Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
File:                     OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json)
Hash identifier:          N7yNQw9CSFZWs8u0G95GiUPEaYLJZl4FzTNKeTNYeuI=
Subject key identifier:   C7:AA:75:AE:F4:BB:8A:E9:B9:2D:19:D5:33:BD:1D:2F:39:3F:51:1E
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Certificate issuer:       /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial:       0198D515808E55FE67F40394800D893B4192
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
Manifest number:          0F0D
Signing time:             Sat 23 Aug 2025 04:00:12 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:12 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:12 +0000
Files and hashes:         1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: yhfvyF3xqKTJTj8EwaHDEB0F8EBMY3Ki5lGODa27Id0=)
                          2: T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa (hash: l/FPlArXvYmwy1iwUTLkf9bdXt1EQpVFOKjPM76DwnU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:80:8e:55:fe:67:f4:03:94:80:0d:89:3b:41:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
        Validity
            Not Before: Aug 23 04:00:12 2025 GMT
            Not After : Aug 24 04:00:12 2025 GMT
        Subject: CN=c7aa75aef4bb8ae9b92d19d533bd1d2f393f511e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:42:78:53:70:b9:6f:e7:c8:93:b3:c8:7b:f4:
                    8c:19:d1:75:ef:d7:85:d7:cf:f6:b7:26:39:32:e0:
                    95:78:c3:d4:f7:34:ae:12:24:fb:92:91:04:85:ca:
                    aa:f8:a6:25:93:fd:cb:6a:1d:eb:a4:47:22:03:81:
                    62:9d:bc:40:b6:3d:b0:51:5e:fa:7f:7b:82:7f:bf:
                    68:39:25:c4:be:53:a5:75:15:67:48:86:f6:78:7b:
                    6c:f6:bc:bd:a6:b3:50:a1:d0:98:f3:d4:ad:59:8c:
                    fc:6d:b3:ea:e4:96:03:2d:ef:30:55:51:4f:21:a7:
                    20:a4:16:02:28:e2:9d:88:cf:fb:e6:7c:bb:36:ce:
                    76:f6:28:66:bb:8b:6f:de:c5:97:a6:97:ce:ea:53:
                    f7:69:60:bf:58:f1:c6:85:c5:e0:4c:05:10:6a:2d:
                    33:de:10:c0:b2:a3:e9:12:ac:1c:50:5f:4e:e1:ea:
                    6b:37:26:24:f7:ad:6c:fd:b2:f5:75:07:79:62:bb:
                    22:cd:d6:74:fa:83:4e:c7:23:00:ad:ed:a1:f5:ad:
                    e0:21:3d:ef:70:47:5f:20:02:58:2a:59:66:c3:7c:
                    a6:0d:9c:f6:17:69:74:10:26:10:24:fc:ae:b7:d0:
                    23:fb:69:c9:73:29:65:73:b7:d5:82:23:10:05:8f:
                    0a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:AA:75:AE:F4:BB:8A:E9:B9:2D:19:D5:33:BD:1D:2F:39:3F:51:1E
            X509v3 Authority Key Identifier:
                keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:6a:2a:d0:a8:f3:3e:c7:09:9c:91:f3:3e:2d:54:cf:55:2b:
         f0:b7:54:44:1a:17:62:61:dd:b6:9f:8e:2c:0a:53:75:19:c3:
         5f:ba:50:f4:2a:86:6a:7d:79:44:3c:c1:82:e8:27:8c:ca:a4:
         46:59:ba:37:54:50:20:25:ac:94:33:c3:81:a8:e2:fa:a7:63:
         78:ba:87:24:84:8e:11:0d:4a:57:dc:de:8b:ba:30:c4:ab:b3:
         d4:30:09:bc:34:c3:d5:81:2c:17:c3:5b:f6:7a:37:2f:48:cc:
         00:cb:49:a6:22:05:96:7d:11:ec:c3:0f:cd:f5:53:c5:73:41:
         01:86:5f:0f:0b:01:d9:53:35:86:1c:28:94:93:8a:e6:75:24:
         c9:36:09:9d:6d:ad:a6:8a:77:1a:6e:c1:2f:d4:b8:8c:2a:3b:
         87:f3:91:38:6f:6f:15:49:a6:e6:48:4e:53:f0:2e:a7:24:96:
         a5:be:42:f4:62:34:d1:9c:92:86:88:4e:47:67:f5:de:b1:9c:
         73:13:1d:25:56:1d:b7:43:aa:19:78:f3:41:59:ab:10:e0:56:
         39:e8:3e:b3:90:96:17:7c:91:e4:86:ac:f6:a1:d4:5e:20:b4:
         d9:a9:3d:4d:31:83:bf:53:3d:b2:5a:37:37:85:27:a9:bd:f9:
         1a:9f:01:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFYCOVf5n9AOUgA2JO0GSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5
OWI1MjkwHhcNMjUwODIzMDQwMDEyWhcNMjUwODI0MDQwMDEyWjAzMTEwLwYDVQQD
EyhjN2FhNzVhZWY0YmI4YWU5YjkyZDE5ZDUzM2JkMWQyZjM5M2Y1MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UJ4U3C5b+fIk7PIe/SMGdF179eF
18/2tyY5MuCVeMPU9zSuEiT7kpEEhcqq+KYlk/3Lah3rpEciA4FinbxAtj2wUV76
f3uCf79oOSXEvlOldRVnSIb2eHts9ry9prNQodCY89StWYz8bbPq5JYDLe8wVVFP
IacgpBYCKOKdiM/75ny7Ns529ihmu4tv3sWXppfO6lP3aWC/WPHGhcXgTAUQai0z
3hDAsqPpEqwcUF9O4eprNyYk961s/bL1dQd5YrsizdZ0+oNOxyMAre2h9a3gIT3v
cEdfIAJYKllmw3ymDZz2F2l0ECYQJPyut9Aj+2nJcyllc7fVgiMQBY8KOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeqda70u4rpuS0Z1TO9HS85P1EeMB8GA1UdIwQY
MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt
YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj
LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAamoq0Kjz
PscJnJHzPi1Uz1Ur8LdURBoXYmHdtp+OLApTdRnDX7pQ9CqGan15RDzBgugnjMqk
Rlm6N1RQICWslDPDgaji+qdjeLqHJISOEQ1KV9zei7owxKuz1DAJvDTD1YEsF8Nb
9no3L0jMAMtJpiIFln0R7MMPzfVTxXNBAYZfDwsB2VM1hhwolJOK5nUkyTYJnW2t
pop3Gm7BL9S4jCo7h/OROG9vFUmm5khOU/AupySWpb5C9GI00ZyShohOR2f13rGc
cxMdJVYdt0OqGXjzQVmrEOBWOeg+s5CWF3yR5Ias9qHUXiC02ak9TTGDv1M9slo3
N4Unqb35Gp8Bdw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:35 2025 by rpki-client