Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          EMmP8mBkDwNNYYpv54a91svjzG0HMcV40EJqUYgylkU=
Subject key identifier:   F1:04:DC:E3:36:59:8E:25:09:DF:51:D8:CC:9D:DD:6C:71:63:68:80
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       0197609484BE78D61E000026F4DE4CC4035E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E8A
Signing time:             Wed 11 Jun 2025 20:00:35 +0000
Manifest this update:     Wed 11 Jun 2025 20:00:35 +0000
Manifest next update:     Thu 12 Jun 2025 20:00:35 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: kkTv7+EXrFStJwo3itYplMrk5jBjCJstAVy4uXytzKg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:94:84:be:78:d6:1e:00:00:26:f4:de:4c:c4:03:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Jun 11 20:00:35 2025 GMT
            Not After : Jun 12 20:00:35 2025 GMT
        Subject: CN=f104dce336598e2509df51d8cc9ddd6c71636880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:10:68:72:c7:19:06:e9:3f:5d:92:0b:35:ed:
                    66:97:c8:ba:19:73:75:2f:b5:47:41:e7:02:ce:ed:
                    20:3c:3c:b3:bf:21:7d:b8:1d:9b:7c:54:46:15:eb:
                    f6:34:cf:3e:96:bb:29:85:97:4a:31:4d:88:4d:5b:
                    9d:99:ca:c1:c7:31:9b:db:69:a8:45:77:40:a8:6b:
                    d3:0f:1d:d5:8a:fd:b1:eb:1f:5c:3c:4f:96:13:a9:
                    47:cc:ae:13:35:70:5e:ec:71:fb:4f:80:55:2d:97:
                    f9:ec:48:2a:e4:8e:30:25:c1:e5:9b:eb:e3:c7:8b:
                    f0:8f:70:d6:d0:9a:c5:58:68:cd:b0:29:fb:57:7e:
                    65:0a:8f:c6:5c:2c:40:7b:be:d7:17:0a:be:59:a5:
                    6a:8b:20:29:a8:37:d3:cb:d9:9b:ea:06:36:99:1c:
                    15:73:43:cc:c0:71:bc:32:e0:99:9c:32:37:57:dd:
                    58:45:6d:24:20:e8:e5:78:f9:ca:3b:3a:48:41:5c:
                    e1:c5:a9:b0:aa:33:a8:0e:e9:d9:86:ec:94:08:a0:
                    03:c7:7c:ab:e9:dc:27:82:ab:5c:25:d1:77:30:69:
                    a2:2e:75:66:69:ec:85:56:ac:9b:56:25:ad:85:49:
                    cb:18:1f:3a:58:21:ec:0a:49:1d:66:5d:ab:bd:8f:
                    24:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:04:DC:E3:36:59:8E:25:09:DF:51:D8:CC:9D:DD:6C:71:63:68:80
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:9c:1a:ef:30:60:7e:77:6c:e1:4b:6a:e5:52:47:37:53:04:
         29:a0:f6:8f:f0:54:ce:97:4c:fb:00:bd:64:af:73:29:16:b3:
         e7:79:34:8a:5d:91:83:90:be:d3:53:1a:00:20:5f:aa:91:71:
         3c:d5:4d:d0:63:69:da:c4:79:f7:b0:67:58:3e:07:d8:03:b8:
         95:ed:88:91:9a:75:5a:69:20:cc:2b:eb:38:ee:1d:65:64:5f:
         fa:5e:da:47:e0:32:81:9f:1f:62:c5:c3:8a:9d:c5:52:cf:d4:
         7c:6d:5d:ce:ed:0e:28:f0:de:a7:44:a3:ad:5f:24:06:78:cd:
         7d:9c:12:8d:fd:b4:ba:9a:75:f4:5a:b4:7b:66:7b:b9:e7:75:
         b1:1e:28:49:a3:e6:7e:d4:59:2c:c1:f6:c5:b5:bc:64:05:81:
         06:f3:d8:49:70:2e:2c:d5:4d:93:51:38:45:e7:c6:d4:9e:c8:
         df:21:ab:30:84:3f:42:36:d6:a9:03:83:4a:09:53:d8:32:71:
         c4:5a:e0:91:33:f7:9f:13:c3:9c:12:1e:c7:44:14:09:05:4a:
         2c:37:af:ba:99:d1:8c:e7:9a:bd:25:f5:28:df:a0:8e:b1:e7:
         10:9b:9c:68:66:36:52:a8:7f:b1:0f:ef:08:61:23:ba:1c:ae:
         ae:ef:70:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdglIS+eNYeAAAm9N5MxANeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNjExMjAwMDM1WhcNMjUwNjEyMjAwMDM1WjAzMTEwLwYDVQQD
EyhmMTA0ZGNlMzM2NTk4ZTI1MDlkZjUxZDhjYzlkZGQ2YzcxNjM2ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xBocscZBuk/XZILNe1ml8i6GXN1
L7VHQecCzu0gPDyzvyF9uB2bfFRGFev2NM8+lrsphZdKMU2ITVudmcrBxzGb22mo
RXdAqGvTDx3Viv2x6x9cPE+WE6lHzK4TNXBe7HH7T4BVLZf57Egq5I4wJcHlm+vj
x4vwj3DW0JrFWGjNsCn7V35lCo/GXCxAe77XFwq+WaVqiyApqDfTy9mb6gY2mRwV
c0PMwHG8MuCZnDI3V91YRW0kIOjlePnKOzpIQVzhxamwqjOoDunZhuyUCKADx3yr
6dwngqtcJdF3MGmiLnVmaeyFVqybViWthUnLGB86WCHsCkkdZl2rvY8k/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEE3OM2WY4lCd9R2Myd3WxxY2iAMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK5wa7zBg
fnds4Utq5VJHN1MEKaD2j/BUzpdM+wC9ZK9zKRaz53k0il2Rg5C+01MaACBfqpFx
PNVN0GNp2sR597BnWD4H2AO4le2IkZp1WmkgzCvrOO4dZWRf+l7aR+AygZ8fYsXD
ip3FUs/UfG1dzu0OKPDep0SjrV8kBnjNfZwSjf20upp19Fq0e2Z7ued1sR4oSaPm
ftRZLMH2xbW8ZAWBBvPYSXAuLNVNk1E4RefG1J7I3yGrMIQ/QjbWqQODSglT2DJx
xFrgkTP3nxPDnBIex0QUCQVKLDevupnRjOeavSX1KN+gjrHnEJucaGY2Uqh/sQ/v
CGEjuhyuru9wYQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:49:24 2025 by rpki-client