Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/78f49f-247d-4888-af8d-a1f040e8e8d4/1/0QZfT7a2eefxy92ANflnRnAQ6pk.mft
File:                     0QZfT7a2eefxy92ANflnRnAQ6pk.mft (raw, json)
Hash identifier:          WWqfl/5FCFIdkmkDUvrQAMWSUnWIkESV3RNxJX2OyHw=
Subject key identifier:   23:C4:89:6C:37:B7:9F:2E:4F:FE:50:0A:48:18:B5:70:B0:88:83:DE
Authority key identifier: D1:06:5F:4F:B6:B6:79:E7:F1:CB:DD:80:35:F9:67:46:70:10:EA:99
Certificate issuer:       /CN=d1065f4fb6b679e7f1cbdd8035f967467010ea99
Certificate serial:       01976327EFAC7BBD96882A2AB59D7C0576F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0QZfT7a2eefxy92ANflnRnAQ6pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/78f49f-247d-4888-af8d-a1f040e8e8d4/1/0QZfT7a2eefxy92ANflnRnAQ6pk.mft
Manifest number:          0C03
Signing time:             Thu 12 Jun 2025 08:00:50 +0000
Manifest this update:     Thu 12 Jun 2025 08:00:50 +0000
Manifest next update:     Fri 13 Jun 2025 08:00:50 +0000
Files and hashes:         1: 0QZfT7a2eefxy92ANflnRnAQ6pk.crl (hash: Es5xzqEwneEvrsdOreGk8IRRVQutLeOzcxPtnTx323Q=)
                          2: TLgddA3CgmtAKo-fV94OuzSavi4.roa (hash: tQo/EK/pm7RsFTI12Ej+RxeB7S+rUphRTa4aWGCPu7s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/78f49f-247d-4888-af8d-a1f040e8e8d4/1/0QZfT7a2eefxy92ANflnRnAQ6pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/78f49f-247d-4888-af8d-a1f040e8e8d4/1/0QZfT7a2eefxy92ANflnRnAQ6pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0QZfT7a2eefxy92ANflnRnAQ6pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 08:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:27:ef:ac:7b:bd:96:88:2a:2a:b5:9d:7c:05:76:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1065f4fb6b679e7f1cbdd8035f967467010ea99
        Validity
            Not Before: Jun 12 08:00:50 2025 GMT
            Not After : Jun 13 08:00:50 2025 GMT
        Subject: CN=23c4896c37b79f2e4ffe500a4818b570b08883de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:9a:d8:cc:a5:1a:b2:ff:12:ec:29:3d:7f:4c:
                    d2:69:93:27:9d:15:05:43:6c:36:15:f7:e4:c5:70:
                    44:a1:55:1c:6c:a2:06:59:88:8a:ed:dc:a0:ba:04:
                    44:15:64:81:53:6d:71:ab:65:42:c3:94:0c:80:c1:
                    7b:e4:26:e0:a7:4c:ad:ad:bd:7d:c6:8e:79:1a:16:
                    89:eb:c6:ff:8d:fd:f2:87:53:7a:35:ce:c5:c9:cb:
                    49:3a:97:ca:09:5e:eb:ea:65:76:4c:f4:25:05:e9:
                    62:3c:92:0c:be:ac:96:da:6a:31:5d:b4:8f:75:59:
                    29:59:57:9b:bc:31:3e:62:5d:a9:ad:87:2d:be:8f:
                    8c:b6:f1:45:59:36:ec:fe:e6:dc:68:c2:2b:37:ad:
                    7d:38:36:56:67:cd:a1:62:13:9a:6f:6c:a7:1a:1d:
                    a0:65:79:1d:55:00:75:52:a0:34:8f:70:97:94:fb:
                    07:97:0e:e4:b4:e8:ed:fa:62:5e:1f:1c:30:8e:d7:
                    98:25:a2:3f:4e:38:d6:6b:32:3e:75:65:b9:f5:b9:
                    11:7e:56:6e:7f:c5:ba:46:17:a4:fd:87:94:89:d2:
                    7e:fa:b7:8d:a8:fa:52:b1:b1:33:80:00:67:76:3d:
                    43:94:f2:cc:5f:55:e4:6e:cd:19:a0:79:2a:e1:12:
