Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
File:                     OM0kYRn4VtiXOodwvsOf_EejydY.mft (raw, json)
Hash identifier:          q1/PMkpC8ohmM+eGhJv2QmorqKFUCHfFM9D4QYiwaY0=
Subject key identifier:   31:69:2F:A3:1F:32:BC:35:87:B6:4F:79:A9:ED:3C:0C:BC:32:DD:52
Authority key identifier: 38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6
Certificate issuer:       /CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
Certificate serial:       019757FF5DBE1FEDD21673E7C8E84B82E583
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
Manifest number:          1581
Signing time:             Tue 10 Jun 2025 04:00:42 +0000
Manifest this update:     Tue 10 Jun 2025 04:00:42 +0000
Manifest next update:     Wed 11 Jun 2025 04:00:42 +0000
Files and hashes:         1: OM0kYRn4VtiXOodwvsOf_EejydY.crl (hash: htmK8utMSilL1JFIv0gjYEUZoJbJagCQ9IS1YWrV1Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:5d:be:1f:ed:d2:16:73:e7:c8:e8:4b:82:e5:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
        Validity
            Not Before: Jun 10 04:00:42 2025 GMT
            Not After : Jun 11 04:00:42 2025 GMT
        Subject: CN=31692fa31f32bc3587b64f79a9ed3c0cbc32dd52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:1c:4b:de:a3:ea:74:ec:ee:26:b3:33:31:ed:
                    37:dd:28:3a:c3:c2:f0:df:99:72:43:2e:96:8f:48:
                    f5:8d:b1:34:2e:6f:23:2e:30:97:4f:a7:e3:89:91:
                    a3:85:17:bf:82:34:f7:f0:05:1b:b6:3a:84:a5:95:
                    e3:d9:3f:bb:02:2f:b2:74:e5:f6:27:bc:a7:a3:dd:
                    6c:6e:21:0d:de:d6:82:91:62:51:ac:09:d9:a1:26:
                    b1:0d:82:eb:b6:ed:6c:e7:01:bb:1e:82:84:dd:1e:
                    a9:d2:76:91:db:a3:12:79:e2:0b:49:94:24:97:99:
                    99:74:fd:6f:37:46:9c:63:32:2d:a3:f7:5f:fb:e5:
                    9b:04:ab:7e:30:d6:d9:18:d4:90:ae:4f:cf:64:2d:
                    74:44:c8:d1:0a:54:2a:1f:2d:97:1b:4d:f9:c7:11:
                    ed:c0:9c:a4:09:b7:32:ed:46:80:68:41:c9:84:c5:
                    85:79:62:e5:ca:1c:84:23:52:fa:76:73:7a:df:75:
                    c0:b3:bb:b3:68:57:d9:7c:a4:d3:b6:5d:60:2b:6a:
                    46:cc:ad:e9:d9:c7:d9:b0:d0:6c:3e:e5:48:c0:d7:
                    9f:e9:32:f8:5c:53:1e:7e:9f:c2:7f:d0:f8:4a:90:
                    14:5f:ce:30:fc:98:0c:8b:6a:79:9e:0a:6c:5a:a7:
                    b0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:69:2F:A3:1F:32:BC:35:87:B6:4F:79:A9:ED:3C:0C:BC:32:DD:52
            X509v3 Authority Key Identifier:
                keyid:38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:27:23:17:e3:e8:bb:6d:e5:49:8d:96:d3:0a:84:66:91:04:
         06:30:34:4c:c5:dc:f3:de:d7:f1:c6:9c:c1:ad:70:2f:1b:6b:
         52:42:a8:94:c3:7d:81:a6:d3:16:63:98:c3:a2:64:e8:86:7f:
         bf:5e:23:ab:b9:e8:be:1a:b6:24:ab:ef:58:7d:98:ed:02:88:
         d1:18:63:e3:00:9a:1f:ab:ed:77:39:54:77:fc:03:6a:cc:79:
         88:b3:df:54:41:37:b0:d4:00:13:12:ee:86:bf:3e:ac:64:ea:
         02:fe:a5:3d:28:09:7b:ec:92:3b:08:7d:2f:51:6f:d8:d0:5e:
         65:cc:ba:80:ca:42:da:ef:4a:e8:69:e1:78:fb:ab:a5:e4:52:
         29:06:eb:0f:85:86:b2:c1:d5:81:3b:8b:76:93:8a:89:b6:01:
         4a:15:14:81:3a:08:91:94:27:8a:dd:e7:b6:17:c8:ab:9a:a6:
         f2:18:88:eb:f3:57:56:3e:52:48:e2:23:5a:80:e2:ba:f8:d6:
         3d:83:f7:2f:08:03:5b:e6:e7:cb:89:b6:21:93:bd:b3:2f:0d:
         16:3e:e0:f9:52:46:e1:22:0e:93:b4:09:47:a2:05:bf:77:6b:
         89:74:15:ce:2a:1d:75:44:5f:03:7a:71:fe:b1:75:05:91:c1:
         db:67:b5:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/12+H+3SFnPnyOhLguWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2QyNDYxMTlmODU2ZDg5NzNhODc3MGJlYzM5ZmZjNDdh
M2M5ZDYwHhcNMjUwNjEwMDQwMDQyWhcNMjUwNjExMDQwMDQyWjAzMTEwLwYDVQQD
EygzMTY5MmZhMzFmMzJiYzM1ODdiNjRmNzlhOWVkM2MwY2JjMzJkZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhxL3qPqdOzuJrMzMe033Sg6w8Lw
35lyQy6Wj0j1jbE0Lm8jLjCXT6fjiZGjhRe/gjT38AUbtjqEpZXj2T+7Ai+ydOX2
J7yno91sbiEN3taCkWJRrAnZoSaxDYLrtu1s5wG7HoKE3R6p0naR26MSeeILSZQk
l5mZdP1vN0acYzIto/df++WbBKt+MNbZGNSQrk/PZC10RMjRClQqHy2XG035xxHt
wJykCbcy7UaAaEHJhMWFeWLlyhyEI1L6dnN633XAs7uzaFfZfKTTtl1gK2pGzK3p
2cfZsNBsPuVIwNef6TL4XFMefp/Cf9D4SpAUX84w/JgMi2p5ngpsWqewHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFpL6MfMrw1h7ZPeantPAy8Mt1SMB8GA1UdIwQY
MBaAFDjNJGEZ+FbYlzqHcL7Dn/xHo8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMt
OGZjZDUzZDQzMWQ1LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMtOGZjZDUzZDQzMWQ1
LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnScjF+Po
u23lSY2W0wqEZpEEBjA0TMXc897X8cacwa1wLxtrUkKolMN9gabTFmOYw6Jk6IZ/
v14jq7novhq2JKvvWH2Y7QKI0Rhj4wCaH6vtdzlUd/wDasx5iLPfVEE3sNQAExLu
hr8+rGTqAv6lPSgJe+ySOwh9L1Fv2NBeZcy6gMpC2u9K6GnhePurpeRSKQbrD4WG
ssHVgTuLdpOKibYBShUUgToIkZQnit3nthfIq5qm8hiI6/NXVj5SSOIjWoDiuvjW
PYP3LwgDW+bny4m2IZO9sy8NFj7g+VJG4SIOk7QJR6IFv3driXQVzioddURfA3px
/rF1BZHB22e1kw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:07:13 2025 by rpki-client