Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          uzyKX2ZiwnFii9vX1hRZpSzm55/SeImONxp1zJvxuPw=
Subject key identifier:   32:0D:27:85:9B:BE:16:0B:5A:98:A8:FE:17:F2:02:55:07:80:CF:8F
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       01976396678730E815BB3E0629018B3E4266
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0574
Signing time:             Thu 12 Jun 2025 10:01:30 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:30 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:30 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: qDjPf9omNuSCmJ9LbFpX1nhDAatnisS0pMzG227GTXQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:67:87:30:e8:15:bb:3e:06:29:01:8b:3e:42:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 12 10:01:30 2025 GMT
            Not After : Jun 13 10:01:30 2025 GMT
        Subject: CN=320d27859bbe160b5a98a8fe17f202550780cf8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:39:b3:1f:52:6a:49:b6:8d:09:d2:bd:23:2b:
                    e1:b8:37:1f:de:e1:ae:96:dc:35:ae:b5:df:9f:84:
                    60:80:57:81:e5:a9:5d:f6:d6:51:9c:45:32:1e:e3:
                    44:f6:24:e1:58:4c:e7:a2:71:8e:5c:73:cf:c7:2b:
                    16:a4:5a:d8:b2:33:6f:75:fa:a3:72:53:95:6e:a5:
                    17:90:95:a9:57:2a:16:2a:80:78:06:e8:1e:6f:89:
                    87:48:22:bd:e5:63:8b:24:a8:bf:ad:63:c0:0d:18:
                    12:93:10:f6:8e:54:49:95:60:be:8b:93:8c:be:9c:
                    5e:43:27:1a:9b:c1:70:34:2b:4c:7b:6d:6d:05:29:
                    aa:6d:0c:0f:d9:71:c8:ce:d8:f4:b5:a6:42:cb:de:
                    91:90:93:96:cd:f3:ef:43:25:97:c5:f5:f4:36:4f:
                    87:49:b1:04:9d:df:fb:59:cc:a8:52:3e:bf:85:95:
                    1e:17:6f:c0:54:b8:f9:7e:f1:04:9d:01:78:3f:34:
                    98:7a:a3:18:54:6e:ab:5f:38:52:01:cb:3f:ee:15:
                    6f:c1:1f:b2:cd:49:5a:cb:f3:a0:3d:24:b7:2a:84:
                    5d:e1:a4:41:bc:49:2f:b0:46:73:08:14:99:80:f1:
                    2e:f8:09:d7:3b:fc:2e:59:17:bc:c3:42:9b:1d:95:
                    52:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:0D:27:85:9B:BE:16:0B:5A:98:A8:FE:17:F2:02:55:07:80:CF:8F
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:65:b0:f6:78:88:5b:2b:0a:db:ff:8a:14:d5:b5:9f:09:40:
         7f:6f:10:c1:d3:90:19:05:35:74:2e:a0:15:2c:a4:44:9a:65:
         60:e5:0a:2d:ff:de:74:f3:4d:f9:be:a0:2b:9b:d0:29:63:0b:
         9c:3f:7f:09:63:0d:63:98:06:62:8d:0c:24:c6:14:bd:37:0b:
         2d:fc:bc:e1:5a:ff:da:0e:07:79:59:84:87:b6:ce:5d:39:4b:
         41:47:c8:f8:10:aa:47:ed:1f:6d:e4:70:92:01:61:aa:1e:14:
         d5:f2:f4:a3:db:58:9d:60:51:1f:c4:10:d5:d9:3f:37:e4:c5:
         65:6d:0e:ad:63:43:05:84:ac:f7:e0:ea:9b:54:1f:38:66:f9:
         67:b6:cd:7b:cd:84:3e:4c:e6:bb:d7:5f:ab:d2:c6:0d:f7:38:
         42:cf:0e:8a:68:d7:bb:bf:1a:0e:23:73:d3:42:27:6c:6d:75:
         d0:86:70:36:a2:75:5d:48:a1:cd:73:cc:44:b5:eb:a1:c9:df:
         b1:47:98:ea:95:86:87:ba:48:92:03:37:a4:62:98:3c:b5:5b:
         1d:0d:f6:8c:ba:b3:3e:31:9d:21:88:a8:5c:5f:db:bd:b7:a4:
         12:a4:18:cd:be:51:6f:9d:eb:ee:16:7c:9d:4c:ec:da:34:d5:
         06:47:81:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlmeHMOgVuz4GKQGLPkJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNjEyMTAwMTMwWhcNMjUwNjEzMTAwMTMwWjAzMTEwLwYDVQQD
EygzMjBkMjc4NTliYmUxNjBiNWE5OGE4ZmUxN2YyMDI1NTA3ODBjZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zmzH1JqSbaNCdK9IyvhuDcf3uGu
ltw1rrXfn4RggFeB5ald9tZRnEUyHuNE9iThWEznonGOXHPPxysWpFrYsjNvdfqj
clOVbqUXkJWpVyoWKoB4Bugeb4mHSCK95WOLJKi/rWPADRgSkxD2jlRJlWC+i5OM
vpxeQycam8FwNCtMe21tBSmqbQwP2XHIztj0taZCy96RkJOWzfPvQyWXxfX0Nk+H
SbEEnd/7WcyoUj6/hZUeF2/AVLj5fvEEnQF4PzSYeqMYVG6rXzhSAcs/7hVvwR+y
zUlay/OgPSS3KoRd4aRBvEkvsEZzCBSZgPEu+AnXO/wuWRe8w0KbHZVSYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDINJ4WbvhYLWpio/hfyAlUHgM+PMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALWWw9niI
WysK2/+KFNW1nwlAf28QwdOQGQU1dC6gFSykRJplYOUKLf/edPNN+b6gK5vQKWML
nD9/CWMNY5gGYo0MJMYUvTcLLfy84Vr/2g4HeVmEh7bOXTlLQUfI+BCqR+0fbeRw
kgFhqh4U1fL0o9tYnWBRH8QQ1dk/N+TFZW0OrWNDBYSs9+Dqm1QfOGb5Z7bNe82E
Pkzmu9dfq9LGDfc4Qs8OimjXu78aDiNz00InbG110IZwNqJ1XUihzXPMRLXrocnf
sUeY6pWGh7pIkgM3pGKYPLVbHQ32jLqzPjGdIYioXF/bvbekEqQYzb5Rb53r7hZ8
nUzs2jTVBkeBQg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 13:42:29 2025 by rpki-client