Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft
File:                     0nuHf4mTQSab7GfG46CoiLp66Y0.mft (raw, json)
Hash identifier:          KE4ZTRfTrS58OzmiSM6/pHd9P24cUCd5EhUjkBz2ets=
Subject key identifier:   85:B5:88:50:E5:26:E1:1B:13:1B:46:41:E9:07:49:4D:BB:4C:FE:A0
Authority key identifier: D2:7B:87:7F:89:93:41:26:9B:EC:67:C6:E3:A0:A8:88:BA:7A:E9:8D
Certificate issuer:       /CN=d27b877f899341269bec67c6e3a0a888ba7ae98d
Certificate serial:       01975AC9DE8D39EE7696C10899B1FE7BA230
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nuHf4mTQSab7GfG46CoiLp66Y0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft
Manifest number:          098A
Signing time:             Tue 10 Jun 2025 17:01:08 +0000
Manifest this update:     Tue 10 Jun 2025 17:01:08 +0000
Manifest next update:     Wed 11 Jun 2025 17:01:08 +0000
Files and hashes:         1: 0nuHf4mTQSab7GfG46CoiLp66Y0.crl (hash: ZYw5Cz3VYmtOuii2ecKCOvAUPoM/3be1wS/vds0satA=)
                          2: PdXLVimBA8zILWLashg1LUqBqm8.roa (hash: IrtzMysR6KSQR0SZiM1b2jUK5M57dKBFlK4qFH4B+Mo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nuHf4mTQSab7GfG46CoiLp66Y0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:c9:de:8d:39:ee:76:96:c1:08:99:b1:fe:7b:a2:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d27b877f899341269bec67c6e3a0a888ba7ae98d
        Validity
            Not Before: Jun 10 17:01:08 2025 GMT
            Not After : Jun 11 17:01:08 2025 GMT
        Subject: CN=85b58850e526e11b131b4641e907494dbb4cfea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:1f:93:db:ae:37:c5:e0:bd:a0:72:2e:54:f1:
                    ae:12:06:8f:d8:be:8c:59:2b:99:6c:0b:97:db:ab:
                    01:03:fe:38:49:56:bc:2a:2a:ea:a6:09:97:7d:96:
                    cc:63:1a:77:09:26:25:f0:92:90:04:aa:e8:ac:37:
                    16:5a:33:3f:a9:db:fb:fc:c6:d0:d4:85:f5:63:e8:
                    2c:9d:d3:ab:03:82:c4:b3:df:46:31:28:b3:8c:9f:
                    27:1b:d4:8f:37:2b:58:82:57:95:a1:5f:94:f3:59:
                    50:3e:be:82:60:39:47:b2:c4:c7:5d:e3:9d:e2:c6:
                    3f:f4:7d:28:eb:73:74:db:e0:18:8b:65:a3:7a:7e:
                    35:88:a7:f5:77:8d:cd:bf:d5:8b:8d:f1:1a:fc:18:
                    52:c2:84:07:ba:1c:e9:d2:37:dd:c6:85:88:c1:c9:
                    48:6b:72:b3:a3:ff:35:fa:a4:8b:ce:6e:71:ca:93:
                    74:38:44:7e:83:bc:3f:0e:f6:7d:9c:2f:a8:4d:6f:
                    0d:75:82:17:01:40:89:2f:8d:5d:59:57:7e:8a:d5:
                    08:18:a0:65:b2:bb:3c:77:7c:dd:39:5b:13:75:d5:
                    97:6e:22:1e:a8:e0:4c:b8:6c:3f:1f:53:d7:61:43:
                    b1:05:ed:09:2f:8f:ca:ba:66:75:4e:22:c5:cf:4b:
                    7d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:B5:88:50:E5:26:E1:1B:13:1B:46:41:E9:07:49:4D:BB:4C:FE:A0
