Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
File:                     0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft (raw, json)
Hash identifier:          Oz9Id9VfGXzAfKdP6OeHz5qZpZcSriYIdF09VYxJz4E=
Subject key identifier:   AC:69:CB:FA:DD:6B:96:E9:39:0A:42:0F:13:EE:22:E6:B7:96:62:70
Authority key identifier: D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0
Certificate issuer:       /CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0
Certificate serial:       01987A89075E0EA17CEFA8AFC1D7FB90E1B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
Manifest number:          0B9D
Signing time:             Tue 05 Aug 2025 14:00:57 +0000
Manifest this update:     Tue 05 Aug 2025 14:00:57 +0000
Manifest next update:     Wed 06 Aug 2025 14:00:57 +0000
Files and hashes:         1: 0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl (hash: PmVjOSBu05qfHImsO2xfJ+NBB4elNG3pp90xuaZw4oU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:89:07:5e:0e:a1:7c:ef:a8:af:c1:d7:fb:90:e1:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0
        Validity
            Not Before: Aug  5 14:00:57 2025 GMT
            Not After : Aug  6 14:00:57 2025 GMT
        Subject: CN=ac69cbfadd6b96e9390a420f13ee22e6b7966270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:72:dc:ca:f0:04:18:2f:47:e4:11:e8:ce:55:
                    c9:78:8c:e4:13:50:72:f1:c5:d3:79:94:a5:4f:b4:
                    29:a7:f1:3b:3b:72:6d:71:28:15:85:94:17:75:1d:
                    36:f1:34:83:39:3b:4e:c9:68:73:17:5f:b1:23:a8:
                    e1:63:66:04:c5:6c:7c:a8:42:b9:10:a0:14:b4:b1:
                    85:7b:76:b5:1d:3c:30:ef:8f:2e:4b:e0:76:84:b3:
                    a5:08:d8:d9:d6:78:86:97:50:9f:fe:61:a1:8b:35:
                    e6:d0:1a:d4:00:5d:29:ea:42:be:15:fe:95:fc:12:
                    55:42:4e:1d:e4:df:fc:9a:8d:0a:33:4d:d6:2d:72:
                    30:3c:54:96:23:b3:39:4f:75:9d:df:c8:f6:7f:45:
                    f5:ad:d9:f9:d1:f0:d1:41:5e:20:25:95:9e:76:71:
                    73:e4:7e:21:22:92:22:cf:81:40:d5:13:70:3a:cd:
                    be:7f:61:fa:4d:c0:22:dd:42:36:bf:51:71:49:46:
                    5f:60:38:1c:a1:20:c2:9b:8d:00:55:10:f8:3c:b7:
                    25:a0:01:a9:18:2b:63:be:63:e1:32:5b:b1:96:f9:
                    d8:07:a4:a4:8b:a3:06:a2:a3:25:da:62:c4:9e:ae:
                    ca:37:42:c7:3a:da:ad:55:a7:df:7e:51:93:31:4f:
                    42:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:69:CB:FA:DD:6B:96:E9:39:0A:42:0F:13:EE:22:E6:B7:96:62:70
            X509v3 Authority Key Identifier:
                keyid:D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:52:30:59:1b:e8:bd:af:9a:ee:9d:42:74:e7:73:a1:a1:53:
         45:3f:3f:fe:17:da:61:81:28:bb:c7:48:b4:b3:a1:fa:2a:0f:
         93:a7:a3:2d:7e:b5:58:20:1c:1e:5f:6e:e0:ee:56:2e:5f:be:
         3b:61:3b:fe:b7:a1:84:50:7a:a1:ae:34:71:6c:93:58:6e:7c:
         c8:b3:3d:57:32:d0:5a:df:ed:04:30:b0:a8:8a:ad:13:a3:cf:
         93:eb:14:8f:4b:d9:01:cc:29:c1:af:74:05:48:9e:8f:c4:15:
         c9:2d:91:85:05:a5:fd:9c:9c:fc:d3:fd:1b:89:b1:f5:74:02:
         45:fd:52:d6:c8:ea:8c:61:9f:29:cf:b7:dc:2d:6b:e0:d5:c7:
         01:9c:37:39:21:c2:44:73:23:05:64:66:78:fc:b9:6d:6a:d8:
         e0:a7:b9:a4:59:53:01:e3:41:f0:0b:42:bc:2f:27:a8:ab:f3:
         19:2b:3c:9b:33:f7:8d:90:5e:a7:14:77:11:b8:95:4d:e7:aa:
         9c:f8:d9:07:23:64:8a:f8:3d:b2:32:3e:50:f7:db:20:7e:ac:
         f9:39:00:af:94:79:db:4c:b4:13:12:9b:e9:f7:09:cc:21:32:
         f4:fc:4c:93:e4:19:33:c8:bf:2a:19:ac:a3:da:dc:e4:c2:1e:
         f2:b6:7c:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6iQdeDqF876ivwdf7kOGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDk4ZTVlMjBkNzhmOTRlNjk2YzEzNzJiNTYyM2ZmYTcx
ZDk0ZDAwHhcNMjUwODA1MTQwMDU3WhcNMjUwODA2MTQwMDU3WjAzMTEwLwYDVQQD
EyhhYzY5Y2JmYWRkNmI5NmU5MzkwYTQyMGYxM2VlMjJlNmI3OTY2MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnLcyvAEGC9H5BHozlXJeIzkE1By
8cXTeZSlT7Qpp/E7O3JtcSgVhZQXdR028TSDOTtOyWhzF1+xI6jhY2YExWx8qEK5
EKAUtLGFe3a1HTww748uS+B2hLOlCNjZ1niGl1Cf/mGhizXm0BrUAF0p6kK+Ff6V
/BJVQk4d5N/8mo0KM03WLXIwPFSWI7M5T3Wd38j2f0X1rdn50fDRQV4gJZWednFz
5H4hIpIiz4FA1RNwOs2+f2H6TcAi3UI2v1FxSUZfYDgcoSDCm40AVRD4PLcloAGp
GCtjvmPhMluxlvnYB6Ski6MGoqMl2mLEnq7KN0LHOtqtVaffflGTMU9C/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxpy/rda5bpOQpCDxPuIua3lmJwMB8GA1UdIwQY
MBaAFNMJjl4g14+U5pbBNytWI/+nHZTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQt
NjE3YTI2MzI3ZTk4LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQtNjE3YTI2MzI3ZTk4
LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1IwWRvo
va+a7p1CdOdzoaFTRT8//hfaYYEou8dItLOh+ioPk6ejLX61WCAcHl9u4O5WLl++
O2E7/rehhFB6oa40cWyTWG58yLM9VzLQWt/tBDCwqIqtE6PPk+sUj0vZAcwpwa90
BUiej8QVyS2RhQWl/Zyc/NP9G4mx9XQCRf1S1sjqjGGfKc+33C1r4NXHAZw3OSHC
RHMjBWRmePy5bWrY4Ke5pFlTAeNB8AtCvC8nqKvzGSs8mzP3jZBepxR3EbiVTeeq
nPjZByNkivg9sjI+UPfbIH6s+TkAr5R520y0ExKb6fcJzCEy9PxMk+QZM8i/Khms
o9rc5MIe8rZ8Jw==
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:30:02 2025 by rpki-client