Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft
File:                     OQJ3OPl4_tokqdh7DLi7mqevVA0.mft (raw, json)
Hash identifier:          Q2d78kBeQqHV5KdEs+8o3AkjefZ8WfkYH4AReAKTzgM=
Subject key identifier:   A0:B6:46:73:05:4D:FF:C2:5E:8B:70:18:66:9E:D3:A6:97:4F:71:11
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Certificate issuer:       /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial:       019683FEEEF4C39DDF189852AADF3CB3229A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft
Manifest number:          1520
Signing time:             Wed 30 Apr 2025 00:00:44 +0000
Manifest this update:     Wed 30 Apr 2025 00:00:44 +0000
Manifest next update:     Thu 01 May 2025 00:00:44 +0000
Files and hashes:         1: OQJ3OPl4_tokqdh7DLi7mqevVA0.crl (hash: a5w1qgG1BozUrqYxp0aQoKVqmgIhbCTsnjXur1gDPrM=)
                          2: THEjTsFNcxDVZEOdq3GfXqXC4zc.roa (hash: x5CBmcScUC+Y/Wuw5WgYT+dNtpSqSEasQSVqzZJLzc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:fe:ee:f4:c3:9d:df:18:98:52:aa:df:3c:b3:22:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
        Validity
            Not Before: Apr 30 00:00:44 2025 GMT
            Not After : May  1 00:00:44 2025 GMT
        Subject: CN=a0b64673054dffc25e8b7018669ed3a6974f7111
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:04:c8:1f:b9:14:db:78:10:5e:6c:b2:84:95:
                    98:56:56:b6:a2:4a:ef:77:45:50:47:91:ba:56:62:
                    ff:ba:4d:ab:33:12:dd:aa:ab:c3:44:a7:88:dc:65:
                    de:60:c0:ec:37:e2:d8:23:bf:f2:5a:48:4d:8b:f2:
                    0e:d1:8b:cd:8e:09:77:45:60:21:e7:0b:25:33:ef:
                    ac:62:0d:5d:f9:42:b9:cc:66:aa:f4:6f:18:51:86:
                    03:1c:40:c1:6e:c9:d3:94:67:2c:9d:91:0e:87:a7:
                    13:11:0a:56:cc:01:93:4f:76:bc:72:69:f8:55:32:
                    4b:c6:2c:8a:f6:b6:7a:ec:f6:c8:a2:48:c7:01:b2:
                    ea:de:b5:ce:b1:82:32:d5:3f:a8:54:9a:08:ea:21:
                    80:f9:9b:cb:0a:7e:a1:a6:32:85:07:e9:1e:53:3d:
                    60:6a:09:81:d3:a7:be:d3:49:05:f6:de:31:db:2a:
                    a0:01:aa:37:ee:ee:fc:66:a4:e8:dd:cc:a2:1f:b9:
                    e4:a7:bd:8a:fd:4b:d4:0d:4f:2b:67:ea:1d:a7:98:
                    a2:51:b5:6c:9b:bf:fc:5d:9a:19:c3:56:50:7f:c4:
                    20:91:4f:e9:31:da:69:91:ff:33:06:c1:ee:a0:19:
                    72:34:d5:de:b1:4e:6c:4b:b4:5d:39:8e:5d:b8:4e:
                    49:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:B6:46:73:05:4D:FF:C2:5E:8B:70:18:66:9E:D3:A6:97:4F:71:11
            X509v3 Authority Key Identifier:
                keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:6f:fd:fd:ec:1b:12:eb:21:dd:a1:dc:e7:54:e5:0e:80:ce:
         d2:ed:ac:f7:9c:6d:f3:cd:d1:a8:f0:a7:08:4b:2a:df:29:b7:
         a9:d7:54:3a:86:fe:28:4f:a8:86:8a:5e:a6:b1:23:97:00:c3:
         fe:cc:df:e3:ca:16:65:1d:ad:c6:4f:23:c3:7a:81:5e:52:6f:
         7d:e9:01:49:65:fb:82:35:cb:39:69:1d:61:a9:50:bc:ba:47:
         10:17:52:2b:15:ec:97:fb:8c:86:0e:6c:20:3f:f4:78:ee:8f:
         ba:a6:8d:b7:40:7b:6d:ec:81:34:31:6c:f6:c3:cf:2a:31:0f:
         79:a6:73:7c:70:f9:00:63:20:d8:3b:78:2e:b1:a6:44:b3:28:
         3c:a7:6b:13:77:db:58:92:f6:95:a3:4c:bc:f2:f4:1b:73:cd:
         9b:81:1c:11:b6:92:61:85:00:73:92:bc:4c:90:a0:5e:cc:ae:
         04:49:4b:8f:a9:f0:23:2d:a6:cc:7e:23:c3:96:a5:19:eb:77:
         91:d6:53:57:06:86:8f:51:f0:95:e5:84:05:d5:ba:23:f0:76:
         00:da:b3:bc:47:ce:30:80:7e:b9:60:0a:66:8d:78:98:c4:0e:
         4a:b9:4a:75:cc:9e:56:13:87:b0:25:8f:75:ed:83:2c:79:0d:
         2b:d6:df:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/u70w53fGJhSqt88syKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjUwNDMwMDAwMDQ0WhcNMjUwNTAxMDAwMDQ0WjAzMTEwLwYDVQQD
EyhhMGI2NDY3MzA1NGRmZmMyNWU4YjcwMTg2NjllZDNhNjk3NGY3MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugTIH7kU23gQXmyyhJWYVla2okrv
d0VQR5G6VmL/uk2rMxLdqqvDRKeI3GXeYMDsN+LYI7/yWkhNi/IO0YvNjgl3RWAh
5wslM++sYg1d+UK5zGaq9G8YUYYDHEDBbsnTlGcsnZEOh6cTEQpWzAGTT3a8cmn4
VTJLxiyK9rZ67PbIokjHAbLq3rXOsYIy1T+oVJoI6iGA+ZvLCn6hpjKFB+keUz1g
agmB06e+00kF9t4x2yqgAao37u78ZqTo3cyiH7nkp72K/UvUDU8rZ+odp5iiUbVs
m7/8XZoZw1ZQf8QgkU/pMdppkf8zBsHuoBlyNNXesU5sS7RdOY5duE5J6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKC2RnMFTf/CXotwGGae06aXT3ERMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgm/9/ewb
Eush3aHc51TlDoDO0u2s95xt883RqPCnCEsq3ym3qddUOob+KE+ohopeprEjlwDD
/szf48oWZR2txk8jw3qBXlJvfekBSWX7gjXLOWkdYalQvLpHEBdSKxXsl/uMhg5s
ID/0eO6PuqaNt0B7beyBNDFs9sPPKjEPeaZzfHD5AGMg2Dt4LrGmRLMoPKdrE3fb
WJL2laNMvPL0G3PNm4EcEbaSYYUAc5K8TJCgXsyuBElLj6nwIy2mzH4jw5alGet3
kdZTVwaGj1HwleWEBdW6I/B2ANqzvEfOMIB+uWAKZo14mMQOSrlKdcyeVhOHsCWP
de2DLHkNK9bflA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:29:41 2025 by rpki-client