Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          fJ2pSGrSoIiZLAbzX9C6MwSCAxBUT/3Lg6m3zZC8vdI=
Subject key identifier:   6C:C4:9B:E5:9A:C8:8D:5E:90:B3:EB:2D:A2:17:46:8D:CE:D8:F5:2E
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       01987D8BB2D28878AA0C36045A150B2F0718
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0D7C
Signing time:             Wed 06 Aug 2025 04:02:43 +0000
Manifest this update:     Wed 06 Aug 2025 04:02:43 +0000
Manifest next update:     Thu 07 Aug 2025 04:02:43 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: 9MwutaUtlWGemeXuEuiCCxvX5+NhnreBvRinH2C+xco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8b:b2:d2:88:78:aa:0c:36:04:5a:15:0b:2f:07:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Aug  6 04:02:43 2025 GMT
            Not After : Aug  7 04:02:43 2025 GMT
        Subject: CN=6cc49be59ac88d5e90b3eb2da217468dced8f52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:53:24:30:84:8e:ad:73:02:d1:9c:0e:4d:3c:
                    b8:4d:73:be:a1:fd:81:5b:3d:35:fe:69:88:23:5c:
                    b5:3c:42:e0:59:9e:a7:4b:02:d7:cc:2c:aa:06:a5:
                    3b:9a:38:6c:61:80:fd:00:ed:32:48:5a:1f:40:85:
                    13:41:81:79:0e:2d:45:34:32:20:36:a0:c6:38:7f:
                    6c:a1:3c:88:c4:15:df:ca:f1:23:ee:5e:ea:45:2d:
                    55:f7:e1:b9:f7:50:de:39:94:58:b9:02:b1:c9:fa:
                    67:eb:b6:d7:ca:88:98:a9:6a:85:0d:d9:00:b1:3e:
                    24:fa:cb:14:e1:2d:83:d6:59:e7:98:7b:f4:72:a0:
                    e9:de:c2:f5:43:68:3d:14:eb:67:17:00:12:57:88:
                    da:4f:5d:56:35:ed:86:c4:50:1e:eb:e2:b1:cc:a0:
                    b8:c1:64:6d:39:9c:59:0c:93:a3:37:f1:3a:f2:82:
                    d0:d8:d3:27:83:aa:5f:b7:b7:5d:bc:54:67:03:f1:
                    8b:c9:b2:52:9f:5f:4f:a3:52:30:df:ff:d9:2b:e4:
                    14:ae:92:ca:4d:53:b2:07:9f:60:6e:32:a6:a6:ca:
                    a1:17:65:47:45:55:a4:f2:e0:c9:61:d5:40:e2:3c:
                    9b:d7:9b:04:eb:02:b1:ac:94:2c:c6:49:79:c6:0b:
                    bf:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:C4:9B:E5:9A:C8:8D:5E:90:B3:EB:2D:A2:17:46:8D:CE:D8:F5:2E
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:41:5c:49:37:b7:3b:40:fe:84:86:dc:b3:7b:bb:25:2f:ad:
         bc:19:db:14:c2:c8:01:dd:59:1f:6c:4c:12:fa:7f:95:fe:ce:
         bb:94:dc:cb:67:f7:68:ed:39:20:ef:bd:20:ca:04:84:d1:b3:
         db:29:cc:96:33:a0:14:6f:43:5b:33:74:a9:73:5a:2e:74:12:
         db:bc:0f:e7:d9:20:70:fc:03:82:42:29:b2:40:cf:7a:00:27:
         31:28:79:6d:3c:43:05:e9:87:fe:2e:58:83:a3:13:25:18:1e:
         22:ce:c8:f8:6a:fd:dd:11:77:47:7a:49:d0:ae:87:47:35:b0:
         7b:e1:92:5e:3f:67:33:4b:77:e4:18:f1:03:05:5c:ea:57:40:
         4d:57:f6:ab:e3:bb:72:8c:b4:f0:c1:06:39:41:68:cc:b9:7f:
         2e:21:2d:66:6e:24:d3:6f:84:78:78:0e:f5:59:69:46:0f:6e:
         e7:1c:4a:03:d3:b4:79:57:37:dc:c6:20:53:b7:e8:de:5f:1c:
         f4:54:4f:96:04:5d:a6:d0:b8:1f:e7:f5:ae:44:c3:ad:ba:4a:
         b5:33:2e:fa:ef:f5:91:ef:d4:a0:a2:fa:49:cb:fa:d1:b3:ec:
         4a:60:5f:30:31:df:af:49:0c:cb:f0:7e:c1:5b:de:f9:57:c2:
         dc:d3:b2:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9i7LSiHiqDDYEWhULLwcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjUwODA2MDQwMjQzWhcNMjUwODA3MDQwMjQzWjAzMTEwLwYDVQQD
Eyg2Y2M0OWJlNTlhYzg4ZDVlOTBiM2ViMmRhMjE3NDY4ZGNlZDhmNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFMkMISOrXMC0ZwOTTy4TXO+of2B
Wz01/mmII1y1PELgWZ6nSwLXzCyqBqU7mjhsYYD9AO0ySFofQIUTQYF5Di1FNDIg
NqDGOH9soTyIxBXfyvEj7l7qRS1V9+G591DeOZRYuQKxyfpn67bXyoiYqWqFDdkA
sT4k+ssU4S2D1lnnmHv0cqDp3sL1Q2g9FOtnFwASV4jaT11WNe2GxFAe6+KxzKC4
wWRtOZxZDJOjN/E68oLQ2NMng6pft7ddvFRnA/GLybJSn19Po1Iw3//ZK+QUrpLK
TVOyB59gbjKmpsqhF2VHRVWk8uDJYdVA4jyb15sE6wKxrJQsxkl5xgu/4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzEm+WayI1ekLPrLaIXRo3O2PUuMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEFcSTe3
O0D+hIbcs3u7JS+tvBnbFMLIAd1ZH2xMEvp/lf7Ou5Tcy2f3aO05IO+9IMoEhNGz
2ynMljOgFG9DWzN0qXNaLnQS27wP59kgcPwDgkIpskDPegAnMSh5bTxDBemH/i5Y
g6MTJRgeIs7I+Gr93RF3R3pJ0K6HRzWwe+GSXj9nM0t35BjxAwVc6ldATVf2q+O7
coy08MEGOUFozLl/LiEtZm4k02+EeHgO9VlpRg9u5xxKA9O0eVc33MYgU7fo3l8c
9FRPlgRdptC4H+f1rkTDrbpKtTMu+u/1ke/UoKL6Scv60bPsSmBfMDHfr0kMy/B+
wVve+VfC3NOy7A==
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:13:58 2025 by rpki-client