Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft (raw, json)
Hash identifier:          zzUjtLH9XopjUKpbML1YpaWwtMXpqP7kj1xbmdI34/o=
Subject key identifier:   59:9A:1D:DB:89:79:8D:E2:41:AF:BF:8C:8A:05:61:5B:C7:38:46:85
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0198744FEE4C2B95764ED2A1E9FB59234513
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
Manifest number:          13DC
Signing time:             Mon 04 Aug 2025 09:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:52 +0000
Files and hashes:         1: 0dOOZcxouEyBwDParynks7StwHE.roa (hash: JJ6ZudJMCas3SwJxwt6lm5WwMowMP1vWjiYzBqRT97Y=)
                          2: 0j_F7ObjeWM_-MDv2vnltyDHFUk.roa (hash: OsaLtzwPIW8gqCsltJsusg8e34JBn85Om/z5CrRK5Uo=)
                          3: 2sVCpnUAKblWh9v7qVEsEKRUfWA.roa (hash: 1CKYprr2EavvDbIEOzey7tbCXji3ClAfurVr7rHadc8=)
                          4: 7-L8h3vxgPMOucvJUyn6jvtlWq4.roa (hash: JqzKMiGM9qG/KoIssHAuY0XkXfUrBvh/Eg7mCU+N938=)
                          5: 9oLYcSPHMvCe-Pv2M_rza63XTow.roa (hash: wcB89ybRT1IhIFGZVbatLp94YXi4OhrbT8jvmNnsE+Y=)
                          6: FlI6inWj2TmnnIGOS7ZVGBf_bD0.roa (hash: 5X+YWS6gSiJ/Tn7alo0GG3dyffx54L0u6yH14DDRlbA=)
                          7: GaWyzUO0HJeBjasyRqC97NsCSD4.roa (hash: UvlgjWI3E2c5HU/6Dd5CAeuvj7bfQfjld2BSF5GNKKQ=)
                          8: IVO47FxImh-y3rWgAak5j9Lhqu0.roa (hash: UCZgxxNbeCBV4XvQFqq64x8nscbBvfYrvynDklgIEQw=)
                          9: JA31DZScZvYIwJfErV7LU6Pm8FI.roa (hash: j2dwdPSin1EaN8bZ47DvZWD73l5sMHPdzBMxjZwMols=)
                          10: OeMnrV0nVX6DCpX5ruJ0icY3qZM.roa (hash: CYtkRKt0tKCgVnuKUn9N15L60FkF9ZK/0wKUSmI7zGM=)
                          11: P3PfwPwkcE040d3Qr-D90iwF4_k.roa (hash: T1rptYAIYRS6lWsTlrVwQbPRhxvEwgxKU1Xm6hHDr7M=)
                          12: SYg89xuEXUG6bMD7Pl2CsVBcmVo.roa (hash: FafX8OoXWchxsyj8C7cAZtH+8tr3bEqU6ajEo9eZfcQ=)
                          13: V05XtxLuNAQpoO5H9P1IS4dSoX4.roa (hash: LXCIEksdGEPZzBTCWjbFwGM6+GL06zblhdET9a+UUAU=)
                          14: h6WkXFQCalKSUE8qQsL0s6At9NA.roa (hash: xC7sZws2p6+JMX2/NZkkNUsOt0/rPDjC11vfXSnqVOc=)
                          15: hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl (hash: AAPdNPlqIpm4emqrt8Bm4Zuou2AkfnBMC72rZTPqpfc=)
                          16: ijQaYqsX36Iual-crRkacGaVc58.roa (hash: ccJw28PP5f/TupBMNwlADhguaBvKtjfCXWHuFYXPLzA=)
                          17: tta7Y8CGam3Bk5ymO6HtDo5JmhU.roa (hash: XDbIU4BmGkvASLJz4BGT9b/lR8c31GenOVU33j6ph6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:ee:4c:2b:95:76:4e:d2:a1:e9:fb:59:23:45:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Aug  4 09:00:52 2025 GMT
            Not After : Aug  5 09:00:52 2025 GMT
