Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft
File:                     OQJ3OPl4_tokqdh7DLi7mqevVA0.mft (raw, json)
Hash identifier:          NCancw7tNRu+A6nzch3Jf0c/QAysmMuPC+x7q3wKfGM=
Subject key identifier:   C5:D0:B6:90:C8:09:C7:55:F3:9C:BD:1B:F0:CD:41:03:34:C1:88:1E
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Certificate issuer:       /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial:       01968210840F12018C95AA151467652B83F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft
Manifest number:          151F
Signing time:             Tue 29 Apr 2025 15:00:42 +0000
Manifest this update:     Tue 29 Apr 2025 15:00:42 +0000
Manifest next update:     Wed 30 Apr 2025 15:00:42 +0000
Files and hashes:         1: OQJ3OPl4_tokqdh7DLi7mqevVA0.crl (hash: bHvlurbeMyjEj1IXQrNe8Ph2m13fcouSENsoFtGzcos=)
                          2: THEjTsFNcxDVZEOdq3GfXqXC4zc.roa (hash: x5CBmcScUC+Y/Wuw5WgYT+dNtpSqSEasQSVqzZJLzc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:10:84:0f:12:01:8c:95:aa:15:14:67:65:2b:83:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
        Validity
            Not Before: Apr 29 15:00:42 2025 GMT
            Not After : Apr 30 15:00:42 2025 GMT
        Subject: CN=c5d0b690c809c755f39cbd1bf0cd410334c1881e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d3:71:80:b5:55:a6:94:8a:8f:69:93:b3:5b:
                    3a:85:b6:af:e5:20:8f:12:e7:33:ee:af:2f:36:73:
                    cb:d1:b2:18:61:27:90:58:e9:38:cc:18:a8:ff:ef:
                    21:7d:b4:94:77:6c:19:72:b9:96:23:80:21:eb:cf:
                    61:5a:d3:e6:c2:82:f2:a7:91:ac:7c:c9:95:34:98:
                    22:d7:05:4d:fc:02:6c:9a:8d:c9:b2:e4:ab:70:16:
                    f9:ca:e0:dd:e1:d1:95:e5:b4:2a:fb:b0:41:b2:9c:
                    42:19:fb:9f:71:03:1e:3b:93:50:9b:53:27:3b:25:
                    08:ff:a6:76:e1:61:f4:82:76:fb:75:31:2e:0b:61:
                    33:97:b4:f3:25:21:b1:b8:ed:81:5b:e8:0d:f3:63:
                    d4:cf:24:b9:96:97:e1:b7:d6:53:52:38:85:35:fc:
                    f3:3c:b9:c2:54:65:02:d1:4e:18:4c:8e:bf:44:74:
                    83:17:38:ec:c1:9c:6b:05:fa:82:92:8e:11:d4:d2:
                    96:a1:dc:02:d7:ac:51:0d:63:0b:20:ee:14:d0:09:
                    a4:36:7c:5f:46:02:84:13:b3:f3:59:4c:91:3a:f5:
                    04:a6:f3:68:e2:6e:c5:e4:6d:e6:ac:db:a1:92:f8:
                    28:51:d5:0c:af:97:fd:3b:fa:78:b6:26:e1:e4:0d:
                    d7:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:D0:B6:90:C8:09:C7:55:F3:9C:BD:1B:F0:CD:41:03:34:C1:88:1E
            X509v3 Authority Key Identifier:
                keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:2a:2e:f1:26:fd:dd:b3:4b:c7:30:d2:0b:11:68:9c:80:a4:
         58:e0:33:97:af:bc:b9:e6:57:79:6b:38:d8:cb:87:09:56:55:
         a1:24:6e:ea:7a:a6:95:6a:b1:bf:b6:b2:93:44:51:37:a4:61:
         c3:8e:c6:af:3d:ae:e8:34:80:25:8b:0a:10:73:7e:a6:c9:38:
         9d:6b:a1:01:37:92:21:e9:c6:67:3b:ca:d2:49:fb:d0:b3:19:
         22:4d:88:7e:fe:0a:99:6c:0c:5d:96:6f:9e:37:5d:51:d2:79:
         c6:57:62:e4:f8:2e:b8:44:67:f2:35:4d:3f:db:83:a0:0f:60:
         73:ce:3a:61:a6:cf:06:4c:b8:f2:17:1a:5a:db:f8:df:b5:b8:
         83:c5:d3:dc:25:90:18:22:53:55:2f:97:91:1b:e3:73:6c:82:
         ea:82:3e:94:a7:3b:f5:95:6f:ae:2b:bd:3f:fb:84:d7:a1:20:
         37:35:ea:9a:4e:03:39:b2:c8:fd:e0:02:d8:39:dd:03:54:5b:
         4a:28:6f:06:2e:47:75:0c:e0:35:50:93:ed:6f:26:ac:4c:60:
         98:d5:25:64:4e:ad:bf:75:8c:0d:be:ca:64:c5:56:c6:60:9f:
         92:4f:79:62:4d:c9:67:76:4a:de:7b:ee:8d:78:51:b2:bd:4f:
         e8:c8:95:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEIQPEgGMlaoVFGdlK4PwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjUwNDI5MTUwMDQyWhcNMjUwNDMwMTUwMDQyWjAzMTEwLwYDVQQD
EyhjNWQwYjY5MGM4MDljNzU1ZjM5Y2JkMWJmMGNkNDEwMzM0YzE4ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktNxgLVVppSKj2mTs1s6hbav5SCP
Eucz7q8vNnPL0bIYYSeQWOk4zBio/+8hfbSUd2wZcrmWI4Ah689hWtPmwoLyp5Gs
fMmVNJgi1wVN/AJsmo3JsuSrcBb5yuDd4dGV5bQq+7BBspxCGfufcQMeO5NQm1Mn
OyUI/6Z24WH0gnb7dTEuC2Ezl7TzJSGxuO2BW+gN82PUzyS5lpfht9ZTUjiFNfzz
PLnCVGUC0U4YTI6/RHSDFzjswZxrBfqCko4R1NKWodwC16xRDWMLIO4U0AmkNnxf
RgKEE7PzWUyROvUEpvNo4m7F5G3mrNuhkvgoUdUMr5f9O/p4tibh5A3XAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXQtpDICcdV85y9G/DNQQM0wYgeMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOyou8Sb9
3bNLxzDSCxFonICkWOAzl6+8ueZXeWs42MuHCVZVoSRu6nqmlWqxv7ayk0RRN6Rh
w47Grz2u6DSAJYsKEHN+psk4nWuhATeSIenGZzvK0kn70LMZIk2Ifv4KmWwMXZZv
njddUdJ5xldi5PguuERn8jVNP9uDoA9gc846YabPBky48hcaWtv437W4g8XT3CWQ
GCJTVS+XkRvjc2yC6oI+lKc79ZVvriu9P/uE16EgNzXqmk4DObLI/eAC2DndA1Rb
SihvBi5HdQzgNVCT7W8mrExgmNUlZE6tv3WMDb7KZMVWxmCfkk95Yk3JZ3ZK3nvu
jXhRsr1P6MiVgg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:32:56 2025 by rpki-client