Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
File:                     o2osPu23l22c4wRYHyNTL-y0bn8.mft (raw, json)
Hash identifier:          rEm/USW+kHdkpGXptTvQJR/jMerCN04sa+v9wHaWwLk=
Subject key identifier:   41:F0:2F:E4:07:A6:30:D1:C1:FB:AF:74:FD:9B:1B:BF:85:39:2F:B2
Authority key identifier: A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F
Certificate issuer:       /CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
Certificate serial:       0199FC58327005693457B824301C959171C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:02 +0000
Files and hashes:         1: o2osPu23l22c4wRYHyNTL-y0bn8.crl (hash: sAxt4A8vXGnVtPsfj6QeuRYg3pJnSxa8OS3TcinEL08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:32:70:05:69:34:57:b8:24:30:1c:95:91:71:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
        Validity
            Not Before: Oct 19 12:01:02 2025 GMT
            Not After : Oct 20 12:01:02 2025 GMT
        Subject: CN=41f02fe407a630d1c1fbaf74fd9b1bbf85392fb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b4:82:92:44:f7:46:a6:04:cb:c6:03:af:6a:
                    30:03:2e:40:fd:5b:dc:ac:8f:d1:7f:07:bb:bf:46:
                    5c:72:6a:c4:4b:26:41:5d:a3:af:b9:9c:d9:0b:fe:
                    b8:2c:e5:ad:aa:76:0d:55:69:bc:d8:6b:da:af:9f:
                    54:50:b4:c2:59:26:d4:3f:5d:a0:99:9a:38:eb:b9:
                    d2:f5:fd:f9:37:0f:fd:63:2c:fa:8c:2c:7c:d1:d6:
                    d9:a0:e0:c3:4c:08:b0:94:c8:57:60:4c:19:e8:bc:
                    0a:0f:16:9b:82:c4:3b:21:fd:33:c9:d4:a9:a3:41:
                    0e:6f:01:0d:a5:08:79:84:2e:17:13:f6:4a:a6:36:
                    ec:a0:89:8d:bd:0f:a9:65:80:1e:c6:75:a6:e3:6d:
                    ee:53:f1:8f:09:ff:7f:81:56:4c:8f:af:f7:25:a9:
                    1a:30:05:03:1d:ba:34:93:6b:8a:11:28:fb:59:25:
                    d8:7e:ff:49:c3:b2:55:af:65:95:7a:a3:c8:57:9d:
                    64:4f:b6:80:85:0b:44:e5:34:b7:84:0b:36:29:45:
                    6e:64:0c:22:48:d4:dc:7f:c6:23:1a:a9:e2:7f:3a:
                    31:f3:8a:4c:0b:c0:df:0d:e1:bd:c6:50:6c:20:aa:
                    34:41:58:ba:16:97:3d:ff:f7:50:63:5f:8c:31:6f:
                    50:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:F0:2F:E4:07:A6:30:D1:C1:FB:AF:74:FD:9B:1B:BF:85:39:2F:B2
            X509v3 Authority Key Identifier:
                keyid:A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:0f:c3:54:92:3f:8d:27:04:1f:28:fa:9d:91:3e:c2:1d:97:
         0d:60:bf:8d:8c:21:f3:db:96:7e:bc:ae:57:54:7d:a4:c7:e4:
         1c:c1:70:48:81:7e:f6:51:73:ef:35:5f:ce:8d:45:5a:4f:c9:
         95:1c:91:1e:c6:63:7a:4d:c1:f4:d7:8d:1a:4d:d5:dd:cc:73:
         13:c7:67:ed:bb:73:0f:68:e9:7f:59:a9:c2:b3:4a:7a:62:9c:
         7f:a1:3f:67:90:7a:43:f9:49:07:e0:28:af:8f:d5:bb:30:18:
         2a:d5:9a:77:d3:5e:fd:3a:aa:0a:4d:38:93:91:50:e7:12:56:
         26:a3:22:cf:09:5c:bf:1f:08:73:29:16:69:ce:a8:e1:1f:92:
         d5:5a:9f:b5:d5:e2:bc:a9:12:89:19:7a:30:66:36:90:e9:ae:
         c4:32:8d:4a:f7:50:3c:8e:b2:8f:95:9e:a9:aa:cf:be:58:1c:
         a1:9d:80:00:50:87:48:96:5b:a0:00:8d:ef:b9:d6:35:c1:dc:
         84:96:6f:dc:f9:d3:85:60:92:1e:c3:2a:65:da:6c:41:30:05:
         7b:03:42:ee:c1:3f:5d:a1:49:96:8c:13:f9:db:ee:89:b1:f0:
         1d:57:1e:c5:19:f0:fd:1c:0f:7d:92:16:1b:8d:e6:47:5e:7b:
         92:11:4c:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WDJwBWk0V7gkMByVkXHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmEyYzNlZWRiNzk3NmQ5Y2UzMDQ1ODFmMjM1MzJmZWNi
NDZlN2YwHhcNMjUxMDE5MTIwMTAyWhcNMjUxMDIwMTIwMTAyWjAzMTEwLwYDVQQD
Eyg0MWYwMmZlNDA3YTYzMGQxYzFmYmFmNzRmZDliMWJiZjg1MzkyZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbSCkkT3RqYEy8YDr2owAy5A/Vvc
rI/Rfwe7v0ZccmrESyZBXaOvuZzZC/64LOWtqnYNVWm82Gvar59UULTCWSbUP12g
mZo467nS9f35Nw/9Yyz6jCx80dbZoODDTAiwlMhXYEwZ6LwKDxabgsQ7If0zydSp
o0EObwENpQh5hC4XE/ZKpjbsoImNvQ+pZYAexnWm423uU/GPCf9/gVZMj6/3Jaka
MAUDHbo0k2uKESj7WSXYfv9Jw7JVr2WVeqPIV51kT7aAhQtE5TS3hAs2KUVuZAwi
SNTcf8YjGqnifzox84pMC8DfDeG9xlBsIKo0QVi6Fpc9//dQY1+MMW9QbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHwL+QHpjDRwfuvdP2bG7+FOS+yMB8GA1UdIwQY
MBaAFKNqLD7tt5dtnOMEWB8jUy/stG5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGIt
ZGRlMTkyM2JhNzI0LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGItZGRlMTkyM2JhNzI0
LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPw/DVJI/
jScEHyj6nZE+wh2XDWC/jYwh89uWfryuV1R9pMfkHMFwSIF+9lFz7zVfzo1FWk/J
lRyRHsZjek3B9NeNGk3V3cxzE8dn7btzD2jpf1mpwrNKemKcf6E/Z5B6Q/lJB+Ao
r4/VuzAYKtWad9Ne/TqqCk04k5FQ5xJWJqMizwlcvx8IcykWac6o4R+S1VqftdXi
vKkSiRl6MGY2kOmuxDKNSvdQPI6yj5WeqarPvlgcoZ2AAFCHSJZboACN77nWNcHc
hJZv3PnThWCSHsMqZdpsQTAFewNC7sE/XaFJlowT+dvuibHwHVcexRnw/RwPfZIW
G43mR157khFMkg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:03 2025 by rpki-client