Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          Mg5TWCJI6LE3lqVrLhjly3KWImHbUB2qA1veDObpiXU=
Subject key identifier:   95:0F:5B:79:10:85:31:B9:8E:EF:7A:EA:05:68:C3:C7:DA:71:1E:1D
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       0198898EE2753B3BF489354333555F22CA98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          161D
Signing time:             Fri 08 Aug 2025 12:01:39 +0000
Manifest this update:     Fri 08 Aug 2025 12:01:39 +0000
Manifest next update:     Sat 09 Aug 2025 12:01:39 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: 4wwb73QHKJ1jqBwktGp2k/5wUiARBcktNBUciLEvwsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 11:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:89:8e:e2:75:3b:3b:f4:89:35:43:33:55:5f:22:ca:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: Aug  8 12:01:39 2025 GMT
            Not After : Aug  9 12:01:39 2025 GMT
        Subject: CN=950f5b79108531b98eef7aea0568c3c7da711e1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:37:2a:e5:f0:ca:0d:0c:de:84:08:90:60:24:
                    2c:8f:e9:31:98:bf:fb:41:4d:24:8a:86:c0:af:4f:
                    7f:58:4c:a9:55:9b:58:e8:19:94:1e:ec:17:ec:04:
                    41:72:d7:c4:be:05:be:8e:f3:0d:46:87:88:37:24:
                    51:ea:f0:97:61:a1:99:94:36:66:2f:41:e3:26:7e:
                    0a:16:5d:d6:98:0d:0b:5a:c2:e4:3d:84:6f:d7:01:
                    f7:7c:23:9f:d1:b3:41:da:1f:bd:eb:84:ed:4a:94:
                    b5:e3:e0:8e:f7:38:63:7c:31:45:aa:f8:15:47:10:
                    b0:34:c5:5d:ee:41:39:77:ef:fc:db:71:a5:f7:0e:
                    28:0d:7c:cc:d0:86:ca:59:a7:61:38:a5:96:d8:1a:
                    b7:05:e0:2d:a5:14:5c:6c:f8:88:61:cf:7e:86:cf:
                    50:22:48:6a:6c:e8:af:f4:fc:35:9d:ac:da:f8:ff:
                    ff:46:bd:e2:c9:c8:40:2e:d0:22:17:25:11:89:56:
                    73:6e:9f:d7:16:7d:ca:b2:61:46:ab:25:cd:64:b5:
                    48:cd:6e:ab:61:d5:6f:22:e7:92:6b:c6:7f:5a:59:
                    ba:53:89:74:09:03:e6:eb:72:97:03:8b:43:b6:ed:
                    37:f3:0e:1b:43:8e:0c:91:57:af:21:4a:f1:d0:09:
                    39:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:0F:5B:79:10:85:31:B9:8E:EF:7A:EA:05:68:C3:C7:DA:71:1E:1D
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:04:90:b8:ce:1b:12:02:e9:43:61:42:02:0a:a5:11:89:71:
         cc:b9:a3:05:c9:9d:8a:5a:40:eb:4c:d4:2f:51:2a:e7:3a:6b:
         11:77:f4:7a:54:de:fc:91:42:96:f8:84:c7:07:c5:de:ce:59:
         bd:3e:9b:16:f2:08:4e:02:1d:8a:a0:a6:db:86:90:52:2e:95:
         56:77:f7:25:c5:b5:48:ed:8b:6b:84:4b:39:22:fd:fb:5e:69:
         b4:be:29:09:03:ac:6b:31:26:f8:bd:00:46:60:f2:29:62:db:
         0b:ec:f0:90:4b:ea:f5:3d:1b:65:92:49:78:2c:6e:71:bc:7f:
         1e:23:c9:fc:02:c0:87:bf:49:5c:90:7c:47:89:bb:37:cf:da:
         e5:41:d4:11:70:76:c1:8b:2a:e9:2d:c9:27:7c:ca:f7:77:8f:
         8a:99:86:b3:ba:23:57:a5:3f:ea:35:39:f0:3e:f4:3c:9c:ed:
         b7:29:19:ab:d8:55:7c:48:c3:b7:3c:e1:19:6a:e0:00:d1:72:
         70:f7:65:3c:aa:75:d2:67:da:4e:95:a8:d2:ff:40:59:b7:6a:
         ae:a0:6c:88:9f:25:c4:8f:31:76:4b:a4:84:1a:0f:78:87:54:
         92:76:97:01:64:92:8a:65:bf:98:38:34:4e:20:d7:d0:e9:7f:
         d1:32:50:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiJjuJ1Ozv0iTVDM1VfIsqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjUwODA4MTIwMTM5WhcNMjUwODA5MTIwMTM5WjAzMTEwLwYDVQQD
Eyg5NTBmNWI3OTEwODUzMWI5OGVlZjdhZWEwNTY4YzNjN2RhNzExZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTcq5fDKDQzehAiQYCQsj+kxmL/7
QU0kiobAr09/WEypVZtY6BmUHuwX7ARBctfEvgW+jvMNRoeINyRR6vCXYaGZlDZm
L0HjJn4KFl3WmA0LWsLkPYRv1wH3fCOf0bNB2h+964TtSpS14+CO9zhjfDFFqvgV
RxCwNMVd7kE5d+/823Gl9w4oDXzM0IbKWadhOKWW2Bq3BeAtpRRcbPiIYc9+hs9Q
IkhqbOiv9Pw1naza+P//Rr3iychALtAiFyURiVZzbp/XFn3KsmFGqyXNZLVIzW6r
YdVvIueSa8Z/Wlm6U4l0CQPm63KXA4tDtu038w4bQ44MkVevIUrx0Ak5CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUPW3kQhTG5ju966gVow8facR4dMB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcwSQuM4b
EgLpQ2FCAgqlEYlxzLmjBcmdilpA60zUL1Eq5zprEXf0elTe/JFClviExwfF3s5Z
vT6bFvIITgIdiqCm24aQUi6VVnf3JcW1SO2La4RLOSL9+15ptL4pCQOsazEm+L0A
RmDyKWLbC+zwkEvq9T0bZZJJeCxucbx/HiPJ/ALAh79JXJB8R4m7N8/a5UHUEXB2
wYsq6S3JJ3zK93ePipmGs7ojV6U/6jU58D70PJzttykZq9hVfEjDtzzhGWrgANFy
cPdlPKp10mfaTpWo0v9AWbdqrqBsiJ8lxI8xdkukhBoPeIdUknaXAWSSimW/mDg0
TiDX0Ol/0TJQWw==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:58:27 2025 by rpki-client