Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
File:                     oLNzv45HcndefI_F-9Mpze5Eoyw.mft (raw, json)
Hash identifier:          dTWBjBPGJHpVPCLmny+8e3c/Jqyugkeor0Mb8RI8Nrk=
Subject key identifier:   60:8A:93:96:E3:29:A0:9F:98:BA:B3:9D:1C:A6:02:BA:ED:2D:55:F6
Authority key identifier: A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C
Certificate issuer:       /CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
Certificate serial:       01988BB34B3852ABB523B903E3071D1668F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
Manifest number:          1620
Signing time:             Fri 08 Aug 2025 22:00:39 +0000
Manifest this update:     Fri 08 Aug 2025 22:00:39 +0000
Manifest next update:     Sat 09 Aug 2025 22:00:39 +0000
Files and hashes:         1: oLNzv45HcndefI_F-9Mpze5Eoyw.crl (hash: wWSDp0iaYE4zHa71tMJPykcr4pcRfvhahtLtFUL4TJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:b3:4b:38:52:ab:b5:23:b9:03:e3:07:1d:16:68:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
        Validity
            Not Before: Aug  8 22:00:39 2025 GMT
            Not After : Aug  9 22:00:39 2025 GMT
        Subject: CN=608a9396e329a09f98bab39d1ca602baed2d55f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:91:08:ac:0b:ce:60:b1:1d:94:a5:98:bf:b0:
                    94:9d:7c:e8:e0:fe:5d:68:71:c4:2d:7b:84:79:77:
                    3a:2b:25:d5:d4:cc:54:f9:2c:d6:88:2c:1b:c7:56:
                    65:68:79:35:89:bd:f0:1f:a9:46:fb:a1:af:0e:df:
                    b3:5c:3a:10:3f:c3:fb:b8:4e:b1:0f:07:86:4a:ae:
                    39:33:63:18:f1:29:32:99:c3:6d:23:3d:17:05:bc:
                    4e:9e:96:8f:f1:7c:5c:f0:b8:87:c1:c8:8c:46:d9:
                    a4:63:b6:71:c0:4c:03:20:b0:e5:16:9c:b6:13:94:
                    50:3b:f6:63:98:86:07:9a:5c:26:6c:f8:4e:80:31:
                    86:5f:6a:da:46:5d:d0:49:65:e5:40:0f:a9:5c:ba:
                    77:ee:09:a2:e3:82:87:04:e6:e7:57:54:62:f8:0e:
                    44:b2:33:7c:bc:ac:83:c8:ec:f3:2c:7f:44:b3:9c:
                    94:82:5b:e0:5b:ac:c9:63:4c:54:c4:45:12:c6:f1:
                    bc:bd:ce:f3:be:e7:e2:49:6c:cd:a8:75:db:ac:9c:
                    ba:a1:62:58:37:94:ff:a3:0e:3e:c1:e6:ba:b3:fc:
                    d8:e8:0f:61:be:53:fa:9c:41:99:e6:c0:6d:7f:43:
                    7e:b3:71:f6:84:d5:fd:e4:eb:12:68:d4:22:df:82:
                    16:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:8A:93:96:E3:29:A0:9F:98:BA:B3:9D:1C:A6:02:BA:ED:2D:55:F6
            X509v3 Authority Key Identifier:
                keyid:A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:fb:41:28:f5:f0:0b:99:ed:41:1b:47:9e:84:4b:de:b5:af:
         f1:72:37:ef:46:fe:f7:36:8b:24:a4:74:57:b9:16:c3:76:93:
         2e:fb:c7:4a:31:2f:42:3e:41:f7:41:b0:d3:ae:f3:13:73:2e:
         89:35:e1:2e:dc:1a:4d:47:fc:6b:77:71:a4:74:72:69:ce:ed:
         dc:35:87:ee:47:5d:b6:06:ef:0d:01:6c:c4:a9:7e:fc:00:32:
         69:f9:5d:d0:c6:5a:d9:aa:f4:69:b3:ed:c8:66:0c:e8:27:b1:
         64:37:e6:29:52:a6:c1:3c:64:eb:fb:b1:96:0a:39:00:11:c8:
         9a:a2:7e:0e:8b:2f:db:98:ba:c1:cb:0e:54:26:d7:90:b9:27:
         88:35:87:f6:91:be:fa:c3:9a:da:64:85:19:11:ba:81:2f:ec:
         dc:8a:36:88:b6:93:09:46:c2:c5:fd:e5:56:7d:72:ec:96:c9:
         5a:a5:b3:46:4f:0b:cd:8b:4e:b5:59:68:79:01:c7:f4:06:3e:
         80:4a:1d:31:8b:f2:7f:03:4a:7e:58:fb:85:a6:02:9a:4a:82:
         9f:ed:5a:0f:af:2e:10:c1:31:76:5f:48:ff:e5:5f:2c:78:97:
         ea:7d:f7:48:cb:32:5e:20:9f:45:c4:80:f1:38:b5:c6:1a:49:
         86:a6:fd:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLs0s4Uqu1I7kD4wcdFmj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjM3M2JmOGU0NzcyNzc1ZTdjOGZjNWZiZDMyOWNkZWU0
NGEzMmMwHhcNMjUwODA4MjIwMDM5WhcNMjUwODA5MjIwMDM5WjAzMTEwLwYDVQQD
Eyg2MDhhOTM5NmUzMjlhMDlmOThiYWIzOWQxY2E2MDJiYWVkMmQ1NWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5EIrAvOYLEdlKWYv7CUnXzo4P5d
aHHELXuEeXc6KyXV1MxU+SzWiCwbx1ZlaHk1ib3wH6lG+6GvDt+zXDoQP8P7uE6x
DweGSq45M2MY8SkymcNtIz0XBbxOnpaP8Xxc8LiHwciMRtmkY7ZxwEwDILDlFpy2
E5RQO/ZjmIYHmlwmbPhOgDGGX2raRl3QSWXlQA+pXLp37gmi44KHBObnV1Ri+A5E
sjN8vKyDyOzzLH9Es5yUglvgW6zJY0xUxEUSxvG8vc7zvufiSWzNqHXbrJy6oWJY
N5T/ow4+wea6s/zY6A9hvlP6nEGZ5sBtf0N+s3H2hNX95OsSaNQi34IW4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCKk5bjKaCfmLqznRymArrtLVX2MB8GA1UdIwQY
MBaAFKCzc7+OR3J3XnyPxfvTKc3uRKMsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMt
ZWU1NTg1YWUxM2I3LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMtZWU1NTg1YWUxM2I3
LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQvtBKPXw
C5ntQRtHnoRL3rWv8XI370b+9zaLJKR0V7kWw3aTLvvHSjEvQj5B90Gw067zE3Mu
iTXhLtwaTUf8a3dxpHRyac7t3DWH7kddtgbvDQFsxKl+/AAyafld0MZa2ar0abPt
yGYM6CexZDfmKVKmwTxk6/uxlgo5ABHImqJ+Dosv25i6wcsOVCbXkLkniDWH9pG+
+sOa2mSFGRG6gS/s3Io2iLaTCUbCxf3lVn1y7JbJWqWzRk8LzYtOtVloeQHH9AY+
gEodMYvyfwNKflj7haYCmkqCn+1aD68uEMExdl9I/+VfLHiX6n33SMsyXiCfRcSA
8Ti1xhpJhqb9gA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:47:41 2025 by rpki-client