                    88:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C4:89:6C:37:B7:9F:2E:4F:FE:50:0A:48:18:B5:70:B0:88:83:DE
            X509v3 Authority Key Identifier:
                keyid:D1:06:5F:4F:B6:B6:79:E7:F1:CB:DD:80:35:F9:67:46:70:10:EA:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QZfT7a2eefxy92ANflnRnAQ6pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/78f49f-247d-4888-af8d-a1f040e8e8d4/1/0QZfT7a2eefxy92ANflnRnAQ6pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/78f49f-247d-4888-af8d-a1f040e8e8d4/1/0QZfT7a2eefxy92ANflnRnAQ6pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:7c:38:81:11:97:63:fb:b8:44:91:71:0f:50:e0:95:28:e5:
         b9:76:e3:d0:cf:1f:b8:ad:e7:18:d0:9d:ae:93:aa:67:3d:f5:
         5c:78:e4:e0:5f:d6:3e:bb:e8:2f:7e:22:32:86:99:b6:89:0f:
         4f:c7:0c:10:fa:03:fb:9e:62:be:16:b9:72:13:3a:e8:03:15:
         d2:36:2b:ba:68:a1:24:63:7d:6e:12:13:5c:67:8a:79:e8:97:
         ba:e9:e8:4a:b6:e1:e9:31:fc:9b:56:22:fc:ed:8e:1d:5d:4b:
         85:3c:db:00:ed:12:4e:d8:14:41:07:ac:8d:ab:8f:96:16:3f:
         5b:f5:65:a3:ad:87:c5:26:d9:a2:34:75:d6:9c:20:cd:51:55:
         5a:27:a9:31:6f:73:eb:68:cf:39:02:ea:35:41:38:19:8f:8e:
         19:0f:18:b2:cf:c1:8d:81:c5:23:c2:dc:9d:36:bc:04:63:c8:
         f9:92:7f:0f:e9:2e:07:a8:e2:9f:38:86:e0:df:5c:5b:f5:05:
         11:15:53:e9:ec:d8:02:66:0d:67:19:b6:53:58:59:c2:6a:cb:
         50:7a:03:42:23:fc:c2:d4:8a:e8:38:0f:f3:15:54:3d:fc:24:
         24:16:d2:07:6d:4d:9b:62:08:9a:53:d7:3e:7d:3f:51:74:e0:
         7b:9e:43:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjJ++se72WiCoqtZ18BXb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMDY1ZjRmYjZiNjc5ZTdmMWNiZGQ4MDM1Zjk2NzQ2NzAx
MGVhOTkwHhcNMjUwNjEyMDgwMDUwWhcNMjUwNjEzMDgwMDUwWjAzMTEwLwYDVQQD
EygyM2M0ODk2YzM3Yjc5ZjJlNGZmZTUwMGE0ODE4YjU3MGIwODg4M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZrYzKUasv8S7Ck9f0zSaZMnnRUF
Q2w2FffkxXBEoVUcbKIGWYiK7dygugREFWSBU21xq2VCw5QMgMF75Cbgp0ytrb19
xo55GhaJ68b/jf3yh1N6Nc7FyctJOpfKCV7r6mV2TPQlBeliPJIMvqyW2moxXbSP
dVkpWVebvDE+Yl2prYctvo+MtvFFWTbs/ubcaMIrN619ODZWZ82hYhOab2ynGh2g
ZXkdVQB1UqA0j3CXlPsHlw7ktOjt+mJeHxwwjteYJaI/TjjWazI+dWW59bkRflZu
f8W6Rhek/YeUidJ++reNqPpSsbEzgABndj1DlPLMX1Xkbs0ZoHkq4RKIuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPEiWw3t58uT/5QCkgYtXCwiIPeMB8GA1UdIwQY
MBaAFNEGX0+2tnnn8cvdgDX5Z0ZwEOqZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFFaZlQ3YTJlZWZ4eTkyQU5mbG5SbkFRNnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS83OGY0OWYtMjQ3ZC00ODg4LWFmOGQt
YTFmMDQwZThlOGQ0LzEvMFFaZlQ3YTJlZWZ4eTkyQU5mbG5SbkFRNnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS83OGY0OWYtMjQ3ZC00ODg4LWFmOGQtYTFmMDQwZThlOGQ0
LzEvMFFaZlQ3YTJlZWZ4eTkyQU5mbG5SbkFRNnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnw4gRGX
Y/u4RJFxD1DglSjluXbj0M8fuK3nGNCdrpOqZz31XHjk4F/WPrvoL34iMoaZtokP
T8cMEPoD+55ivha5chM66AMV0jYrumihJGN9bhITXGeKeeiXuunoSrbh6TH8m1Yi
/O2OHV1LhTzbAO0STtgUQQesjauPlhY/W/Vlo62HxSbZojR11pwgzVFVWiepMW9z
62jPOQLqNUE4GY+OGQ8Yss/BjYHFI8LcnTa8BGPI+ZJ/D+kuB6jinziG4N9cW/UF
ERVT6ezYAmYNZxm2U1hZwmrLUHoDQiP8wtSK6DgP8xVUPfwkJBbSB21Nm2IImlPX
Pn0/UXTge55DHw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:51:29 2025 by rpki-client