Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File:                     ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier:          kXkqdLaA6X1MiJp5uo5Xd8+XSCJlELZ3PworhZklpMs=
Subject key identifier:   74:39:B4:1B:B8:6C:A3:03:E8:19:B7:E3:44:4E:55:4B:77:66:A7:5C
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer:       /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial:       0198808B0F324BC621EFBAD3636502E1F0FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number:          0A0E
Signing time:             Wed 06 Aug 2025 18:00:53 +0000
Manifest this update:     Wed 06 Aug 2025 18:00:53 +0000
Manifest next update:     Thu 07 Aug 2025 18:00:53 +0000
Files and hashes:         1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: qe3VZh7z+5ju7dsNGFsMtYy7BMkQ0xTfA/K6sSOsmpM=)
                          2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 18:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:8b:0f:32:4b:c6:21:ef:ba:d3:63:65:02:e1:f0:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
        Validity
            Not Before: Aug  6 18:00:53 2025 GMT
            Not After : Aug  7 18:00:53 2025 GMT
        Subject: CN=7439b41bb86ca303e819b7e3444e554b7766a75c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:3f:9e:01:16:7a:5b:8b:e6:c5:95:f0:1e:f1:
                    86:d2:94:f0:86:95:8e:b1:c8:bc:07:d0:aa:4f:85:
                    3c:94:ce:0a:82:ec:11:a0:68:67:4d:06:52:af:9a:
                    d7:38:f8:25:2e:91:b2:cd:a9:39:40:9f:6e:e0:38:
                    7b:5c:ad:38:47:53:1d:88:b4:ef:43:17:1f:b9:dd:
                    ac:1a:67:60:94:19:95:30:b7:9b:88:da:ac:87:8f:
                    0c:dd:6c:c3:cd:9e:bd:9c:89:00:f5:e9:14:59:ea:
                    72:69:22:f3:4e:5e:2c:71:bb:27:ce:68:f4:05:85:
                    d2:37:d5:08:35:a6:7b:c9:e6:e6:8b:bd:a9:df:6e:
                    0c:b9:91:98:b0:b2:b6:9f:73:d8:72:3a:73:28:c3:
                    28:e1:a5:49:2d:c6:79:74:e4:38:af:ca:6e:2d:32:
                    a0:53:c9:8f:b0:8f:5e:7a:0e:90:27:b3:19:cf:78:
                    21:a1:a9:30:0f:76:5f:a0:2f:6d:61:df:87:6e:dc:
                    b7:da:a9:bd:cb:e5:27:5e:b8:00:40:4b:96:8f:5d:
                    f0:0e:7a:98:70:bf:5e:7d:57:59:80:e3:5a:e0:b5:
                    25:3e:6f:52:b6:dc:e2:37:09:a5:7d:d2:a2:1a:bd:
                    82:d7:03:07:8b:a5:81:02:aa:55:b2:cc:8c:4d:a6:
                    51:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:39:B4:1B:B8:6C:A3:03:E8:19:B7:E3:44:4E:55:4B:77:66:A7:5C
            X509v3 Authority Key Identifier:
                keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:04:23:f1:d3:ab:9b:ab:7c:02:20:65:89:b8:11:40:01:22:
         27:cb:3f:2f:9a:47:64:cc:0d:c5:14:0a:a9:84:6b:74:17:0f:
         57:dc:6c:6a:a5:90:16:fd:5e:e9:7e:d1:fe:f6:1b:83:54:34:
         b5:d0:20:b0:51:3f:31:86:a4:a6:4e:32:9c:d6:b4:ce:48:19:
         68:0f:67:b3:ea:92:a8:76:21:29:23:8b:30:ae:9d:70:35:7d:
         18:2c:d6:c7:b4:4e:79:a9:eb:b0:9e:a9:bd:e2:8f:ea:97:ff:
         07:9d:38:e0:ab:fa:14:17:23:6e:64:a7:54:43:2b:31:7b:5a:
         36:60:03:45:9c:c7:71:13:8c:f2:9d:5b:3e:71:9b:ca:14:4d:
         4b:5b:db:74:c6:d1:43:13:b2:f1:9a:0a:fc:bc:45:b5:70:7f:
         8e:3b:2d:a2:a7:0e:2c:25:e4:43:28:b4:52:68:fd:da:18:fb:
         aa:d5:d8:77:62:e2:39:d2:18:7b:dd:cf:02:20:17:92:59:c0:
         77:1a:a2:66:5e:d2:54:60:52:45:d2:3c:b6:a8:50:44:36:b7:
         08:ee:4a:03:15:f1:74:89:fc:1a:70:10:d2:fc:34:c5:54:d2:
         05:72:1b:ca:3e:78:0f:7f:11:2f:c4:fa:bc:b4:3e:08:cb:70:
         2b:b0:71:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAiw8yS8Yh77rTY2UC4fD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjUwODA2MTgwMDUzWhcNMjUwODA3MTgwMDUzWjAzMTEwLwYDVQQD
Eyg3NDM5YjQxYmI4NmNhMzAzZTgxOWI3ZTM0NDRlNTU0Yjc3NjZhNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj+eARZ6W4vmxZXwHvGG0pTwhpWO
sci8B9CqT4U8lM4KguwRoGhnTQZSr5rXOPglLpGyzak5QJ9u4Dh7XK04R1MdiLTv
Qxcfud2sGmdglBmVMLebiNqsh48M3WzDzZ69nIkA9ekUWepyaSLzTl4scbsnzmj0
BYXSN9UINaZ7yebmi72p324MuZGYsLK2n3PYcjpzKMMo4aVJLcZ5dOQ4r8puLTKg
U8mPsI9eeg6QJ7MZz3ghoakwD3ZfoC9tYd+Hbty32qm9y+UnXrgAQEuWj13wDnqY
cL9efVdZgONa4LUlPm9SttziNwmlfdKiGr2C1wMHi6WBAqpVssyMTaZR/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQ5tBu4bKMD6Bm340ROVUt3ZqdcMB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWgQj8dOr
m6t8AiBlibgRQAEiJ8s/L5pHZMwNxRQKqYRrdBcPV9xsaqWQFv1e6X7R/vYbg1Q0
tdAgsFE/MYakpk4ynNa0zkgZaA9ns+qSqHYhKSOLMK6dcDV9GCzWx7ROeanrsJ6p
veKP6pf/B5044Kv6FBcjbmSnVEMrMXtaNmADRZzHcROM8p1bPnGbyhRNS1vbdMbR
QxOy8ZoK/LxFtXB/jjstoqcOLCXkQyi0Umj92hj7qtXYd2LiOdIYe93PAiAXklnA
dxqiZl7SVGBSRdI8tqhQRDa3CO5KAxXxdIn8GnAQ0vw0xVTSBXIbyj54D38RL8T6
vLQ+CMtwK7Bxhw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 00:32:20 2025 by rpki-client