Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
File:                     OM0kYRn4VtiXOodwvsOf_EejydY.mft (raw, json)
Hash identifier:          wnBXF4msb0f0WktXQ6VtlsepdtJRAswONXWf5ldpRHo=
Subject key identifier:   BD:F9:AC:80:B6:E7:74:9B:B1:D6:52:99:E5:E8:FB:95:6D:01:58:13
Authority key identifier: 38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6
Certificate issuer:       /CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
Certificate serial:       019767732BBBB1117DFB3235EC3A0461B4C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 04:01:30 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:30 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:30 +0000
Files and hashes:         1: OM0kYRn4VtiXOodwvsOf_EejydY.crl (hash: ceEOIrDNPU01ELMrVou2s3pSWuApk/PonCds5SPFalY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:73:2b:bb:b1:11:7d:fb:32:35:ec:3a:04:61:b4:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38cd246119f856d8973a8770bec39ffc47a3c9d6
        Validity
            Not Before: Jun 13 04:01:30 2025 GMT
            Not After : Jun 14 04:01:30 2025 GMT
        Subject: CN=bdf9ac80b6e7749bb1d65299e5e8fb956d015813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d2:6d:71:52:e2:c4:1f:88:58:cc:75:38:d9:
                    a9:17:ca:a8:33:a1:7a:45:d4:80:38:22:c0:5c:83:
                    01:d0:46:d5:8c:88:55:63:76:cb:85:23:e8:84:5e:
                    45:fa:b5:fd:3d:0c:d8:db:29:64:33:47:c9:52:e1:
                    b9:75:96:f0:4f:83:72:4f:e1:b1:cc:41:a2:87:99:
                    02:89:e0:51:4b:32:3b:16:de:40:c3:1c:46:9a:11:
                    e5:3c:e0:3c:3b:12:78:57:ad:bb:64:33:8e:f0:d2:
                    12:32:4c:fc:15:bf:06:0a:d1:79:e2:80:a7:83:6e:
                    7c:33:99:97:cc:d2:c8:90:24:99:96:05:12:6a:68:
                    eb:dc:69:07:a2:73:68:2e:ee:5e:89:7f:72:01:c0:
                    6e:a6:13:9f:8d:e6:c7:3a:68:64:fc:9f:0c:e5:29:
                    ce:91:0f:f9:30:ec:ba:d4:5e:1a:54:92:e4:a8:17:
                    d1:17:e8:0e:ee:ec:fe:ef:6c:46:e5:43:61:6c:81:
                    86:19:44:00:9f:f9:cc:60:1d:b1:ff:d0:2f:6f:6f:
                    73:32:bd:7c:d0:ac:7e:09:55:d8:da:e5:e6:e4:b8:
                    ea:72:4d:27:f7:7e:6f:52:cd:ea:21:40:66:76:30:
                    33:3b:10:2e:72:c6:74:d0:00:f1:99:7f:f7:19:68:
                    e6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:F9:AC:80:B6:E7:74:9B:B1:D6:52:99:E5:E8:FB:95:6D:01:58:13
            X509v3 Authority Key Identifier:
