Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft (raw, json)
Hash identifier:          zNokdzI8N3er4i0tm38QyfBE8JUjSS2jYUDSKZKIFjk=
Subject key identifier:   AD:C9:5C:8E:E8:0E:60:D6:E8:D8:B1:2F:8D:EB:D3:F7:19:EF:E8:EC
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       01976DAB6CD7C444927507067FBD6FA3284E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
Manifest number:          1354
Signing time:             Sat 14 Jun 2025 09:00:40 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:40 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:40 +0000
Files and hashes:         1: 0dOOZcxouEyBwDParynks7StwHE.roa (hash: JJ6ZudJMCas3SwJxwt6lm5WwMowMP1vWjiYzBqRT97Y=)
                          2: 0j_F7ObjeWM_-MDv2vnltyDHFUk.roa (hash: OsaLtzwPIW8gqCsltJsusg8e34JBn85Om/z5CrRK5Uo=)
                          3: 2sVCpnUAKblWh9v7qVEsEKRUfWA.roa (hash: 1CKYprr2EavvDbIEOzey7tbCXji3ClAfurVr7rHadc8=)
                          4: 7-L8h3vxgPMOucvJUyn6jvtlWq4.roa (hash: JqzKMiGM9qG/KoIssHAuY0XkXfUrBvh/Eg7mCU+N938=)
                          5: 9oLYcSPHMvCe-Pv2M_rza63XTow.roa (hash: wcB89ybRT1IhIFGZVbatLp94YXi4OhrbT8jvmNnsE+Y=)
                          6: FlI6inWj2TmnnIGOS7ZVGBf_bD0.roa (hash: 5X+YWS6gSiJ/Tn7alo0GG3dyffx54L0u6yH14DDRlbA=)
                          7: GaWyzUO0HJeBjasyRqC97NsCSD4.roa (hash: UvlgjWI3E2c5HU/6Dd5CAeuvj7bfQfjld2BSF5GNKKQ=)
                          8: IVO47FxImh-y3rWgAak5j9Lhqu0.roa (hash: UCZgxxNbeCBV4XvQFqq64x8nscbBvfYrvynDklgIEQw=)
                          9: JA31DZScZvYIwJfErV7LU6Pm8FI.roa (hash: j2dwdPSin1EaN8bZ47DvZWD73l5sMHPdzBMxjZwMols=)
                          10: OeMnrV0nVX6DCpX5ruJ0icY3qZM.roa (hash: CYtkRKt0tKCgVnuKUn9N15L60FkF9ZK/0wKUSmI7zGM=)
                          11: P3PfwPwkcE040d3Qr-D90iwF4_k.roa (hash: T1rptYAIYRS6lWsTlrVwQbPRhxvEwgxKU1Xm6hHDr7M=)
                          12: SYg89xuEXUG6bMD7Pl2CsVBcmVo.roa (hash: FafX8OoXWchxsyj8C7cAZtH+8tr3bEqU6ajEo9eZfcQ=)
                          13: V05XtxLuNAQpoO5H9P1IS4dSoX4.roa (hash: LXCIEksdGEPZzBTCWjbFwGM6+GL06zblhdET9a+UUAU=)
                          14: h6WkXFQCalKSUE8qQsL0s6At9NA.roa (hash: xC7sZws2p6+JMX2/NZkkNUsOt0/rPDjC11vfXSnqVOc=)
                          15: hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl (hash: QfhBxwwbNvVaCePSRWxW1U9SRkCBixL7wTIPIeAi8v4=)
                          16: ijQaYqsX36Iual-crRkacGaVc58.roa (hash: ccJw28PP5f/TupBMNwlADhguaBvKtjfCXWHuFYXPLzA=)
                          17: tta7Y8CGam3Bk5ymO6HtDo5JmhU.roa (hash: XDbIU4BmGkvASLJz4BGT9b/lR8c31GenOVU33j6ph6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:6c:d7:c4:44:92:75:07:06:7f:bd:6f:a3:28:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jun 14 09:00:40 2025 GMT
            Not After : Jun 15 09:00:40 2025 GMT
        Subject: CN=adc95c8ee80e60d6e8d8b12f8debd3f719efe8ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:81:99:ab:90:af:9f:5d:86:16:a2:e3:89:f7:
                    63:d2:06:54:41:fb:a3:d5:59:5f:25:52:2f:c7:55:
                    56:9a:30:b6:02:5c:28:78:0b:04:05:75:94:99:aa:
                    9d:43:36:89:a4:8d:98:54:bc:1d:d4:2c:76:f9:7e:
