Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          0tU4xdZFDC6355NsPeH6QSyzNq6ja1+gEE+NAyE4VOk=
Subject key identifier:   F7:69:6F:00:C8:52:8C:AD:06:9E:B4:15:BC:83:1D:E1:39:C8:34:C0
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       0198D4E083387C1DC5539A622AD18017F5FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 03:02:20 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:20 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:20 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: twL7ymI89BKWGbv3GgjOytTU2K+ksC3VtlLpvivoRvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:83:38:7c:1d:c5:53:9a:62:2a:d1:80:17:f5:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Aug 23 03:02:20 2025 GMT
            Not After : Aug 24 03:02:20 2025 GMT
        Subject: CN=f7696f00c8528cad069eb415bc831de139c834c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:da:42:6e:f5:1f:f0:38:f4:8a:9e:78:e6:a1:
                    90:00:31:42:99:71:fd:52:d9:dc:7c:29:68:bf:ff:
                    7e:90:33:97:19:be:29:93:ec:7a:ba:d0:11:70:4d:
                    ee:33:90:22:cc:03:f7:ec:69:b9:09:b0:89:bd:d6:
                    62:d7:8f:99:b0:e8:97:27:5e:e5:d2:26:4a:0d:43:
                    be:44:8f:32:36:90:71:0a:be:51:06:14:c2:2e:be:
                    1a:f8:1f:1d:9d:60:26:61:d4:a9:61:05:72:09:84:
                    cf:55:6b:97:81:74:78:ea:4d:37:63:e7:ae:51:ba:
                    2c:ed:ce:65:ec:5a:87:75:42:aa:d6:e3:86:2c:7a:
                    5f:44:9d:7d:7d:86:39:f5:70:05:2f:68:42:20:53:
                    3c:6f:18:eb:e5:5c:34:03:94:c9:c6:ce:b7:d2:5c:
                    f8:3f:d3:4a:81:6d:ff:cc:ce:95:f8:d3:49:cc:74:
                    f7:56:87:08:17:e8:8f:40:c3:e0:3d:c1:ac:af:ed:
                    3c:5b:9a:cd:d1:02:b6:6b:79:8f:17:0e:ba:72:3c:
                    0c:d1:49:51:15:a5:d7:b9:fe:a3:55:17:65:7e:86:
                    f5:f9:e6:36:23:8d:1b:78:1e:1b:42:47:54:75:02:
                    7e:75:f5:5b:25:95:f0:3c:87:fa:c8:f3:f6:7f:ca:
                    e5:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:69:6F:00:C8:52:8C:AD:06:9E:B4:15:BC:83:1D:E1:39:C8:34:C0
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:51:df:16:90:88:97:37:31:c0:78:c4:63:e0:8e:89:99:d7:
         7b:ab:5b:1d:96:6f:7b:a9:2a:3e:2e:ba:ce:ba:48:66:24:c2:
         6c:13:6a:36:79:04:96:80:ee:bd:4e:c5:4e:95:d5:6a:47:f3:
         22:4c:95:76:c0:45:db:36:66:be:15:9c:01:7d:ef:91:8d:2d:
         82:a1:fb:89:52:b1:de:76:62:19:de:bc:9e:e8:59:af:6c:f2:
         bc:01:5f:14:e9:02:75:1b:23:88:50:af:a6:bb:87:c0:7c:22:
         bb:16:28:42:8e:32:3a:0f:60:8b:52:e2:15:99:02:30:5b:a9:
         51:89:1f:d6:05:b6:58:ac:82:c3:30:0f:c1:4d:9c:ef:a2:a3:
         f2:d9:43:ba:e0:d1:ad:55:14:35:91:0f:ef:03:c2:6c:d6:b1:
         82:27:8f:7b:04:e8:39:e0:c6:73:14:77:dc:8c:1d:8b:f6:97:
         d6:be:ab:f5:89:96:a3:8b:87:77:27:31:d3:18:8c:86:17:67:
         e2:4b:d7:a3:5b:65:31:9d:3d:31:d5:14:dd:16:bb:1f:ac:cf:
         7d:61:e1:11:72:72:75:b1:9c:97:ee:0f:72:4b:7f:ee:c4:a0:
         6f:09:78:8f:91:15:dc:9f:9d:65:24:28:84:a3:17:ae:c7:f0:
         8d:69:38:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4IM4fB3FU5piKtGAF/X/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwODIzMDMwMjIwWhcNMjUwODI0MDMwMjIwWjAzMTEwLwYDVQQD
EyhmNzY5NmYwMGM4NTI4Y2FkMDY5ZWI0MTViYzgzMWRlMTM5YzgzNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttpCbvUf8Dj0ip545qGQADFCmXH9
UtncfClov/9+kDOXGb4pk+x6utARcE3uM5AizAP37Gm5CbCJvdZi14+ZsOiXJ17l
0iZKDUO+RI8yNpBxCr5RBhTCLr4a+B8dnWAmYdSpYQVyCYTPVWuXgXR46k03Y+eu
Ubos7c5l7FqHdUKq1uOGLHpfRJ19fYY59XAFL2hCIFM8bxjr5Vw0A5TJxs630lz4
P9NKgW3/zM6V+NNJzHT3VocIF+iPQMPgPcGsr+08W5rN0QK2a3mPFw66cjwM0UlR
FaXXuf6jVRdlfob1+eY2I40beB4bQkdUdQJ+dfVbJZXwPIf6yPP2f8rlGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdpbwDIUoytBp60FbyDHeE5yDTAMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs1HfFpCI
lzcxwHjEY+COiZnXe6tbHZZve6kqPi66zrpIZiTCbBNqNnkEloDuvU7FTpXVakfz
IkyVdsBF2zZmvhWcAX3vkY0tgqH7iVKx3nZiGd68nuhZr2zyvAFfFOkCdRsjiFCv
pruHwHwiuxYoQo4yOg9gi1LiFZkCMFupUYkf1gW2WKyCwzAPwU2c76Kj8tlDuuDR
rVUUNZEP7wPCbNaxgiePewToOeDGcxR33Iwdi/aX1r6r9YmWo4uHdycx0xiMhhdn
4kvXo1tlMZ09MdUU3Ra7H6zPfWHhEXJydbGcl+4Pckt/7sSgbwl4j5EV3J+dZSQo
hKMXrsfwjWk4DQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:44 2025 by rpki-client