            X509v3 Authority Key Identifier:
                keyid:D2:7B:87:7F:89:93:41:26:9B:EC:67:C6:E3:A0:A8:88:BA:7A:E9:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nuHf4mTQSab7GfG46CoiLp66Y0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a9:09:3c:4f:c3:92:ca:59:ce:cc:da:0b:d0:ef:b2:58:85:
         2e:64:41:49:45:c8:8b:a6:2b:5e:da:92:2b:cf:15:27:17:a4:
         2e:28:94:aa:83:b8:3f:9d:57:8e:f6:27:30:43:44:8f:19:72:
         df:60:b5:29:45:3f:ee:f0:be:83:b5:a2:68:03:d2:59:bb:87:
         b1:ce:41:5f:0e:cc:bd:b5:e8:41:5b:af:06:2f:53:ca:ff:cc:
         36:91:db:69:00:63:e7:6f:73:f4:e9:b1:c2:d9:b0:67:dc:e2:
         38:51:99:2d:11:9e:47:8d:7c:3f:84:35:5e:b8:b4:81:c3:5c:
         98:70:e8:07:c3:bb:25:93:b9:bf:a7:a5:52:7f:79:20:f5:62:
         33:69:35:08:ab:03:a4:4a:4c:fd:e8:5a:cf:af:01:e7:18:d7:
         c8:01:2d:71:82:f3:40:07:92:c8:2b:bd:9d:9d:48:e0:c8:d0:
         3a:a4:dc:4a:ee:dc:0d:b9:4e:af:95:3f:14:d1:8d:29:7f:ad:
         18:1e:02:5d:8f:eb:65:2e:db:1b:cd:bf:f7:59:7c:bd:5d:93:
         e3:37:c1:d5:39:64:a6:e3:f2:89:b1:10:74:70:e4:12:5d:3e:
         69:5d:c0:24:d8:27:9d:5d:96:e1:35:b6:72:dd:e5:e8:67:8d:
         2e:be:1f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdayd6NOe52lsEImbH+e6IwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyN2I4NzdmODk5MzQxMjY5YmVjNjdjNmUzYTBhODg4YmE3
YWU5OGQwHhcNMjUwNjEwMTcwMTA4WhcNMjUwNjExMTcwMTA4WjAzMTEwLwYDVQQD
Eyg4NWI1ODg1MGU1MjZlMTFiMTMxYjQ2NDFlOTA3NDk0ZGJiNGNmZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0x+T2643xeC9oHIuVPGuEgaP2L6M
WSuZbAuX26sBA/44SVa8KirqpgmXfZbMYxp3CSYl8JKQBKrorDcWWjM/qdv7/MbQ
1IX1Y+gsndOrA4LEs99GMSizjJ8nG9SPNytYgleVoV+U81lQPr6CYDlHssTHXeOd
4sY/9H0o63N02+AYi2Wjen41iKf1d43Nv9WLjfEa/BhSwoQHuhzp0jfdxoWIwclI
a3Kzo/81+qSLzm5xypN0OER+g7w/DvZ9nC+oTW8NdYIXAUCJL41dWVd+itUIGKBl
srs8d3zdOVsTddWXbiIeqOBMuGw/H1PXYUOxBe0JL4/KumZ1TiLFz0t9WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIW1iFDlJuEbExtGQekHSU27TP6gMB8GA1UdIwQY
MBaAFNJ7h3+Jk0Emm+xnxuOgqIi6eumNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG51SGY0bVRRU2FiN0dmRzQ2Q29pTHA2NlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80NDVlZDAtNDhiMy00MDhlLWExYmMt
OTk3OWRmNTJiMDE4LzEvMG51SGY0bVRRU2FiN0dmRzQ2Q29pTHA2NlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80NDVlZDAtNDhiMy00MDhlLWExYmMtOTk3OWRmNTJiMDE4
LzEvMG51SGY0bVRRU2FiN0dmRzQ2Q29pTHA2NlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6kJPE/D
kspZzszaC9DvsliFLmRBSUXIi6YrXtqSK88VJxekLiiUqoO4P51XjvYnMENEjxly
32C1KUU/7vC+g7WiaAPSWbuHsc5BXw7MvbXoQVuvBi9Tyv/MNpHbaQBj529z9Omx
wtmwZ9ziOFGZLRGeR418P4Q1Xri0gcNcmHDoB8O7JZO5v6elUn95IPViM2k1CKsD
pEpM/ehaz68B5xjXyAEtcYLzQAeSyCu9nZ1I4MjQOqTcSu7cDblOr5U/FNGNKX+t
GB4CXY/rZS7bG82/91l8vV2T4zfB1TlkpuPyibEQdHDkEl0+aV3AJNgnnV2W4TW2
ct3l6GeNLr4fGQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:05:08 2025 by rpki-client