Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft (raw, json)
Hash identifier:          8UIzw3Y/eCcAH4LPppsNkg3sYLobsW3KDJ3n0EkaGlA=
Subject key identifier:   D4:5F:B7:A9:10:DA:29:EE:A0:E4:3E:CE:9D:D9:78:2F:BC:56:48:DC
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0196729DE16D2799CD888CBAFED63C94BF53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
Manifest number:          12D2
Signing time:             Sat 26 Apr 2025 15:01:11 +0000
Manifest this update:     Sat 26 Apr 2025 15:01:11 +0000
Manifest next update:     Sun 27 Apr 2025 15:01:11 +0000
Files and hashes:         1: 0dOOZcxouEyBwDParynks7StwHE.roa (hash: JJ6ZudJMCas3SwJxwt6lm5WwMowMP1vWjiYzBqRT97Y=)
                          2: 0j_F7ObjeWM_-MDv2vnltyDHFUk.roa (hash: OsaLtzwPIW8gqCsltJsusg8e34JBn85Om/z5CrRK5Uo=)
                          3: 2sVCpnUAKblWh9v7qVEsEKRUfWA.roa (hash: 1CKYprr2EavvDbIEOzey7tbCXji3ClAfurVr7rHadc8=)
                          4: 7-L8h3vxgPMOucvJUyn6jvtlWq4.roa (hash: JqzKMiGM9qG/KoIssHAuY0XkXfUrBvh/Eg7mCU+N938=)
                          5: 9oLYcSPHMvCe-Pv2M_rza63XTow.roa (hash: wcB89ybRT1IhIFGZVbatLp94YXi4OhrbT8jvmNnsE+Y=)
                          6: FlI6inWj2TmnnIGOS7ZVGBf_bD0.roa (hash: 5X+YWS6gSiJ/Tn7alo0GG3dyffx54L0u6yH14DDRlbA=)
                          7: GaWyzUO0HJeBjasyRqC97NsCSD4.roa (hash: UvlgjWI3E2c5HU/6Dd5CAeuvj7bfQfjld2BSF5GNKKQ=)
                          8: IVO47FxImh-y3rWgAak5j9Lhqu0.roa (hash: UCZgxxNbeCBV4XvQFqq64x8nscbBvfYrvynDklgIEQw=)
                          9: JA31DZScZvYIwJfErV7LU6Pm8FI.roa (hash: j2dwdPSin1EaN8bZ47DvZWD73l5sMHPdzBMxjZwMols=)
                          10: OeMnrV0nVX6DCpX5ruJ0icY3qZM.roa (hash: CYtkRKt0tKCgVnuKUn9N15L60FkF9ZK/0wKUSmI7zGM=)
                          11: P3PfwPwkcE040d3Qr-D90iwF4_k.roa (hash: T1rptYAIYRS6lWsTlrVwQbPRhxvEwgxKU1Xm6hHDr7M=)
                          12: SYg89xuEXUG6bMD7Pl2CsVBcmVo.roa (hash: FafX8OoXWchxsyj8C7cAZtH+8tr3bEqU6ajEo9eZfcQ=)
                          13: V05XtxLuNAQpoO5H9P1IS4dSoX4.roa (hash: LXCIEksdGEPZzBTCWjbFwGM6+GL06zblhdET9a+UUAU=)
                          14: h6WkXFQCalKSUE8qQsL0s6At9NA.roa (hash: xC7sZws2p6+JMX2/NZkkNUsOt0/rPDjC11vfXSnqVOc=)
                          15: hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl (hash: 6ZJp1uYC7D5DA5EdkUYoV5608E0t4XhbeZv0FLb37S0=)
                          16: ijQaYqsX36Iual-crRkacGaVc58.roa (hash: ccJw28PP5f/TupBMNwlADhguaBvKtjfCXWHuFYXPLzA=)
                          17: tta7Y8CGam3Bk5ymO6HtDo5JmhU.roa (hash: XDbIU4BmGkvASLJz4BGT9b/lR8c31GenOVU33j6ph6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 11:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:72:9d:e1:6d:27:99:cd:88:8c:ba:fe:d6:3c:94:bf:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Apr 26 15:01:11 2025 GMT
            Not After : Apr 27 15:01:11 2025 GMT
        Subject: CN=d45fb7a910da29eea0e43ece9dd9782fbc5648dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:c5:3f:32:b4:3e:01:de:47:3e:12:e3:17:ee:
                    8c:2d:5c:f3:3f:07:f5:3e:53:03:61:c4:2c:be:83:
                    f1:11:d0:6b:99:85:34:52:4c:90:0a:54:7d:6c:d2:
