Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
File:                     ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft (raw, json)
Hash identifier:          42tTCwI27Sp3z9vqtO3MZPb29RXvBfY7vGsPBm9+yo4=
Subject key identifier:   AA:1B:10:DD:4F:AB:54:F6:5C:D7:4F:06:51:DA:45:85:35:3C:C5:F9
Authority key identifier: 66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8
Certificate issuer:       /CN=6683a96cf511a67919d900f3fc934099341f87d8
Certificate serial:       0197B88FCFED7B7BFB2F98DA57F049F5412D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
Manifest number:          0D95
Signing time:             Sat 28 Jun 2025 22:02:01 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:01 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:01 +0000
Files and hashes:         1: ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl (hash: oMfer0VyP3pFLX0XoxjED3zIl23hmADsxYoWOyenAD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:cf:ed:7b:7b:fb:2f:98:da:57:f0:49:f5:41:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6683a96cf511a67919d900f3fc934099341f87d8
        Validity
            Not Before: Jun 28 22:02:01 2025 GMT
            Not After : Jun 29 22:02:01 2025 GMT
        Subject: CN=aa1b10dd4fab54f65cd74f0651da4585353cc5f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:17:d0:8a:cd:a0:66:c8:d7:6a:48:76:4c:2d:
                    e3:31:dd:df:e3:45:c9:e4:74:36:6c:c9:93:98:31:
                    f8:51:99:aa:9f:b4:7b:a1:79:2b:59:53:fa:be:c3:
                    6b:8a:50:82:54:51:8b:53:eb:31:87:ad:af:a7:16:
                    ba:a4:0d:a1:ea:50:64:01:a9:53:17:c9:56:d7:bb:
                    b8:93:fc:fe:cf:38:46:9a:1e:9b:ac:22:db:6a:55:
                    79:2f:0c:19:55:42:1f:a9:15:6e:58:42:6d:f9:0e:
                    cd:03:25:54:50:ae:41:a8:2f:25:6e:95:05:f8:b0:
                    2f:ff:25:11:49:aa:78:d5:60:2c:a2:b0:3d:f7:63:
                    26:2b:21:63:f1:e5:e8:81:fb:b7:b6:9e:93:60:3f:
                    e3:d7:77:c2:05:7c:7f:14:f9:99:27:0d:0a:00:b7:
                    95:8b:a3:a4:20:4f:de:42:5e:b8:42:64:d5:07:92:
                    e7:fe:45:04:a6:f1:65:6b:14:74:06:b1:e5:cb:f2:
                    13:d9:d1:c5:8e:e5:ff:bc:5f:53:7c:40:0b:b4:8e:
                    40:c8:f0:f5:79:73:e8:39:a2:38:f5:32:03:ee:ff:
                    b7:80:c1:67:a9:e5:86:fe:9c:22:75:5a:25:86:e5:
                    2e:8c:d5:3a:da:b6:2d:1a:fc:7e:20:65:25:d3:03:
                    c4:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:1B:10:DD:4F:AB:54:F6:5C:D7:4F:06:51:DA:45:85:35:3C:C5:F9
            X509v3 Authority Key Identifier:
                keyid:66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:61:30:39:93:af:77:11:b2:54:ed:b3:15:31:ef:ec:0f:af:
         4c:cc:ab:c3:eb:30:c0:b5:46:30:b9:a3:f8:e9:b1:7d:b7:61:
         1d:61:c0:64:eb:6c:01:0e:79:25:55:c6:a0:88:62:0a:9d:f7:
         06:ca:be:85:f0:48:d0:67:57:97:e0:a9:67:d9:66:fc:73:58:
         48:51:2f:5e:73:ef:c2:d0:f9:55:42:8d:fd:8e:0e:3a:f3:5b:
         3d:11:29:17:b7:16:cd:da:c8:c6:52:d4:fb:a6:e6:93:47:b2:
         4f:97:de:42:a1:ed:a5:1a:b8:5d:11:91:9c:ba:58:31:b5:39:
         af:88:48:dc:9f:eb:f2:18:f0:98:03:67:1e:6e:ae:71:96:ab:
         aa:8a:24:09:ba:7f:0a:a8:b2:c0:42:bd:df:61:27:3a:e1:5c:
         d8:be:91:8f:10:d0:ba:ae:cf:dc:1b:63:f0:cc:24:37:91:4c:
         8b:b6:a8:3b:58:3d:95:13:73:fa:0b:d4:5c:b1:ef:7f:07:d1:
         b7:1f:c8:2f:d7:93:c9:59:ae:c3:31:ae:91:cf:ee:fa:23:15:
         3f:a2:96:07:74:ff:1f:52:d0:0c:b9:bf:54:3f:f1:b9:e6:c3:
         07:69:05:9d:12:81:19:fc:80:3b:e1:a6:8e:c1:9d:3b:cb:7a:
         05:47:84:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j8/te3v7L5jaV/BJ9UEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODNhOTZjZjUxMWE2NzkxOWQ5MDBmM2ZjOTM0MDk5MzQx
Zjg3ZDgwHhcNMjUwNjI4MjIwMjAxWhcNMjUwNjI5MjIwMjAxWjAzMTEwLwYDVQQD
EyhhYTFiMTBkZDRmYWI1NGY2NWNkNzRmMDY1MWRhNDU4NTM1M2NjNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBfQis2gZsjXakh2TC3jMd3f40XJ
5HQ2bMmTmDH4UZmqn7R7oXkrWVP6vsNrilCCVFGLU+sxh62vpxa6pA2h6lBkAalT
F8lW17u4k/z+zzhGmh6brCLbalV5LwwZVUIfqRVuWEJt+Q7NAyVUUK5BqC8lbpUF
+LAv/yURSap41WAsorA992MmKyFj8eXogfu3tp6TYD/j13fCBXx/FPmZJw0KALeV
i6OkIE/eQl64QmTVB5Ln/kUEpvFlaxR0BrHly/IT2dHFjuX/vF9TfEALtI5AyPD1
eXPoOaI49TID7v+3gMFnqeWG/pwidVolhuUujNU62rYtGvx+IGUl0wPEdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKobEN1Pq1T2XNdPBlHaRYU1PMX5MB8GA1UdIwQY
MBaAFGaDqWz1EaZ5GdkA8/yTQJk0H4fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgt
YWUzMDY4NmM4NTg5LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgtYWUzMDY4NmM4NTg5
LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU2EwOZOv
dxGyVO2zFTHv7A+vTMyrw+swwLVGMLmj+OmxfbdhHWHAZOtsAQ55JVXGoIhiCp33
Bsq+hfBI0GdXl+CpZ9lm/HNYSFEvXnPvwtD5VUKN/Y4OOvNbPREpF7cWzdrIxlLU
+6bmk0eyT5feQqHtpRq4XRGRnLpYMbU5r4hI3J/r8hjwmANnHm6ucZarqookCbp/
CqiywEK932EnOuFc2L6RjxDQuq7P3Btj8MwkN5FMi7aoO1g9lRNz+gvUXLHvfwfR
tx/IL9eTyVmuwzGukc/u+iMVP6KWB3T/H1LQDLm/VD/xuebDB2kFnRKBGfyAO+Gm
jsGdO8t6BUeEdA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:17:35 2025 by rpki-client