Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File:                     OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier:          og9dG7ILtX26vPFIlz9xVOaf4lNY5dWeeFBt43lKMDM=
Subject key identifier:   9F:7B:BB:55:1D:1B:C3:5C:27:00:E1:07:9A:24:34:F5:64:A9:69:AE
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer:       /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial:       019A00DA6B64603F2AA786C542EA947AF4A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number:          1673
Signing time:             Mon 20 Oct 2025 09:01:45 +0000
Manifest this update:     Mon 20 Oct 2025 09:01:45 +0000
Manifest next update:     Tue 21 Oct 2025 09:01:45 +0000
Files and hashes:         1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: 1/gv5LJFy+X9NDWkZISLzr7vWW2hbsYI0o8m2mOTVGU=)
                          2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:da:6b:64:60:3f:2a:a7:86:c5:42:ea:94:7a:f4:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
        Validity
            Not Before: Oct 20 09:01:45 2025 GMT
            Not After : Oct 21 09:01:45 2025 GMT
        Subject: CN=9f7bbb551d1bc35c2700e1079a2434f564a969ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fa:0f:a5:c2:e3:7e:f6:ef:53:74:7d:a5:22:
                    5a:5c:ce:36:d3:99:02:9e:3d:f8:e8:87:07:bb:df:
                    1a:e7:18:d1:5b:58:d7:fa:9d:b7:6f:e1:ad:28:68:
                    56:e3:59:4e:52:6a:80:b9:b3:26:62:a4:1c:87:8c:
                    d7:80:a7:8c:b9:03:4f:39:fe:ec:22:8a:d4:7f:6a:
                    2e:a1:7e:03:b6:68:76:42:72:bc:bb:b6:0c:db:fc:
                    9e:e3:30:de:fe:c0:be:be:21:c1:7e:78:6d:19:d5:
                    c1:24:7e:79:eb:e7:8f:97:b9:23:ec:9e:a9:c5:6a:
                    58:7f:0e:22:93:06:c2:57:c1:31:13:8f:99:54:7d:
                    4a:f0:7c:40:a6:2e:0a:7f:c3:86:4e:75:f8:fa:13:
                    7a:02:18:f7:a2:59:1c:65:af:ad:2f:53:4b:09:09:
                    d0:e3:53:1b:bc:69:d5:36:09:f4:f2:11:27:96:94:
                    55:76:e4:10:eb:c5:b0:bd:e5:8f:79:6e:55:57:5e:
                    d0:be:d2:24:0d:8e:79:f4:46:25:ac:ae:8f:6c:92:
                    26:2d:83:9f:f5:27:4a:e7:94:9b:34:26:d2:0d:54:
                    65:f7:34:ec:cb:46:8a:68:23:e8:2f:63:10:f9:1e:
                    ec:9d:20:86:bb:a5:7f:11:2a:1d:cd:15:49:b1:c6:
                    3a:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:7B:BB:55:1D:1B:C3:5C:27:00:E1:07:9A:24:34:F5:64:A9:69:AE
            X509v3 Authority Key Identifier:
                keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:4b:d4:cd:8f:4e:e3:b1:83:4f:83:d7:a6:ce:11:e2:3a:8a:
         10:af:5c:e6:54:69:db:7b:10:45:c4:9b:48:2d:c6:99:b2:37:
         77:66:12:4a:72:b6:b7:3d:bc:fd:33:b8:a2:fb:34:5f:fd:ac:
         77:c6:98:d5:9c:2b:3e:8c:e7:d7:9b:40:a6:17:d1:54:f1:6d:
         51:65:43:26:a0:95:f3:88:3e:85:90:cf:a8:bd:a2:cb:12:76:
         a5:fb:c5:75:61:a3:2a:34:bf:d7:4b:0c:38:90:d3:67:ad:64:
         01:ae:f9:96:b6:69:a1:6b:d9:86:fe:39:b1:fc:fe:62:1c:90:
         34:9c:cf:d4:bc:ad:3c:2a:66:32:1a:51:2b:43:af:a0:e6:00:
         cd:b5:aa:93:79:51:83:5c:b0:b6:1b:0d:26:b4:7a:0f:89:c4:
         94:9c:ba:2b:19:88:d6:e3:cd:04:63:b7:49:ca:9a:ce:aa:41:
         6a:e3:47:5e:24:7b:79:c0:2c:54:e3:5b:1c:ee:49:37:b9:27:
         75:92:a6:e6:86:2b:47:8d:af:ab:f6:4e:f8:f7:91:3a:59:0c:
         3f:51:6d:10:25:d3:99:ad:3c:af:32:17:f0:11:cc:ec:50:3c:
         3d:67:79:7c:14:1d:fb:14:99:8b:92:69:59:ff:fc:a5:07:d3:
         4b:70:d7:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2mtkYD8qp4bFQuqUevSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUxMDIwMDkwMTQ1WhcNMjUxMDIxMDkwMTQ1WjAzMTEwLwYDVQQD
Eyg5ZjdiYmI1NTFkMWJjMzVjMjcwMGUxMDc5YTI0MzRmNTY0YTk2OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfoPpcLjfvbvU3R9pSJaXM4205kC
nj346IcHu98a5xjRW1jX+p23b+GtKGhW41lOUmqAubMmYqQch4zXgKeMuQNPOf7s
IorUf2ouoX4Dtmh2QnK8u7YM2/ye4zDe/sC+viHBfnhtGdXBJH556+ePl7kj7J6p
xWpYfw4ikwbCV8ExE4+ZVH1K8HxApi4Kf8OGTnX4+hN6Ahj3olkcZa+tL1NLCQnQ
41MbvGnVNgn08hEnlpRVduQQ68WwveWPeW5VV17QvtIkDY559EYlrK6PbJImLYOf
9SdK55SbNCbSDVRl9zTsy0aKaCPoL2MQ+R7snSCGu6V/ESodzRVJscY6sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ97u1UdG8NcJwDhB5okNPVkqWmuMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcUvUzY9O
47GDT4PXps4R4jqKEK9c5lRp23sQRcSbSC3GmbI3d2YSSnK2tz28/TO4ovs0X/2s
d8aY1ZwrPozn15tAphfRVPFtUWVDJqCV84g+hZDPqL2iyxJ2pfvFdWGjKjS/10sM
OJDTZ61kAa75lrZpoWvZhv45sfz+YhyQNJzP1LytPCpmMhpRK0OvoOYAzbWqk3lR
g1ywthsNJrR6D4nElJy6KxmI1uPNBGO3ScqazqpBauNHXiR7ecAsVONbHO5JN7kn
dZKm5oYrR42vq/ZO+PeROlkMP1FtECXTma08rzIX8BHM7FA8PWd5fBQd+xSZi5Jp
Wf/8pQfTS3DXQA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:01:40 2025 by rpki-client