Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft
File:                     oI5By_3vrQuw4pckeswaIB0t9KA.mft (raw, json)
Hash identifier:          JJJJ/EQj7VRxVZUipJnT2VcgtZu5R1Zzj3J3cqCa2BI=
Subject key identifier:   E1:6F:8D:64:4B:32:E4:09:4A:F7:B1:71:89:39:28:6A:87:D4:48:BF
Authority key identifier: A0:8E:41:CB:FD:EF:AD:0B:B0:E2:97:24:7A:CC:1A:20:1D:2D:F4:A0
Certificate issuer:       /CN=a08e41cbfdefad0bb0e297247acc1a201d2df4a0
Certificate serial:       0198D515DCE384BD44D23B3CE1568121D01C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft
Manifest number:          11DD
Signing time:             Sat 23 Aug 2025 04:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:36 +0000
Files and hashes:         1: kaGph50MrnZk9_Ae5Md0JZHkmEM.roa (hash: KOuavh84jne4Oayx4KsSyaMHm/sNkEEba6rU0bPnEbc=)
                          2: oI5By_3vrQuw4pckeswaIB0t9KA.crl (hash: URJBFWQfFouiCcEoNZQFKCShQSC0GeprU+XgoJjoPmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:dc:e3:84:bd:44:d2:3b:3c:e1:56:81:21:d0:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a08e41cbfdefad0bb0e297247acc1a201d2df4a0
        Validity
            Not Before: Aug 23 04:00:36 2025 GMT
            Not After : Aug 24 04:00:36 2025 GMT
        Subject: CN=e16f8d644b32e4094af7b1718939286a87d448bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:da:8e:2e:4e:4c:15:55:6d:47:0a:56:d3:9f:
                    34:17:38:7b:78:b9:7b:fd:7f:01:5d:53:ec:62:fc:
                    06:ed:8d:75:e3:c8:27:8b:30:a3:37:b0:52:4b:cf:
                    a7:64:5a:b7:f8:22:8b:86:b3:d5:7e:54:02:f3:9e:
                    b3:d4:fa:12:9c:1e:fa:bb:1f:f4:ed:bc:fa:81:e1:
                    81:ec:93:a3:e0:d0:69:f6:0f:18:ba:95:d1:f6:75:
                    e8:2a:18:d9:19:a6:5a:82:50:99:be:e9:4d:1f:0e:
                    2f:12:e1:af:b7:0b:31:cf:33:8e:25:a4:48:01:0e:
                    fa:b8:48:4b:0b:dc:6e:d0:03:a6:f5:c6:5b:6b:a3:
                    e2:84:4b:18:2f:db:63:70:52:00:4f:88:cc:1f:02:
                    22:9a:52:87:e1:f5:03:38:3f:a6:84:59:e6:1c:ce:
                    0e:20:4c:57:21:49:a0:5e:d5:f2:c3:ce:37:63:82:
                    92:09:77:45:eb:be:63:43:a9:4b:3a:d8:7a:39:89:
                    ac:ef:32:16:a8:b8:8f:1b:44:eb:cc:5f:09:e4:fd:
                    56:b7:b4:11:90:19:2a:23:6c:67:3e:44:e3:4e:50:
                    ec:ed:49:1e:14:3a:81:eb:aa:24:6f:fe:7f:0b:f2:
                    ff:25:83:55:97:fb:e4:3d:3f:f2:0d:e7:31:b2:44:
                    5b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:6F:8D:64:4B:32:E4:09:4A:F7:B1:71:89:39:28:6A:87:D4:48:BF
