:2c:ab:34:
                    ec:38:0b:98:57:98:0f:e9:be:ca:94:fe:ac:2c:89:
                    c3:88:38:1c:40:9e:f5:9a:1a:fd:ed:78:0f:ec:10:
                    c7:6d:9c:43:e7:3a:e1:34:63:17:e7:04:44:08:35:
                    65:2d:83:e6:8f:b4:2f:a1:05:d8:14:2a:d0:0e:93:
                    8f:9e:99:a0:c9:5e:25:88:5d:d9:f0:48:a1:d4:34:
                    51:c9:3a:74:fb:ce:a6:4e:2a:79:45:31:06:af:18:
                    a6:3d:ca:4e:37:fb:9a:0a:3a:07:6b:f5:d3:23:48:
                    c4:39:60:ae:50:ed:5f:06:bd:24:0b:ae:9f:8a:99:
                    f7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:90:E0:D1:2D:7C:6D:9B:48:44:8D:B6:D5:39:BB:F3:F3:23:06:16
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:c3:ef:b1:8e:28:a2:0b:17:19:b1:ad:69:80:da:15:41:a8:
         8c:8c:7e:ce:38:95:09:be:c3:28:27:d3:ae:31:15:d3:96:4b:
         2c:08:b6:76:78:db:a4:15:84:0c:07:71:2b:2f:87:92:34:d0:
         c6:4e:f6:38:ad:1a:50:7d:51:13:cb:60:bc:ba:7c:94:2b:ba:
         6c:15:20:1f:da:4b:ea:09:2f:a3:b8:1b:b3:ab:60:47:57:78:
         ce:7a:b2:7c:46:85:e4:2b:93:cb:da:cf:1e:a4:48:a0:a2:f1:
         0c:fa:de:81:ad:9e:4f:b5:e3:e8:69:f2:08:2c:08:9a:88:3e:
         46:8d:d1:b4:d2:eb:70:fc:95:80:dd:1b:2d:77:a9:23:41:43:
         e8:a6:c4:51:74:db:14:d5:a2:3d:34:8b:4a:41:38:14:6e:36:
         ce:cd:0e:8d:61:85:b9:d6:7b:d1:13:02:32:34:11:f5:9d:c7:
         b4:5d:e5:bb:a8:45:75:03:d5:80:4f:42:c9:e6:09:e9:ac:4a:
         15:85:f1:0a:74:98:af:63:fa:19:e4:ba:1a:73:eb:fe:70:94:
         b9:0a:cb:46:f8:04:8a:dd:12:b0:08:14:8e:da:28:59:86:19:
         83:78:ce:49:80:1e:d6:b5:d5:0c:0e:7f:81:e1:15:79:94:d1:
         e2:6f:26:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOB4R/HZ8C210FEs2T9GeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjExMDkwMDI1WhcNMjUwNjEyMDkwMDI1WjAzMTEwLwYDVQQD
Eyg5ZDkwZTBkMTJkN2M2ZDliNDg0NDhkYjZkNTM5YmJmM2YzMjMwNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf8YfjP7u4xHo3DWpOH1n7t97adQ
ke7RA4z8cotKEKvk1sctYTXzdBOOCMCYdzDdvMnCV3pRN1/uFi2xC1D1hbLQ0Daw
t5qRT4w4X0B2AcGs0hWgGfAd9Rzebio/zPexfoWZr3R9jniwgi/HNfJhBrEcjrkX
7IVWL2Y7LQXtHjQ2oWMsqzTsOAuYV5gP6b7KlP6sLInDiDgcQJ71mhr97XgP7BDH
bZxD5zrhNGMX5wRECDVlLYPmj7QvoQXYFCrQDpOPnpmgyV4liF3Z8Eih1DRRyTp0
+86mTip5RTEGrximPcpON/uaCjoHa/XTI0jEOWCuUO1fBr0kC66fipn3ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2Q4NEtfG2bSESNttU5u/PzIwYWMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMPvsY4o
ogsXGbGtaYDaFUGojIx+zjiVCb7DKCfTrjEV05ZLLAi2dnjbpBWEDAdxKy+HkjTQ
xk72OK0aUH1RE8tgvLp8lCu6bBUgH9pL6gkvo7gbs6tgR1d4znqyfEaF5CuTy9rP
HqRIoKLxDPrega2eT7Xj6GnyCCwImog+Ro3RtNLrcPyVgN0bLXepI0FD6KbEUXTb
FNWiPTSLSkE4FG42zs0OjWGFudZ70RMCMjQR9Z3HtF3lu6hFdQPVgE9CyeYJ6axK
FYXxCnSYr2P6GeS6GnPr/nCUuQrLRvgEit0SsAgUjtooWYYZg3jOSYAe1rXVDA5/
geEVeZTR4m8mlg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:38:02 2025 by rpki-client