                    d8:48:83:d8:68:a2:95:8a:a9:92:8e:ad:a7:2f:91:
                    56:c2:b6:46:d5:6f:cd:8e:c1:ce:4c:89:72:b7:87:
                    38:24:03:2e:d5:14:c9:c5:34:ba:0b:54:c5:1c:7e:
                    e9:b0:a9:c4:ad:9f:a3:de:99:0f:e7:44:7c:b9:f2:
                    61:e3:f0:03:de:ca:c3:19:12:ad:95:0b:4f:1c:40:
                    4c:f8:61:0e:bb:7d:e7:20:4e:d4:75:8d:78:28:10:
                    97:ca:2a:14:de:29:cc:ec:f3:31:94:87:8c:af:e0:
                    32:85:ac:f8:e7:06:9c:8d:50:c5:14:08:55:79:da:
                    47:b2:4b:79:8b:7e:e5:0d:f6:93:c5:28:2d:b8:26:
                    0d:88:a5:1b:5f:8d:23:80:63:59:b4:43:a5:a3:ac:
                    c0:78:8e:3e:88:02:a5:f1:e3:f8:ec:28:8a:b8:e1:
                    2c:3d:fb:7c:ea:8c:2a:4f:26:9c:44:fb:f7:f9:06:
                    cb:96:a7:01:f1:e4:68:13:b7:f3:ab:3d:70:31:3f:
                    0c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:C9:5C:8E:E8:0E:60:D6:E8:D8:B1:2F:8D:EB:D3:F7:19:EF:E8:EC
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:a2:b2:b9:c1:c7:0e:de:b8:bd:50:98:cc:37:d9:83:91:06:
         81:19:11:18:cf:ea:f2:35:1b:a3:09:8e:f3:bc:c1:b0:4f:11:
         a5:c3:cc:73:63:f9:9f:14:a4:36:c2:d8:77:be:cd:c7:9a:89:
         4f:c9:f6:ad:3d:c0:10:9c:6f:0c:c7:e9:b3:8d:e7:66:be:da:
         46:78:f2:db:d9:00:bc:fd:d6:d1:70:44:05:5f:eb:fd:a8:df:
         20:ca:7c:ed:67:56:17:ae:68:58:c4:ee:7d:4c:67:19:99:d5:
         3d:b2:ff:09:a7:ff:70:d2:8a:51:ab:76:88:25:f2:d9:b2:f8:
         57:19:11:50:ce:f3:9c:fc:12:ef:42:50:fe:a3:1e:66:63:0b:
         4a:f2:3e:4c:f8:46:f5:13:56:3d:ce:93:e3:31:74:3b:c2:e0:
         01:b9:ba:0a:b6:d4:a9:7b:b7:06:c6:37:f2:a5:3c:ee:c4:74:
         49:08:35:37:8f:75:af:33:c0:63:4e:6b:12:e0:8d:fe:1b:28:
         13:c4:b7:4e:55:95:0c:35:13:76:39:fe:07:bc:8d:25:78:c7:
         ca:bb:96:d0:43:43:4b:08:ae:59:16:88:42:a9:cd:13:82:51:
         91:16:c4:dc:03:2c:58:22:e4:74:8e:38:6f:6c:9f:bd:1a:c0:
         53:9e:3a:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq2zXxESSdQcGf71voyhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUwNjE0MDkwMDQwWhcNMjUwNjE1MDkwMDQwWjAzMTEwLwYDVQQD
EyhhZGM5NWM4ZWU4MGU2MGQ2ZThkOGIxMmY4ZGViZDNmNzE5ZWZlOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIGZq5Cvn12GFqLjifdj0gZUQfuj
1VlfJVIvx1VWmjC2AlwoeAsEBXWUmaqdQzaJpI2YVLwd1Cx2+X7YSIPYaKKViqmS
jq2nL5FWwrZG1W/NjsHOTIlyt4c4JAMu1RTJxTS6C1TFHH7psKnErZ+j3pkP50R8
ufJh4/AD3srDGRKtlQtPHEBM+GEOu33nIE7UdY14KBCXyioU3inM7PMxlIeMr+Ay
haz45wacjVDFFAhVedpHskt5i37lDfaTxSgtuCYNiKUbX40jgGNZtEOlo6zAeI4+
iAKl8eP47CiKuOEsPft86owqTyacRPv3+QbLlqcB8eRoE7fzqz1wMT8MiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3JXI7oDmDW6NixL43r0/cZ7+jsMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6KyucHH
Dt64vVCYzDfZg5EGgRkRGM/q8jUbowmO87zBsE8RpcPMc2P5nxSkNsLYd77Nx5qJ
T8n2rT3AEJxvDMfps43nZr7aRnjy29kAvP3W0XBEBV/r/ajfIMp87WdWF65oWMTu
fUxnGZnVPbL/Caf/cNKKUat2iCXy2bL4VxkRUM7znPwS70JQ/qMeZmMLSvI+TPhG
9RNWPc6T4zF0O8LgAbm6CrbUqXu3BsY38qU87sR0SQg1N491rzPAY05rEuCN/hso
E8S3TlWVDDUTdjn+B7yNJXjHyruW0ENDSwiuWRaIQqnNE4JRkRbE3AMsWCLkdI44
b2yfvRrAU546vw==
-----END CERTIFICATE-----