Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          LoeuRF49UZV/w7pV8POIc0XdTxbBXfItaxvLFmUbwcw=
Subject key identifier:   F3:60:6B:94:9C:F9:75:A3:9C:F2:48:60:A6:21:F5:90:E3:C7:CF:FB
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       0198A04E6F45CD0A84E42A179E9786DA5BD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0A3A
Signing time:             Tue 12 Aug 2025 22:02:31 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:31 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:31 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: CGgnzra+gXsvw29s6B7sHOZkWWxtPgbhvv48/GvljAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:6f:45:cd:0a:84:e4:2a:17:9e:97:86:da:5b:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: Aug 12 22:02:31 2025 GMT
            Not After : Aug 13 22:02:31 2025 GMT
        Subject: CN=f3606b949cf975a39cf24860a621f590e3c7cffb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:68:cf:ff:11:2b:7b:b8:2c:1a:31:a1:9a:31:
                    7e:e6:02:9f:71:e3:65:f5:de:88:93:90:c4:cd:dd:
                    35:ef:19:ab:2d:4a:e6:26:a2:e3:02:cf:52:7b:0f:
                    5c:d1:a2:56:c7:94:84:82:98:49:86:c2:41:ef:59:
                    24:ba:88:2f:9f:89:e4:4c:37:8e:73:a6:a9:82:0d:
                    26:63:d0:96:a5:41:86:ea:76:a1:42:f1:7c:07:ed:
                    a0:c9:16:4d:1c:0e:b9:25:02:d4:1c:1c:37:c5:fd:
                    35:51:a0:6a:ff:87:5f:7e:48:e2:b7:aa:2f:57:8d:
                    c9:5e:8c:33:4e:66:05:a9:ed:db:50:2d:20:83:4a:
                    9a:8a:b9:8c:a9:33:53:bf:4a:30:33:cf:aa:e5:d5:
                    c6:ec:4d:02:0d:d1:08:e0:ce:8c:cb:d9:00:84:f1:
                    1d:92:63:2e:49:a3:91:29:7e:e0:93:2c:09:45:c9:
                    bd:d8:77:21:e2:30:e7:68:1c:a8:a7:a4:ed:9a:da:
                    20:13:e1:b0:04:65:60:33:97:7e:54:84:31:f2:84:
                    a3:88:08:2e:cd:37:26:79:14:90:25:82:50:d1:a2:
                    df:a5:1d:45:15:86:08:39:26:19:53:dd:fd:ce:79:
                    1e:69:b1:67:86:60:39:e4:2e:e6:14:47:d9:17:88:
                    93:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:60:6B:94:9C:F9:75:A3:9C:F2:48:60:A6:21:F5:90:E3:C7:CF:FB
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:39:c7:48:27:79:50:88:28:ae:47:03:42:a9:b9:12:4b:8e:
         be:72:49:0b:71:6c:62:cc:40:7b:89:70:7d:a8:aa:07:df:1f:
         65:6b:f0:b1:f4:0a:9a:5f:85:5e:e7:a4:2c:99:58:8b:cb:c8:
         be:2f:2c:7c:cb:d2:14:47:1e:c5:ff:fb:03:8a:ee:57:23:d2:
         cb:c6:c1:79:1b:39:5d:df:ff:aa:53:11:71:ca:ef:f0:92:a7:
         dd:66:4d:7e:e5:5d:4c:7e:eb:72:54:4e:bf:a0:9e:64:ae:4b:
         c6:39:21:d9:aa:fa:75:4a:bb:9a:c3:46:7d:ff:a2:3d:4d:b9:
         63:ae:dd:26:e3:8e:5a:b3:01:30:b2:69:ff:cf:bb:a4:c0:0b:
         f2:9d:87:54:d4:f6:98:46:85:1c:53:2c:e3:cc:e4:d7:9d:66:
         98:71:14:2d:31:ab:78:71:2b:42:b3:65:d2:b8:cf:28:fc:6d:
         42:ce:fa:d8:fa:a2:66:86:1a:19:e3:51:ea:0b:8a:4e:4c:ef:
         1e:4c:96:0b:40:d6:f4:71:8a:a5:54:9f:9c:03:f9:92:81:eb:
         74:3f:d0:ff:7c:e9:03:84:3c:16:83:d3:6c:ec:54:a6:a9:a3:
         ef:4a:54:b6:3a:36:53:5d:76:1d:76:3a:c1:34:97:3d:75:26:
         0e:79:3c:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTm9FzQqE5CoXnpeG2lvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjUwODEyMjIwMjMxWhcNMjUwODEzMjIwMjMxWjAzMTEwLwYDVQQD
EyhmMzYwNmI5NDljZjk3NWEzOWNmMjQ4NjBhNjIxZjU5MGUzYzdjZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWjP/xEre7gsGjGhmjF+5gKfceNl
9d6Ik5DEzd017xmrLUrmJqLjAs9Sew9c0aJWx5SEgphJhsJB71kkuogvn4nkTDeO
c6apgg0mY9CWpUGG6nahQvF8B+2gyRZNHA65JQLUHBw3xf01UaBq/4dffkjit6ov
V43JXowzTmYFqe3bUC0gg0qairmMqTNTv0owM8+q5dXG7E0CDdEI4M6My9kAhPEd
kmMuSaORKX7gkywJRcm92Hch4jDnaByop6TtmtogE+GwBGVgM5d+VIQx8oSjiAgu
zTcmeRSQJYJQ0aLfpR1FFYYIOSYZU939znkeabFnhmA55C7mFEfZF4iTQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNga5Sc+XWjnPJIYKYh9ZDjx8/7MB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeDnHSCd5
UIgorkcDQqm5EkuOvnJJC3FsYsxAe4lwfaiqB98fZWvwsfQKml+FXuekLJlYi8vI
vi8sfMvSFEcexf/7A4ruVyPSy8bBeRs5Xd//qlMRccrv8JKn3WZNfuVdTH7rclRO
v6CeZK5Lxjkh2ar6dUq7msNGff+iPU25Y67dJuOOWrMBMLJp/8+7pMAL8p2HVNT2
mEaFHFMs48zk151mmHEULTGreHErQrNl0rjPKPxtQs762PqiZoYaGeNR6guKTkzv
HkyWC0DW9HGKpVSfnAP5koHrdD/Q/3zpA4Q8FoPTbOxUpqmj70pUtjo2U112HXY6
wTSXPXUmDnk8ag==
-----END CERTIFICATE-----
Generated at Wed Aug 13 05:50:18 2025 by rpki-client