Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          lAoVxBEytqGM55sQ7ZNfr/DuR7ml1kljDeKtu3MFdJY=
Subject key identifier:   20:E2:22:15:5B:9C:3B:E9:68:84:24:D8:E0:EB:44:E9:43:80:4E:78
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       0198816751AE7A94F21FE6D4315EB2F8644E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          161D
Signing time:             Wed 06 Aug 2025 22:01:28 +0000
Manifest this update:     Wed 06 Aug 2025 22:01:28 +0000
Manifest next update:     Thu 07 Aug 2025 22:01:28 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: fP3i8x+h4gQLPFNjg7u8lAEtAUNE6zEFIB/495MXdqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:51:ae:7a:94:f2:1f:e6:d4:31:5e:b2:f8:64:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Aug  6 22:01:28 2025 GMT
            Not After : Aug  7 22:01:28 2025 GMT
        Subject: CN=20e222155b9c3be9688424d8e0eb44e943804e78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:09:37:cd:ae:75:40:48:97:35:97:cb:e9:2b:
                    df:9b:45:0d:48:64:47:b3:96:1c:26:a9:09:94:26:
                    d2:26:64:23:83:64:9a:03:f9:74:99:e6:ff:ab:01:
                    e0:b4:43:80:28:d7:26:55:cc:b4:9b:d3:74:41:ab:
                    dd:8a:c8:02:1a:e6:fc:57:72:b8:69:5e:5b:24:cb:
                    ce:e0:a5:40:b7:ee:ae:c2:66:aa:63:50:61:40:ab:
                    9a:f0:cb:3a:f8:64:0f:ac:b7:26:83:8a:39:9b:41:
                    e1:b1:b0:7c:af:60:09:32:6e:d4:8e:30:58:c2:b7:
                    98:76:c0:f6:b1:93:65:29:39:56:80:1c:19:7b:0d:
                    66:c5:2f:5a:56:33:09:e5:74:9e:be:45:2e:87:6b:
                    1a:46:76:2d:d3:44:13:db:68:bc:35:41:0c:af:fa:
                    05:78:da:e2:3a:e3:23:de:f4:73:86:32:e7:1f:73:
                    01:02:3a:13:7d:83:a5:2b:ec:31:01:c6:3b:64:7f:
                    75:1b:d2:d9:1b:a7:0a:25:80:b8:88:03:2f:a2:5a:
                    2a:9a:33:c2:c4:ac:2f:70:dd:3f:91:33:1e:5c:b5:
                    19:dc:cc:f6:59:72:21:5a:fd:a1:74:07:b2:f4:8a:
                    af:92:3f:61:90:20:d0:40:a8:c5:97:75:bf:6a:15:
                    e7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:E2:22:15:5B:9C:3B:E9:68:84:24:D8:E0:EB:44:E9:43:80:4E:78
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:d1:ec:15:0f:ad:29:e7:92:63:d3:b3:66:be:52:19:29:4f:
         6c:ef:9c:b1:f9:97:5a:2b:6d:3e:2b:ff:66:86:bb:34:7a:94:
         dd:b0:6c:03:5d:10:86:be:93:cc:3c:b7:ff:62:7c:2a:c1:82:
         75:8c:3d:a8:2a:eb:46:63:11:8d:41:5a:d8:c9:27:b0:28:2f:
         db:9e:b2:58:d9:29:ec:e3:23:25:f7:29:88:50:22:fa:ec:67:
         83:68:9a:c8:fd:0a:30:70:7d:13:6f:96:ea:2b:e8:05:08:9b:
         51:c6:3e:d9:a1:01:a2:8b:03:59:c5:c2:7e:63:7c:1e:ff:65:
         d6:4b:fd:2c:71:f6:20:3d:cd:d0:0f:df:98:f4:bd:a0:9a:b9:
         21:42:a6:4c:94:b3:2a:49:96:e2:06:80:7f:92:9f:3a:86:3d:
         92:40:c1:7a:7d:b9:0e:84:1e:31:4b:90:29:0d:40:d9:b6:e3:
         61:42:fb:21:e6:8b:ef:4f:5e:a9:21:7e:8d:a9:d9:57:33:b4:
         42:63:b4:d1:64:4c:52:9f:d4:39:65:83:10:1c:da:2e:a0:37:
         e2:55:43:ce:a7:d0:c6:0c:f3:a1:b6:50:41:63:e5:58:04:a2:
         0b:9d:c2:af:ad:31:6c:51:78:47:8c:48:6f:75:16:b1:3e:bf:
         ce:e6:f8:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZ1GuepTyH+bUMV6y+GROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjUwODA2MjIwMTI4WhcNMjUwODA3MjIwMTI4WjAzMTEwLwYDVQQD
EygyMGUyMjIxNTViOWMzYmU5Njg4NDI0ZDhlMGViNDRlOTQzODA0ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ak3za51QEiXNZfL6Svfm0UNSGRH
s5YcJqkJlCbSJmQjg2SaA/l0meb/qwHgtEOAKNcmVcy0m9N0QavdisgCGub8V3K4
aV5bJMvO4KVAt+6uwmaqY1BhQKua8Ms6+GQPrLcmg4o5m0HhsbB8r2AJMm7UjjBY
wreYdsD2sZNlKTlWgBwZew1mxS9aVjMJ5XSevkUuh2saRnYt00QT22i8NUEMr/oF
eNriOuMj3vRzhjLnH3MBAjoTfYOlK+wxAcY7ZH91G9LZG6cKJYC4iAMvoloqmjPC
xKwvcN0/kTMeXLUZ3Mz2WXIhWv2hdAey9Iqvkj9hkCDQQKjFl3W/ahXnBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDiIhVbnDvpaIQk2ODrROlDgE54MB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhtHsFQ+t
KeeSY9OzZr5SGSlPbO+csfmXWittPiv/Zoa7NHqU3bBsA10Qhr6TzDy3/2J8KsGC
dYw9qCrrRmMRjUFa2MknsCgv256yWNkp7OMjJfcpiFAi+uxng2iayP0KMHB9E2+W
6ivoBQibUcY+2aEBoosDWcXCfmN8Hv9l1kv9LHH2ID3N0A/fmPS9oJq5IUKmTJSz
KkmW4gaAf5KfOoY9kkDBen25DoQeMUuQKQ1A2bbjYUL7IeaL709eqSF+janZVzO0
QmO00WRMUp/UOWWDEBzaLqA34lVDzqfQxgzzobZQQWPlWASiC53Cr60xbFF4R4xI
b3UWsT6/zub4GQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:21:37 2025 by rpki-client