Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          BKJ2vR2bxj6eQYeFiWp6WtO8fjS5J7UtNlnG5Rv+OXU=
Subject key identifier:   E4:2F:3F:18:66:32:FC:58:4C:93:03:04:F9:96:67:52:62:50:69:82
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       0198D660AB5898C1D3132C81F3C8FEEEBBA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          05A6
Signing time:             Sat 23 Aug 2025 10:01:56 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:56 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:56 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: hgGZ05U1kZ5psWLDxUMNQsd/6KkuwF+Hc7ovpIGDAmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:ab:58:98:c1:d3:13:2c:81:f3:c8:fe:ee:bb:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Aug 23 10:01:56 2025 GMT
            Not After : Aug 24 10:01:56 2025 GMT
        Subject: CN=e42f3f186632fc584c930304f996675262506982
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:65:72:7c:27:3f:d0:59:07:df:15:e5:35:c5:
                    d6:09:e2:31:5b:2f:b8:e2:a5:f4:28:7e:8c:1c:3e:
                    78:9f:58:19:d2:c5:40:63:6f:ca:bb:8f:b4:cf:17:
                    cc:35:7f:fc:f6:d4:c1:5c:fd:4f:bb:26:81:d8:0f:
                    c3:d7:ba:a5:c1:e4:89:5d:69:6f:b3:f6:b6:9b:6a:
                    f4:87:f0:89:07:c8:9b:c1:7e:75:00:3a:4d:8f:d3:
                    40:f1:fe:35:4c:56:22:57:52:8a:8e:bc:40:c9:05:
                    23:28:b3:1e:53:2f:18:50:f0:92:79:3d:3f:7c:a8:
                    55:e2:64:09:3e:c2:90:9a:dc:31:2d:f0:b9:89:31:
                    a8:e0:d4:c1:a4:de:09:c7:bd:cb:b0:d4:8e:5e:3f:
                    62:f1:54:ca:bc:72:7e:aa:a1:73:0d:df:11:ca:e1:
                    71:f3:7a:7c:f3:fe:3b:52:2c:11:62:0a:7a:f7:32:
                    f9:3c:d6:d6:08:44:3c:d7:d6:21:ea:df:0e:77:01:
                    eb:94:b8:02:6e:14:d5:ae:46:df:03:35:7d:09:07:
                    db:a3:0c:a6:b9:0e:30:33:7b:2f:c7:05:4e:fc:b3:
                    15:97:25:1c:98:a8:56:8e:d4:b8:5e:18:45:53:55:
                    88:bb:49:37:ac:a2:a0:4a:1c:49:d1:c1:27:b3:62:
                    2c:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:2F:3F:18:66:32:FC:58:4C:93:03:04:F9:96:67:52:62:50:69:82
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:bd:67:6c:36:5d:f4:88:16:91:41:3f:88:84:2a:f1:95:bd:
         75:c6:2c:6b:53:36:0a:58:57:0d:e0:a9:e9:f5:17:42:6f:1b:
         74:dd:21:74:f1:3d:85:2f:42:67:7a:67:f2:c4:11:0e:2b:d2:
         03:af:cc:34:c8:79:37:3e:92:f8:54:60:61:88:4d:65:76:7a:
         05:50:ae:bf:f8:db:a6:1a:29:be:68:ff:40:9d:4f:c9:46:30:
         40:a2:8c:3f:f3:3b:ff:3d:c4:8e:bf:58:c2:96:16:19:3e:f0:
         40:9d:a5:4d:85:97:19:a4:26:8d:f6:bb:00:4d:75:3d:d2:27:
         29:25:d8:1e:ad:77:f6:fb:2a:29:7d:2d:1d:dc:5f:4f:3c:e6:
         72:ae:43:84:49:d5:4d:66:50:1f:9d:ce:ab:08:5c:37:b3:2e:
         97:ad:8f:5d:d4:d2:79:ec:b5:5e:4b:40:0a:bc:8c:cb:96:80:
         8d:9d:77:a8:34:9d:70:fe:f6:5e:63:39:fd:46:dc:d1:58:28:
         53:f9:8d:72:86:81:4f:43:f1:bf:29:27:b7:37:c6:e4:05:dc:
         af:af:2e:ca:27:aa:2d:2e:f3:aa:39:d3:14:94:49:56:01:27:
         98:54:17:f0:d0:c4:50:2e:f8:4b:38:2b:93:75:60:3c:09:42:
         2c:35:ea:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYKtYmMHTEyyB88j+7ruhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUwODIzMTAwMTU2WhcNMjUwODI0MTAwMTU2WjAzMTEwLwYDVQQD
EyhlNDJmM2YxODY2MzJmYzU4NGM5MzAzMDRmOTk2Njc1MjYyNTA2OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmVyfCc/0FkH3xXlNcXWCeIxWy+4
4qX0KH6MHD54n1gZ0sVAY2/Ku4+0zxfMNX/89tTBXP1PuyaB2A/D17qlweSJXWlv
s/a2m2r0h/CJB8ibwX51ADpNj9NA8f41TFYiV1KKjrxAyQUjKLMeUy8YUPCSeT0/
fKhV4mQJPsKQmtwxLfC5iTGo4NTBpN4Jx73LsNSOXj9i8VTKvHJ+qqFzDd8RyuFx
83p88/47UiwRYgp69zL5PNbWCEQ819Yh6t8OdwHrlLgCbhTVrkbfAzV9CQfbowym
uQ4wM3svxwVO/LMVlyUcmKhWjtS4XhhFU1WIu0k3rKKgShxJ0cEns2Is4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQvPxhmMvxYTJMDBPmWZ1JiUGmCMB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHL1nbDZd
9IgWkUE/iIQq8ZW9dcYsa1M2ClhXDeCp6fUXQm8bdN0hdPE9hS9CZ3pn8sQRDivS
A6/MNMh5Nz6S+FRgYYhNZXZ6BVCuv/jbphopvmj/QJ1PyUYwQKKMP/M7/z3Ejr9Y
wpYWGT7wQJ2lTYWXGaQmjfa7AE11PdInKSXYHq139vsqKX0tHdxfTzzmcq5DhEnV
TWZQH53OqwhcN7Mul62PXdTSeey1XktACryMy5aAjZ13qDSdcP72XmM5/Ubc0Vgo
U/mNcoaBT0PxvykntzfG5AXcr68uyieqLS7zqjnTFJRJVgEnmFQX8NDEUC74Szgr
k3VgPAlCLDXq4g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:26 2025 by rpki-client