Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
File:                     otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json)
Hash identifier:          Bu5a4zHIswmFxVWV3pqkzQg+mk5l+fWzEphLSco5I+M=
Subject key identifier:   7B:CC:92:3E:81:42:20:4D:29:3E:09:1E:A3:4E:1C:94:E5:84:20:CA
Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
Certificate issuer:       /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Certificate serial:       0198D660C613A7F0A49A10CEBD2295E3F226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
Manifest number:          086D
Signing time:             Sat 23 Aug 2025 10:02:02 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:02 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:02 +0000
Files and hashes:         1: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: amiHh8aIeWkt2cWXIMQDLDodHEQnUfRG3vj5eKGrnLw=)
                          2: uWHHQqBwsm-RgF6BGlPrCIiU5u8.roa (hash: c70DUe86Dscr+BOk1RbQf+gmFBszpSvbzYy8111R1f4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:c6:13:a7:f0:a4:9a:10:ce:bd:22:95:e3:f2:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
        Validity
            Not Before: Aug 23 10:02:02 2025 GMT
            Not After : Aug 24 10:02:02 2025 GMT
        Subject: CN=7bcc923e8142204d293e091ea34e1c94e58420ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:33:8e:45:8a:60:1d:d8:f9:2a:a0:40:b0:d6:
                    52:a7:f4:22:74:f3:07:94:f2:ed:fd:16:08:17:cd:
                    87:47:61:8a:f4:3f:e5:c5:1d:04:3d:00:5b:76:a3:
                    43:4f:dd:e0:c9:1a:eb:72:77:e5:97:de:4c:5d:bd:
                    84:a9:73:b6:ca:04:4b:7e:fc:59:20:f4:a0:d0:1b:
                    46:b1:3b:0d:7d:a4:a0:09:94:5b:ea:d5:4b:b7:03:
                    b6:3a:f5:69:b2:80:9f:2c:00:7a:7b:46:b1:02:c9:
                    a5:fc:94:ca:7b:a9:98:a7:f5:15:1f:59:dc:c6:88:
                    8d:f9:5d:a5:ec:a3:f1:c9:a2:0c:24:09:0c:4c:63:
                    bc:7e:26:0e:05:9c:fc:a6:23:51:1d:1e:25:3e:fe:
                    03:97:a4:d2:a7:a4:44:94:77:1d:8a:cb:9d:1d:79:
                    22:ea:36:57:ed:bd:9a:f3:d0:b1:52:2a:c4:cb:a3:
                    e3:e4:e9:da:50:9a:88:48:db:e0:d8:aa:59:8a:70:
                    21:ee:ca:78:ab:10:d4:90:ba:f5:39:c9:4f:4e:e0:
                    80:bb:d4:05:f8:88:1e:b9:7f:e2:e6:93:3f:47:7d:
                    51:d5:bb:4d:9e:67:ef:26:85:93:ce:11:fc:19:81:
                    bf:c5:df:ef:99:25:a7:91:46:24:d6:42:f6:27:16:
                    e5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:CC:92:3E:81:42:20:4D:29:3E:09:1E:A3:4E:1C:94:E5:84:20:CA
            X509v3 Authority Key Identifier:
                keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:83:78:46:ea:1f:94:49:91:86:da:d1:4d:62:a7:c7:1c:62:
         4b:49:10:96:96:92:0b:00:96:0d:b5:d4:fa:b2:5b:e4:1e:81:
         1e:c8:19:e9:6f:7d:c2:97:fa:d7:11:fa:d1:53:74:75:86:47:
         74:ac:02:bd:13:db:93:e4:08:fd:74:88:b8:25:be:9f:4b:5e:
         bd:07:01:30:22:e2:a0:fb:f1:e3:0d:c7:a0:4d:15:c0:15:bb:
         01:72:30:48:8c:ac:c4:e1:57:84:0c:34:62:ce:a5:ed:b5:d2:
         7c:6f:13:7e:9b:4e:39:58:fc:59:cb:2a:a3:a8:3b:dd:9d:20:
         95:0d:e4:ad:ba:cf:31:a0:49:34:c9:86:4a:31:bd:3c:d2:a1:
         8d:92:c0:c7:39:b7:bf:34:ca:ad:7e:36:11:ea:ad:2d:20:cc:
         e3:c3:a0:d3:b9:3d:73:d7:8f:d6:a7:96:3f:5b:95:bf:45:62:
         9a:3e:63:85:b6:f9:17:7b:36:bb:bb:5c:b6:f0:8b:4a:f0:81:
         96:69:8f:6a:2b:e3:2a:8a:ca:cf:3e:21:3c:98:d4:09:a7:f4:
         3c:26:5e:a3:5b:02:5c:1b:bc:f2:22:b8:74:56:5c:30:bb:dc:
         f8:7d:b8:7d:37:90:5f:6f:31:56:90:3e:c2:dc:9a:17:64:44:
         2f:69:62:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYMYTp/CkmhDOvSKV4/ImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw
YTM2ZjkwHhcNMjUwODIzMTAwMjAyWhcNMjUwODI0MTAwMjAyWjAzMTEwLwYDVQQD
Eyg3YmNjOTIzZTgxNDIyMDRkMjkzZTA5MWVhMzRlMWM5NGU1ODQyMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjOORYpgHdj5KqBAsNZSp/QidPMH
lPLt/RYIF82HR2GK9D/lxR0EPQBbdqNDT93gyRrrcnfll95MXb2EqXO2ygRLfvxZ
IPSg0BtGsTsNfaSgCZRb6tVLtwO2OvVpsoCfLAB6e0axAsml/JTKe6mYp/UVH1nc
xoiN+V2l7KPxyaIMJAkMTGO8fiYOBZz8piNRHR4lPv4Dl6TSp6RElHcdisudHXki
6jZX7b2a89CxUirEy6Pj5OnaUJqISNvg2KpZinAh7sp4qxDUkLr1OclPTuCAu9QF
+IgeuX/i5pM/R31R1btNnmfvJoWTzhH8GYG/xd/vmSWnkUYk1kL2Jxbl/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvMkj6BQiBNKT4JHqNOHJTlhCDKMB8GA1UdIwQY
MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt
ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2
LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIN4Ruof
lEmRhtrRTWKnxxxiS0kQlpaSCwCWDbXU+rJb5B6BHsgZ6W99wpf61xH60VN0dYZH
dKwCvRPbk+QI/XSIuCW+n0tevQcBMCLioPvx4w3HoE0VwBW7AXIwSIysxOFXhAw0
Ys6l7bXSfG8TfptOOVj8Wcsqo6g73Z0glQ3krbrPMaBJNMmGSjG9PNKhjZLAxzm3
vzTKrX42EeqtLSDM48Og07k9c9eP1qeWP1uVv0Vimj5jhbb5F3s2u7tctvCLSvCB
lmmPaivjKorKzz4hPJjUCaf0PCZeo1sCXBu88iK4dFZcMLvc+H24fTeQX28xVpA+
wtyaF2REL2liSw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:38 2025 by rpki-client