Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          R4guyiTrWfizRoP17E1eK8wN7RQJAsve11+e+lhPzDg=
Subject key identifier:   78:D9:BE:6A:2D:0C:2E:14:48:F4:BE:11:83:E2:18:18:37:1C:55:EE
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       019880C1E83CBBE5708FE23D3BFC3ACA46A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0A6F
Signing time:             Wed 06 Aug 2025 19:00:48 +0000
Manifest this update:     Wed 06 Aug 2025 19:00:48 +0000
Manifest next update:     Thu 07 Aug 2025 19:00:48 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: HIYIckdMjfTEZOOm6dYePqAhB+Zbbtd2HGOJc8DmLc0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c1:e8:3c:bb:e5:70:8f:e2:3d:3b:fc:3a:ca:46:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Aug  6 19:00:48 2025 GMT
            Not After : Aug  7 19:00:48 2025 GMT
        Subject: CN=78d9be6a2d0c2e1448f4be1183e21818371c55ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d8:c0:f5:d2:99:cb:07:38:cd:00:bd:48:b6:
                    f5:9f:ae:31:90:e5:76:61:03:cd:ab:87:b3:24:8b:
                    ce:a6:a8:36:6f:74:30:9d:81:b0:cd:b5:51:12:aa:
                    b0:15:21:6d:39:98:27:43:f0:32:30:62:fb:a4:0e:
                    ad:54:52:6f:eb:88:93:04:d1:b7:97:0e:8b:89:25:
                    91:fd:3a:a1:8d:21:4f:0a:0b:f7:95:64:37:af:2d:
                    d2:08:b0:97:13:34:94:3a:95:79:df:70:5d:46:3f:
                    c2:f3:27:7c:7f:5c:db:8c:68:d7:4d:33:b5:e4:57:
                    06:e1:04:49:d9:7b:63:d3:3c:50:4d:01:d8:6f:db:
                    ab:08:5b:ab:d8:50:ea:cc:6b:6b:f3:1f:17:84:5a:
                    17:b5:d0:24:8f:9b:59:09:89:8c:41:db:bf:02:61:
                    ba:4e:2e:d1:1c:b1:35:f3:83:50:6a:fa:0f:d5:e7:
                    3b:00:e6:c9:68:62:29:55:b7:a9:23:4a:6b:16:d6:
                    ec:9d:0c:f3:32:ee:d8:c3:81:36:84:79:32:d1:b9:
                    43:ce:e1:3d:9f:db:cd:ad:c5:3a:04:95:43:78:a9:
                    39:55:c5:01:b9:85:49:aa:18:01:3c:52:07:5e:9b:
                    c7:b1:92:a8:50:53:86:dd:45:3d:ec:d2:e6:5d:68:
                    64:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:D9:BE:6A:2D:0C:2E:14:48:F4:BE:11:83:E2:18:18:37:1C:55:EE
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:af:a7:3e:d5:da:38:44:db:8f:ef:b0:11:9c:4b:9a:6c:3f:
         ad:37:24:42:41:eb:18:b3:3c:65:5a:da:44:9f:35:cf:89:59:
         3d:3f:d3:dd:5f:f4:25:22:c6:1d:c3:8e:f3:04:95:56:b3:f7:
         a9:81:35:2e:c8:2e:63:be:60:53:16:ba:42:a3:51:9a:14:2e:
         08:c5:2c:89:66:cc:0f:0b:6b:8d:2f:6b:f4:40:39:29:f6:af:
         e5:5d:85:db:25:d2:57:fa:ec:3b:b2:57:2c:cb:d1:84:af:95:
         de:e4:95:b0:63:23:d1:a0:99:f5:cb:3e:a3:59:4d:9c:52:6e:
         88:8b:45:37:0f:00:39:c2:60:56:d6:4b:63:2b:34:a4:91:18:
         94:3b:5f:6c:34:e0:eb:80:d3:8b:8a:46:ed:ce:16:40:72:9c:
         53:61:bf:ca:fa:7f:27:57:c0:02:91:16:5f:a1:69:32:e8:0d:
         58:5a:ca:81:4b:8a:56:4b:79:9b:a2:1e:36:7f:d8:09:fe:85:
         b5:87:33:c9:60:48:37:29:17:42:92:ee:b9:31:7a:ab:c1:a0:
         86:ed:8e:0d:c3:ca:c8:08:31:84:f4:77:a4:3d:19:f3:12:5e:
         bd:1b:84:22:f0:99:5c:08:42:a1:b6:21:c5:04:28:d0:d9:18:
         52:4a:b4:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAweg8u+Vwj+I9O/w6ykalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwODA2MTkwMDQ4WhcNMjUwODA3MTkwMDQ4WjAzMTEwLwYDVQQD
Eyg3OGQ5YmU2YTJkMGMyZTE0NDhmNGJlMTE4M2UyMTgxODM3MWM1NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutjA9dKZywc4zQC9SLb1n64xkOV2
YQPNq4ezJIvOpqg2b3QwnYGwzbVREqqwFSFtOZgnQ/AyMGL7pA6tVFJv64iTBNG3
lw6LiSWR/TqhjSFPCgv3lWQ3ry3SCLCXEzSUOpV533BdRj/C8yd8f1zbjGjXTTO1
5FcG4QRJ2Xtj0zxQTQHYb9urCFur2FDqzGtr8x8XhFoXtdAkj5tZCYmMQdu/AmG6
Ti7RHLE184NQavoP1ec7AObJaGIpVbepI0prFtbsnQzzMu7Yw4E2hHky0blDzuE9
n9vNrcU6BJVDeKk5VcUBuYVJqhgBPFIHXpvHsZKoUFOG3UU97NLmXWhktwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjZvmotDC4USPS+EYPiGBg3HFXuMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABK+nPtXa
OETbj++wEZxLmmw/rTckQkHrGLM8ZVraRJ81z4lZPT/T3V/0JSLGHcOO8wSVVrP3
qYE1LsguY75gUxa6QqNRmhQuCMUsiWbMDwtrjS9r9EA5Kfav5V2F2yXSV/rsO7JX
LMvRhK+V3uSVsGMj0aCZ9cs+o1lNnFJuiItFNw8AOcJgVtZLYys0pJEYlDtfbDTg
64DTi4pG7c4WQHKcU2G/yvp/J1fAApEWX6FpMugNWFrKgUuKVkt5m6IeNn/YCf6F
tYczyWBINykXQpLuuTF6q8Gghu2ODcPKyAgxhPR3pD0Z8xJevRuEIvCZXAhCobYh
xQQo0NkYUkq0qQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 01:18:38 2025 by rpki-client