                    c3:ce:0e:2d:fe:40:31:62:d5:88:e7:5e:7f:a6:ec:
                    39:d2:9e:f6:fc:3a:2a:8a:d6:77:00:72:7c:c5:0c:
                    17:d3:56:38:eb:d8:25:eb:30:57:fa:b2:da:37:4d:
                    46:d5:de:f1:8c:45:66:93:28:dd:ac:dc:d4:df:a1:
                    cd:bc:a1:9f:93:ae:3e:e5:b4:8b:94:b7:e2:43:e4:
                    6b:d3:03:9f:2a:ef:64:47:f0:ac:d9:19:d1:8b:53:
                    50:aa:51:74:9e:01:22:c0:d1:93:4c:7a:f6:b6:8f:
                    ca:22:60:8d:4c:5a:73:33:30:bb:78:90:0d:0b:28:
                    3d:c6:4d:b4:8b:30:33:63:c0:0a:cd:d4:b6:cf:5a:
                    91:3d:a5:07:58:84:3e:fe:5b:76:7d:e0:2d:86:9f:
                    0e:3a:9b:10:39:e7:f9:e1:34:72:e2:21:9c:b3:50:
                    32:20:22:45:c8:e2:25:ae:07:47:3e:5d:82:34:67:
                    64:9e:82:b9:71:7d:17:d3:b1:bb:76:09:96:64:b0:
                    65:97:f2:b2:3f:c7:0c:18:8b:c5:d6:60:d6:a5:79:
                    d4:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:5F:B7:A9:10:DA:29:EE:A0:E4:3E:CE:9D:D9:78:2F:BC:56:48:DC
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:c8:e6:31:05:9a:3d:51:4f:ce:46:f8:0b:e2:fe:36:a4:7f:
         c1:d5:91:e0:55:6d:40:82:0e:c6:e3:a3:e0:83:9f:5c:b0:e0:
         a1:c7:ba:8b:4d:b1:66:39:0b:ad:3c:7d:69:9e:d1:cd:ec:21:
         fc:e5:fd:36:f3:14:a2:13:79:23:a7:32:80:97:47:bd:1a:09:
         11:d2:94:95:a2:fa:e3:22:33:e2:7f:60:2e:c1:3d:b1:b0:a7:
         e3:d2:e8:52:4a:0e:6d:7a:85:41:2c:8f:84:6f:b2:44:ac:59:
         2d:ed:84:c7:b8:80:8d:c3:2a:c9:e4:b2:3c:a1:94:20:ed:87:
         c0:d3:bf:e4:17:1f:02:6c:66:f6:5a:8b:a5:df:42:e9:63:50:
         fe:9b:2c:fa:04:46:05:29:5c:4c:f8:f5:5b:f0:97:5f:3d:73:
         36:78:fe:ac:4d:ce:54:09:5f:a8:86:bb:8e:4a:17:ea:82:01:
         f8:78:b0:a0:d4:84:22:d0:b3:b0:61:45:06:4b:4b:67:d5:79:
         5f:79:2d:f1:ed:c5:b8:ce:d4:f4:04:c7:fc:77:dc:9b:e5:3b:
         03:a7:dc:b9:06:dd:38:f1:48:12:91:17:ce:97:ef:34:37:2d:
         ba:08:87:b4:98:bb:8f:61:73:14:12:fb:91:85:9d:5b:ab:3e:
         a5:01:8c:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZyneFtJ5nNiIy6/tY8lL9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUwNDI2MTUwMTExWhcNMjUwNDI3MTUwMTExWjAzMTEwLwYDVQQD
EyhkNDVmYjdhOTEwZGEyOWVlYTBlNDNlY2U5ZGQ5NzgyZmJjNTY0OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMU/MrQ+Ad5HPhLjF+6MLVzzPwf1
PlMDYcQsvoPxEdBrmYU0UkyQClR9bNLDzg4t/kAxYtWI515/puw50p72/DoqitZ3
AHJ8xQwX01Y469gl6zBX+rLaN01G1d7xjEVmkyjdrNzU36HNvKGfk64+5bSLlLfi
Q+Rr0wOfKu9kR/Cs2RnRi1NQqlF0ngEiwNGTTHr2to/KImCNTFpzMzC7eJANCyg9
xk20izAzY8AKzdS2z1qRPaUHWIQ+/lt2feAthp8OOpsQOef54TRy4iGcs1AyICJF
yOIlrgdHPl2CNGdknoK5cX0X07G7dgmWZLBll/KyP8cMGIvF1mDWpXnUQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRft6kQ2inuoOQ+zp3ZeC+8VkjcMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABcjmMQWa
PVFPzkb4C+L+NqR/wdWR4FVtQIIOxuOj4IOfXLDgoce6i02xZjkLrTx9aZ7Rzewh
/OX9NvMUohN5I6cygJdHvRoJEdKUlaL64yIz4n9gLsE9sbCn49LoUkoObXqFQSyP
hG+yRKxZLe2Ex7iAjcMqyeSyPKGUIO2HwNO/5BcfAmxm9lqLpd9C6WNQ/pss+gRG
BSlcTPj1W/CXXz1zNnj+rE3OVAlfqIa7jkoX6oIB+HiwoNSEItCzsGFFBktLZ9V5
X3kt8e3FuM7U9ATH/Hfcm+U7A6fcuQbdOPFIEpEXzpfvNDctugiHtJi7j2FzFBL7
kYWdW6s+pQGMIw==
-----END CERTIFICATE-----