                keyid:38:CD:24:61:19:F8:56:D8:97:3A:87:70:BE:C3:9F:FC:47:A3:C9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OM0kYRn4VtiXOodwvsOf_EejydY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/96595e-e36a-4051-8453-8fcd53d431d5/1/OM0kYRn4VtiXOodwvsOf_EejydY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:fe:22:40:00:61:ec:16:9c:6f:3f:24:eb:86:16:77:7b:fd:
         e4:8a:18:26:cb:dd:1e:6a:97:86:fa:7a:e4:c9:f3:02:59:74:
         ad:0e:fa:1c:47:c0:75:f0:69:34:38:cf:51:79:7d:4a:51:10:
         52:ed:2b:ac:95:a5:1e:36:9e:4f:08:16:4e:98:4a:71:ec:1d:
         d7:c1:87:e6:e1:aa:ec:db:bc:3c:49:19:6a:7e:39:10:35:3d:
         9b:02:0d:e9:da:52:e7:a9:66:09:7f:5b:2e:0e:8a:53:b9:34:
         3c:83:fc:0a:3b:b5:36:a8:ca:e7:47:2b:b5:5f:4e:61:cd:5d:
         93:04:c8:1f:ba:1b:c6:b4:9a:b6:8e:14:a7:db:c6:d4:db:76:
         a7:4a:14:91:2a:6c:6d:e3:7f:b5:94:03:47:31:4c:56:5e:2e:
         4a:cc:39:61:14:5d:d3:51:ba:94:fb:ae:99:aa:79:86:cd:ad:
         ad:9a:ea:c0:fa:54:c5:78:b5:48:85:f8:63:15:ed:17:75:97:
         79:71:4c:91:77:1a:3d:b3:37:22:e9:1d:08:59:af:af:33:50:
         2d:c4:1e:ef:1d:c1:de:83:23:b4:5a:6b:ef:23:93:f8:8f:8d:
         ea:46:e2:bf:27:b7:82:77:79:e8:7c:a5:b6:0e:8e:bb:26:b8:
         b9:eb:d2:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdncyu7sRF9+zI17DoEYbTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2QyNDYxMTlmODU2ZDg5NzNhODc3MGJlYzM5ZmZjNDdh
M2M5ZDYwHhcNMjUwNjEzMDQwMTMwWhcNMjUwNjE0MDQwMTMwWjAzMTEwLwYDVQQD
EyhiZGY5YWM4MGI2ZTc3NDliYjFkNjUyOTllNWU4ZmI5NTZkMDE1ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstJtcVLixB+IWMx1ONmpF8qoM6F6
RdSAOCLAXIMB0EbVjIhVY3bLhSPohF5F+rX9PQzY2ylkM0fJUuG5dZbwT4NyT+Gx
zEGih5kCieBRSzI7Ft5AwxxGmhHlPOA8OxJ4V627ZDOO8NISMkz8Fb8GCtF54oCn
g258M5mXzNLIkCSZlgUSamjr3GkHonNoLu5eiX9yAcBuphOfjebHOmhk/J8M5SnO
kQ/5MOy61F4aVJLkqBfRF+gO7uz+72xG5UNhbIGGGUQAn/nMYB2x/9Avb29zMr18
0Kx+CVXY2uXm5Ljqck0n935vUs3qIUBmdjAzOxAucsZ00ADxmX/3GWjmuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL35rIC253SbsdZSmeXo+5VtAVgTMB8GA1UdIwQY
MBaAFDjNJGEZ+FbYlzqHcL7Dn/xHo8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMt
OGZjZDUzZDQzMWQ1LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85NjU5NWUtZTM2YS00MDUxLTg0NTMtOGZjZDUzZDQzMWQ1
LzEvT00wa1lSbjRWdGlYT29kd3ZzT2ZfRWVqeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuP4iQABh
7Bacbz8k64YWd3v95IoYJsvdHmqXhvp65MnzAll0rQ76HEfAdfBpNDjPUXl9SlEQ
Uu0rrJWlHjaeTwgWTphKcewd18GH5uGq7Nu8PEkZan45EDU9mwIN6dpS56lmCX9b
Lg6KU7k0PIP8Cju1NqjK50crtV9OYc1dkwTIH7obxrSato4Up9vG1Nt2p0oUkSps
beN/tZQDRzFMVl4uSsw5YRRd01G6lPuumap5hs2trZrqwPpUxXi1SIX4YxXtF3WX
eXFMkXcaPbM3IukdCFmvrzNQLcQe7x3B3oMjtFpr7yOT+I+N6kbivye3gnd56Hyl
tg6Ouya4uevSIg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 09:11:16 2025 by rpki-client