            X509v3 Authority Key Identifier:
                keyid:A0:8E:41:CB:FD:EF:AD:0B:B0:E2:97:24:7A:CC:1A:20:1D:2D:F4:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:b7:a6:f2:58:58:b2:3b:a7:24:71:87:a0:a8:99:be:21:94:
         e8:94:e4:51:04:83:a0:b3:8e:55:2e:7b:cb:f4:6d:90:1a:a3:
         55:c8:73:14:b2:6f:7d:b9:a4:b9:42:7d:56:9d:22:2e:34:6c:
         96:99:9a:95:7c:61:6c:77:2d:c3:f8:90:4e:37:3e:aa:b0:53:
         e3:16:5d:8f:20:df:ba:1b:cd:30:9c:2d:40:0b:c0:76:75:48:
         ba:06:4c:78:46:3a:71:8a:86:d9:46:cb:fa:94:a0:81:76:a3:
         60:2f:d8:35:2c:bc:3c:03:fd:39:5f:54:0c:82:b9:ba:90:12:
         3c:42:53:58:ce:6d:33:f1:a0:fa:64:a1:48:9c:74:69:fa:9a:
         e6:7b:6f:b2:84:0c:e3:06:fa:a0:ac:c1:08:2a:cc:ef:29:d5:
         4e:a1:fb:85:9c:15:9e:b0:6c:6a:a8:21:b2:27:52:53:de:07:
         20:bd:39:e5:3d:2b:60:16:95:9e:0a:ed:c6:ad:a4:ee:cc:59:
         0f:f8:8f:95:ab:61:5d:b8:c5:db:a7:72:ef:65:f2:86:1b:7d:
         e5:9a:1b:2f:25:1d:1e:6b:4d:01:6a:b6:36:bf:ea:59:9d:8f:
         a4:05:4a:9e:a4:ce:bc:b8:0b:5f:eb:c8:9c:43:4e:fb:ce:ee:
         b9:8e:45:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFdzjhL1E0js84VaBIdAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOGU0MWNiZmRlZmFkMGJiMGUyOTcyNDdhY2MxYTIwMWQy
ZGY0YTAwHhcNMjUwODIzMDQwMDM2WhcNMjUwODI0MDQwMDM2WjAzMTEwLwYDVQQD
EyhlMTZmOGQ2NDRiMzJlNDA5NGFmN2IxNzE4OTM5Mjg2YTg3ZDQ0OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNqOLk5MFVVtRwpW0580Fzh7eLl7
/X8BXVPsYvwG7Y1148gnizCjN7BSS8+nZFq3+CKLhrPVflQC856z1PoSnB76ux/0
7bz6geGB7JOj4NBp9g8YupXR9nXoKhjZGaZaglCZvulNHw4vEuGvtwsxzzOOJaRI
AQ76uEhLC9xu0AOm9cZba6PihEsYL9tjcFIAT4jMHwIimlKH4fUDOD+mhFnmHM4O
IExXIUmgXtXyw843Y4KSCXdF675jQ6lLOth6OYms7zIWqLiPG0TrzF8J5P1Wt7QR
kBkqI2xnPkTjTlDs7UkeFDqB66okb/5/C/L/JYNVl/vkPT/yDecxskRbhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFvjWRLMuQJSvexcYk5KGqH1Ei/MB8GA1UdIwQY
MBaAFKCOQcv9760LsOKXJHrMGiAdLfSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC83YTgwNmMtMmYwOC00N2Q5LTljYzkt
NjU4ZDRjNDYyOGFkLzEvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC83YTgwNmMtMmYwOC00N2Q5LTljYzktNjU4ZDRjNDYyOGFk
LzEvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALbem8lhY
sjunJHGHoKiZviGU6JTkUQSDoLOOVS57y/RtkBqjVchzFLJvfbmkuUJ9Vp0iLjRs
lpmalXxhbHctw/iQTjc+qrBT4xZdjyDfuhvNMJwtQAvAdnVIugZMeEY6cYqG2UbL
+pSggXajYC/YNSy8PAP9OV9UDIK5upASPEJTWM5tM/Gg+mShSJx0afqa5ntvsoQM
4wb6oKzBCCrM7ynVTqH7hZwVnrBsaqghsidSU94HIL055T0rYBaVngrtxq2k7sxZ
D/iPlathXbjF26dy72Xyhht95ZobLyUdHmtNAWq2Nr/qWZ2PpAVKnqTOvLgLX+vI
nENO+87uuY5FaQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:40 2025 by rpki-client