Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.mft
File:                     ORxdMzEUXsjicYdvgEIge50Ay2Q.mft (raw, json)
Hash identifier:          MvB5CrKnSgeZEfqgYipGTq8bA8y4Bp/XzQ/LFJPIk6o=
Subject key identifier:   60:51:08:27:32:DA:04:C9:EE:A0:82:00:4D:40:8E:B6:20:30:FB:54
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Certificate issuer:       /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial:       019893A3E26847E32EB8D7DA9FE79813DC8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.mft
Manifest number:          0EFE
Signing time:             Sun 10 Aug 2025 11:00:47 +0000
Manifest this update:     Sun 10 Aug 2025 11:00:47 +0000
Manifest next update:     Mon 11 Aug 2025 11:00:47 +0000
Files and hashes:         1: ORxdMzEUXsjicYdvgEIge50Ay2Q.crl (hash: nZxiZGebh8q2UVHu7ERjAQWrg4TofVigRLrvSml/01o=)
                          2: OST4PzA3ppU9tim3_KfBBcrqcgQ.roa (hash: 7aAkIwPTKpTiRriNWV3feZU6/0BHu+h2F1+5PEi7g88=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:a3:e2:68:47:e3:2e:b8:d7:da:9f:e7:98:13:dc:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
        Validity
            Not Before: Aug 10 11:00:47 2025 GMT
            Not After : Aug 11 11:00:47 2025 GMT
        Subject: CN=6051082732da04c9eea082004d408eb62030fb54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:87:9d:74:09:92:05:b5:ef:50:31:7e:d0:fc:
                    52:58:71:59:7a:2e:bc:17:dc:cb:dc:83:fa:d0:be:
                    a5:76:6e:12:87:5d:5d:01:0f:7a:5a:69:68:6a:03:
                    94:a1:0b:77:f8:e2:94:b3:18:ba:f7:a1:db:d3:12:
                    06:42:09:b3:67:72:cc:b6:0a:c4:20:58:9e:4f:1e:
                    9b:06:c6:f2:ec:55:3d:f0:5e:ce:8c:4b:b1:11:99:
                    fa:49:4e:28:a3:82:e9:ae:eb:a8:01:ec:cf:ad:4e:
                    4d:ec:6d:68:ae:62:ca:9a:32:28:f5:53:8c:1e:d6:
                    31:f7:c9:51:79:fb:67:33:aa:ae:87:a7:06:aa:84:
                    02:e6:e2:bb:47:4b:03:0a:e0:8d:df:7f:b5:96:e1:
                    96:24:25:75:cd:84:ba:f7:00:ff:8e:94:8b:af:b8:
                    4f:c9:aa:3f:6d:28:77:db:b8:76:7c:d6:cb:b7:f1:
                    7c:aa:23:4f:eb:8c:5a:30:22:51:ff:51:43:4f:e8:
                    b3:d1:f8:45:46:c9:be:48:a7:6c:6b:c9:65:3e:33:
                    a2:bc:06:2f:f4:e9:24:a6:5f:f6:a9:8a:ba:4b:76:
                    88:ad:f3:3b:ce:9d:22:be:55:13:a8:69:24:55:90:
                    72:e5:ed:42:7c:8c:31:e4:f9:e1:26:e1:ca:10:7a:
                    a4:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:51:08:27:32:DA:04:C9:EE:A0:82:00:4D:40:8E:B6:20:30:FB:54
            X509v3 Authority Key Identifier:
                keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:fa:a0:35:2c:66:dc:71:23:50:16:06:ed:ca:04:ef:cb:89:
         6b:b7:1b:60:2c:e1:1d:96:ff:e9:ca:71:33:0e:67:7b:ba:ae:
         97:39:f2:7a:12:84:2f:3f:c5:8a:16:29:e8:95:52:89:17:71:
         70:3e:b4:83:ff:e4:eb:1a:6e:dc:6f:d9:7d:d7:a3:13:d4:31:
         5b:43:a4:25:c5:19:cc:da:ee:67:a8:dc:27:d5:aa:0d:bf:fa:
         79:b2:b2:c1:f3:8f:f5:8f:2e:29:91:eb:d2:10:35:59:de:ac:
         55:42:b7:5a:f2:12:85:c1:c5:73:80:51:c5:9a:1d:7b:da:f3:
         0e:21:d2:b3:7d:36:5e:d5:f9:4e:25:f5:b0:78:4c:c6:12:99:
         33:d4:d5:34:0c:8d:4b:8e:05:c6:a5:14:cb:56:e1:36:60:88:
         08:70:4d:c1:47:7e:76:29:19:65:4f:d8:a5:1b:b5:f2:1e:e9:
         89:cc:27:96:41:5a:7a:3f:c6:27:34:52:ab:26:1c:a4:f3:f9:
         9e:7c:54:ee:11:dd:ba:2c:c7:ec:f6:f2:af:dd:50:cb:61:fa:
         7f:cb:ee:cf:e5:b9:b3:4b:1c:94:3a:9d:04:e6:62:f7:de:dc:
         92:23:a7:f0:9f:44:d4:9f:68:b4:d2:c4:b0:16:37:76:69:89:
         77:a8:a9:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTo+JoR+MuuNfan+eYE9yMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjUwODEwMTEwMDQ3WhcNMjUwODExMTEwMDQ3WjAzMTEwLwYDVQQD
Eyg2MDUxMDgyNzMyZGEwNGM5ZWVhMDgyMDA0ZDQwOGViNjIwMzBmYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4eddAmSBbXvUDF+0PxSWHFZei68
F9zL3IP60L6ldm4Sh11dAQ96WmloagOUoQt3+OKUsxi696Hb0xIGQgmzZ3LMtgrE
IFieTx6bBsby7FU98F7OjEuxEZn6SU4oo4LpruuoAezPrU5N7G1ormLKmjIo9VOM
HtYx98lReftnM6quh6cGqoQC5uK7R0sDCuCN33+1luGWJCV1zYS69wD/jpSLr7hP
yao/bSh327h2fNbLt/F8qiNP64xaMCJR/1FDT+iz0fhFRsm+SKdsa8llPjOivAYv
9Okkpl/2qYq6S3aIrfM7zp0ivlUTqGkkVZBy5e1CfIwx5PnhJuHKEHqkawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBRCCcy2gTJ7qCCAE1AjrYgMPtUMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/qgNSxm
3HEjUBYG7coE78uJa7cbYCzhHZb/6cpxMw5ne7qulznyehKELz/FihYp6JVSiRdx
cD60g//k6xpu3G/ZfdejE9QxW0OkJcUZzNruZ6jcJ9WqDb/6ebKywfOP9Y8uKZHr
0hA1Wd6sVUK3WvIShcHFc4BRxZode9rzDiHSs302XtX5TiX1sHhMxhKZM9TVNAyN
S44FxqUUy1bhNmCICHBNwUd+dikZZU/YpRu18h7picwnlkFaej/GJzRSqyYcpPP5
nnxU7hHduizH7Pbyr91Qy2H6f8vuz+W5s0sclDqdBOZi997ckiOn8J9E1J9otNLE
sBY3dmmJd6ip2Q==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:48:33 2025 by rpki-client