Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
File:                     OM0kYRn4VtiXOodwvsOf_EejydY.mft (raw, json)
Hash identifier:          gZx7W3jt4fSAhObXTzSiS6T+hhchJvmKkAu+QwV0Mkc=
Subject key identifier:   B2:DD:39:68:EC:B4:ED:D9:85:2E:57:9A:F9:62:D9:C1:83:53:7C:18
Authority key identifier: 38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6
Certificate issuer:       /CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
Certificate serial:       01975FB99C24CB0060B3FDCBCC83FAEFBD11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
Manifest number:          1585
Signing time:             Wed 11 Jun 2025 16:01:29 +0000
Manifest this update:     Wed 11 Jun 2025 16:01:29 +0000
Manifest next update:     Thu 12 Jun 2025 16:01:29 +0000
Files and hashes:         1: OM0kYRn4VtiXOodwvsOf_EejydY.crl (hash: sZLDWMeKpRienA3xpGt7s/5KkQoRWWLexp5gKz4gIbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:b9:9c:24:cb:00:60:b3:fd:cb:cc:83:fa:ef:bd:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
        Validity
            Not Before: Jun 11 16:01:29 2025 GMT
            Not After : Jun 12 16:01:29 2025 GMT
        Subject: CN=b2dd3968ecb4edd9852e579af962d9c183537c18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:96:9b:32:40:10:dc:b5:e9:1e:39:10:a9:b5:
                    e1:03:b9:7a:32:d1:db:87:f3:b9:63:f2:76:04:19:
                    b5:28:ea:13:fc:e2:f1:92:ff:78:43:74:cf:aa:b2:
                    2c:29:0b:7e:81:36:e6:09:63:23:b0:3c:5a:35:c9:
                    41:7b:05:41:c5:77:46:fd:ef:6e:ca:0e:e8:5d:d5:
                    93:bb:4a:bb:5e:53:98:d8:e7:f1:19:e6:88:b7:b6:
                    6b:03:5c:d7:07:fa:39:b1:98:09:9b:5f:62:e9:81:
                    16:b0:18:be:30:d4:99:3f:c3:98:72:fc:03:00:05:
                    fa:0e:44:8c:f0:5c:2b:ad:b2:2d:c3:cf:c1:7f:fa:
                    79:82:af:56:8f:13:fb:17:84:5a:11:9e:f6:5a:c6:
                    b3:dd:73:24:03:47:9e:2e:46:2e:74:7b:9b:44:26:
                    dd:25:74:3a:03:34:40:34:66:60:46:c9:8b:78:c9:
                    4d:66:b4:d5:01:4b:19:bc:11:97:2e:2e:b4:79:bb:
                    37:a8:cf:08:18:b9:5c:59:7c:f3:f8:18:16:2f:8b:
                    9f:4b:9b:e3:de:2f:b1:86:2f:0a:28:c2:d9:eb:5a:
                    28:1d:3f:06:1f:42:a2:93:9a:c6:a3:41:d5:05:a2:
                    f3:ec:16:04:56:7e:e6:bb:61:91:59:c5:35:de:90:
                    1e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:DD:39:68:EC:B4:ED:D9:85:2E:57:9A:F9:62:D9:C1:83:53:7C:18
            X509v3 Authority Key Identifier:
                keyid:38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:01:ba:63:85:dc:b2:2b:35:f8:b7:55:90:28:74:78:91:74:
         ea:02:12:06:82:ad:5c:ca:15:cb:3d:b0:8c:f4:26:c3:9b:93:
         dd:71:da:54:ba:6b:85:b8:a1:70:cd:1f:1c:4b:33:91:b0:7a:
         b2:3e:0e:9c:a4:b2:a9:91:11:98:0b:5a:e2:62:fc:82:5e:ab:
         fe:1f:c5:86:ce:b9:ec:04:74:f3:3d:b3:22:3c:bf:7d:e1:be:
         9a:fa:50:60:ed:38:b5:a8:42:f6:26:60:41:1b:4e:dc:14:17:
         b0:74:34:ed:c3:2a:36:81:69:9e:5e:75:4a:6a:1f:bb:ba:44:
         0c:ba:ec:fb:f3:e8:c2:c8:4a:f0:a3:35:c9:77:ef:4a:7c:dd:
         8f:6c:94:32:55:e2:31:42:cf:21:e4:4a:a7:6b:18:41:22:05:
         87:2e:a7:d6:34:64:57:54:b4:af:58:71:16:62:9d:33:9a:21:
         3f:5c:37:c9:9e:50:4a:87:58:a7:73:da:b3:43:7d:26:f0:ad:
         04:24:cf:e2:92:5e:fb:0e:25:90:37:73:1b:a7:88:64:6e:eb:
         37:f1:18:91:4e:df:72:74:ea:cc:df:53:51:63:6a:6e:26:f8:
         63:9c:79:dd:38:ee:27:33:a4:5b:7c:e0:9c:0e:90:09:e6:54:
         e4:4e:af:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfuZwkywBgs/3LzIP6770RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2QyNDYxMTlmODU2ZDg5NzNhODc3MGJlYzM5ZmZjNDdh
M2M5ZDYwHhcNMjUwNjExMTYwMTI5WhcNMjUwNjEyMTYwMTI5WjAzMTEwLwYDVQQD
EyhiMmRkMzk2OGVjYjRlZGQ5ODUyZTU3OWFmOTYyZDljMTgzNTM3YzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZabMkAQ3LXpHjkQqbXhA7l6MtHb
h/O5Y/J2BBm1KOoT/OLxkv94Q3TPqrIsKQt+gTbmCWMjsDxaNclBewVBxXdG/e9u
yg7oXdWTu0q7XlOY2OfxGeaIt7ZrA1zXB/o5sZgJm19i6YEWsBi+MNSZP8OYcvwD
AAX6DkSM8FwrrbItw8/Bf/p5gq9WjxP7F4RaEZ72Wsaz3XMkA0eeLkYudHubRCbd
JXQ6AzRANGZgRsmLeMlNZrTVAUsZvBGXLi60ebs3qM8IGLlcWXzz+BgWL4ufS5vj
3i+xhi8KKMLZ61ooHT8GH0Kik5rGo0HVBaLz7BYEVn7mu2GRWcU13pAeIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLdOWjstO3ZhS5Xmvli2cGDU3wYMB8GA1UdIwQY
MBaAFDjNJGEZ+FbYlzqHcL7Dn/xHo8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMt
OGZjZDUzZDQzMWQ1LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMtOGZjZDUzZDQzMWQ1
LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPAG6Y4Xc
sis1+LdVkCh0eJF06gISBoKtXMoVyz2wjPQmw5uT3XHaVLprhbihcM0fHEszkbB6
sj4OnKSyqZERmAta4mL8gl6r/h/Fhs657AR08z2zIjy/feG+mvpQYO04tahC9iZg
QRtO3BQXsHQ07cMqNoFpnl51Smofu7pEDLrs+/PowshK8KM1yXfvSnzdj2yUMlXi
MULPIeRKp2sYQSIFhy6n1jRkV1S0r1hxFmKdM5ohP1w3yZ5QSodYp3Pas0N9JvCt
BCTP4pJe+w4lkDdzG6eIZG7rN/EYkU7fcnTqzN9TUWNqbib4Y5x53TjuJzOkW3zg
nA6QCeZU5E6v8g==
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:53:24 2025 by rpki-client