Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
File:                     1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json)
Hash identifier:          QZQ9lb8ykJid2fWIoLjdhj9eZJkd6jmpu0u6e/dKNm0=
Subject key identifier:   48:D2:5F:A1:9B:81:A6:29:34:A0:42:24:A9:40:63:23:F4:8F:F5:4C
Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
Certificate issuer:       /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Certificate serial:       01988F2294F8BB9B894780CD84A74058274A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
Manifest number:          0C24
Signing time:             Sat 09 Aug 2025 14:01:04 +0000
Manifest this update:     Sat 09 Aug 2025 14:01:04 +0000
Manifest next update:     Sun 10 Aug 2025 14:01:04 +0000
Files and hashes:         1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: 6P8qFrMdInadW25vq0/AuAMPdDUn2thO+nv90tK7I7A=)
                          2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:22:94:f8:bb:9b:89:47:80:cd:84:a7:40:58:27:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
        Validity
            Not Before: Aug  9 14:01:04 2025 GMT
            Not After : Aug 10 14:01:04 2025 GMT
        Subject: CN=48d25fa19b81a62934a04224a9406323f48ff54c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:64:78:ff:14:23:bd:7b:17:e3:d9:c8:c2:e9:
                    19:19:68:16:bd:d1:a3:12:6c:8b:f9:fe:23:bd:28:
                    7c:97:5e:d6:77:81:87:df:b6:8b:7a:e2:3c:f7:9e:
                    7d:da:88:f0:ea:0a:2e:6b:3b:a6:37:d9:d3:64:f0:
                    df:44:e7:15:64:62:b5:33:6e:f9:f8:85:85:67:c6:
                    df:a5:8c:5a:12:85:53:35:fd:5b:3a:a7:e4:5f:57:
                    e8:df:1e:5e:96:b1:01:7c:1e:99:a9:fe:0b:78:57:
                    b5:56:36:f6:62:af:7b:d6:3f:90:c5:6a:21:ca:53:
                    16:79:99:4d:25:06:79:75:02:3f:57:1b:b8:5f:47:
                    40:10:13:63:24:28:6a:af:65:1b:5a:61:85:70:c0:
                    8a:f9:2e:4c:5f:dd:7c:c8:2f:de:24:fc:13:e2:34:
                    f1:2d:22:6a:b3:cf:f9:fb:39:60:b5:b2:85:24:c8:
                    3c:d6:e1:be:dc:82:28:ae:38:82:70:06:50:42:65:
                    80:a0:c9:a6:98:8d:1c:f6:f6:e9:cf:7a:b5:2c:cc:
                    e1:61:52:a6:2c:3b:16:44:93:fb:83:cc:13:0b:4a:
                    5c:ac:38:1c:c9:eb:9a:22:db:68:67:58:66:33:91:
                    32:60:5a:61:47:20:c9:38:54:d5:a0:d3:2b:d9:4a:
                    0f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D2:5F:A1:9B:81:A6:29:34:A0:42:24:A9:40:63:23:F4:8F:F5:4C
            X509v3 Authority Key Identifier:
                keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:f9:14:82:1a:92:e5:cf:bf:a1:67:48:b1:e8:13:f4:c6:26:
         ff:31:66:fb:57:26:94:b9:c4:bc:a7:a5:34:f1:d0:61:cd:55:
         e5:79:59:fb:e9:13:2c:45:ef:b3:c2:bc:97:20:4b:32:91:fd:
         e9:65:a7:d1:a1:c3:53:1c:fd:d7:9a:e6:9c:9f:8d:c5:f4:35:
         22:d7:51:cc:31:96:ea:e1:2f:b6:f4:33:ad:11:bc:e0:77:17:
         2c:68:b7:a8:ae:c0:2e:fc:cd:0f:6e:9b:30:ce:ad:c0:a7:65:
         d6:33:ee:8d:b8:dc:50:82:60:8a:17:b7:bc:26:f6:22:e4:2c:
         7c:94:25:94:dd:ad:06:2a:a2:c8:84:89:4d:66:a0:0d:8b:5e:
         79:88:a0:b9:44:de:63:23:d5:13:2b:54:8b:e3:8f:b4:47:f9:
         68:b0:db:e4:7c:08:f2:e4:a7:3b:22:78:9e:2d:d9:1b:6c:af:
         61:33:04:b6:20:ce:7b:cb:11:c0:d4:a6:28:c7:06:9f:c3:66:
         bc:b4:a6:c1:a3:95:a0:de:ff:bb:0b:c8:fc:47:30:85:84:f2:
         20:e7:60:55:ab:84:07:26:24:25:84:4f:76:f2:cf:ca:11:0d:
         7d:07:3f:6e:74:8f:0d:60:bf:8d:14:60:ea:2d:e8:ab:10:ee:
         92:76:47:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPIpT4u5uJR4DNhKdAWCdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx
ZWJlOWQwHhcNMjUwODA5MTQwMTA0WhcNMjUwODEwMTQwMTA0WjAzMTEwLwYDVQQD
Eyg0OGQyNWZhMTliODFhNjI5MzRhMDQyMjRhOTQwNjMyM2Y0OGZmNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWR4/xQjvXsX49nIwukZGWgWvdGj
EmyL+f4jvSh8l17Wd4GH37aLeuI895592ojw6gouazumN9nTZPDfROcVZGK1M275
+IWFZ8bfpYxaEoVTNf1bOqfkX1fo3x5elrEBfB6Zqf4LeFe1Vjb2Yq971j+QxWoh
ylMWeZlNJQZ5dQI/Vxu4X0dAEBNjJChqr2UbWmGFcMCK+S5MX918yC/eJPwT4jTx
LSJqs8/5+zlgtbKFJMg81uG+3IIorjiCcAZQQmWAoMmmmI0c9vbpz3q1LMzhYVKm
LDsWRJP7g8wTC0pcrDgcyeuaIttoZ1hmM5EyYFphRyDJOFTVoNMr2UoPMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjSX6GbgaYpNKBCJKlAYyP0j/VMMB8GA1UdIwQY
MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt
MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm
LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvkUghqS
5c+/oWdIsegT9MYm/zFm+1cmlLnEvKelNPHQYc1V5XlZ++kTLEXvs8K8lyBLMpH9
6WWn0aHDUxz915rmnJ+NxfQ1ItdRzDGW6uEvtvQzrRG84HcXLGi3qK7ALvzND26b
MM6twKdl1jPujbjcUIJgihe3vCb2IuQsfJQllN2tBiqiyISJTWagDYteeYiguUTe
YyPVEytUi+OPtEf5aLDb5HwI8uSnOyJ4ni3ZG2yvYTMEtiDOe8sRwNSmKMcGn8Nm
vLSmwaOVoN7/uwvI/EcwhYTyIOdgVauEByYkJYRPdvLPyhENfQc/bnSPDWC/jRRg
6i3oqxDuknZHBw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:38:04 2025 by rpki-client