        Subject: CN=599a1ddb89798de241afbf8c8a05615bc7384685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ce:e7:05:04:81:ca:7f:82:d0:01:fa:12:d3:
                    2a:c1:90:72:85:37:0b:ed:93:bf:65:f7:a3:c0:5f:
                    d4:fb:f1:74:70:70:08:2d:f2:7d:8b:7a:3a:56:f4:
                    25:94:77:85:e0:8d:67:7f:e7:19:e8:86:ce:36:6f:
                    4d:66:c4:51:44:a6:ed:79:6b:08:f0:8f:fc:a9:95:
                    4c:3a:de:11:b3:61:91:22:c3:f8:59:a6:e1:f1:4d:
                    cb:b5:61:a6:90:f6:61:88:09:c7:e6:fa:d4:68:81:
                    52:ee:d2:bb:88:5c:a8:87:ae:2a:97:13:73:85:d2:
                    ed:43:a7:42:7c:b9:fb:2c:57:6a:54:b9:d4:27:ea:
                    27:3f:d4:e9:93:25:38:e8:35:aa:9e:51:7a:27:eb:
                    b8:54:da:dd:9a:48:00:bc:c3:55:6a:08:44:5d:cd:
                    b1:b2:da:86:6c:d4:0b:b3:4d:75:f9:23:67:46:5e:
                    77:0d:b4:83:44:18:98:9b:61:50:02:e4:f5:37:7f:
                    73:bc:36:24:a0:a0:3e:ab:83:29:35:87:d2:75:66:
                    c3:4e:0d:ed:d1:f9:72:40:ff:a2:0b:77:93:55:43:
                    fd:2f:16:29:14:0d:f3:54:41:b2:ec:9a:bd:1a:80:
                    9e:3e:03:2b:43:c7:6d:8c:ce:b3:7e:32:e5:cb:db:
                    25:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:9A:1D:DB:89:79:8D:E2:41:AF:BF:8C:8A:05:61:5B:C7:38:46:85
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:18:23:b4:7a:97:b0:b4:dd:75:db:6b:ab:42:07:6f:68:d2:
         b8:a7:7c:f8:1e:b8:db:7e:e2:db:8c:5f:7f:18:ee:96:51:e3:
         01:21:db:ff:d8:51:c2:65:f6:50:66:4a:64:65:d0:df:d3:c1:
         42:b7:b5:ca:6e:d0:65:fa:1e:d7:f0:0b:7f:76:2b:a9:39:98:
         58:38:21:fd:88:9c:1b:80:9d:e5:88:3f:da:f4:ab:e1:f1:df:
         dd:0c:17:ef:1a:0b:5c:be:f8:2e:54:8a:81:27:8f:5b:ee:a7:
         ba:d5:71:bd:1e:5b:4f:b8:f1:78:02:0c:5a:3f:ba:31:19:6c:
         64:e0:25:50:23:55:8f:0e:02:cd:53:6d:e4:8c:ca:c7:5f:ef:
         84:76:95:ac:8d:f1:a7:c1:96:8b:bd:27:78:fd:e7:8b:e2:11:
         85:66:eb:5e:79:17:74:15:80:e4:5d:3a:8b:25:24:b8:78:4c:
         57:1f:57:4d:67:94:0a:c1:2e:09:75:f0:2c:4b:92:2b:3a:3c:
         b2:f1:c2:82:a3:b1:a6:5e:a3:b2:cb:b7:cf:6d:65:16:f9:00:
         2a:83:88:a8:7a:d3:1e:f2:7d:3e:fc:b2:9e:c7:2a:a1:40:23:
         4e:1a:61:3c:18:50:fb:cd:d4:1e:65:15:82:e6:ea:6a:be:99:
         1f:ff:c7:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T+5MK5V2TtKh6ftZI0UTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUwODA0MDkwMDUyWhcNMjUwODA1MDkwMDUyWjAzMTEwLwYDVQQD
Eyg1OTlhMWRkYjg5Nzk4ZGUyNDFhZmJmOGM4YTA1NjE1YmM3Mzg0Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs7nBQSByn+C0AH6EtMqwZByhTcL
7ZO/ZfejwF/U+/F0cHAILfJ9i3o6VvQllHeF4I1nf+cZ6IbONm9NZsRRRKbteWsI
8I/8qZVMOt4Rs2GRIsP4Wabh8U3LtWGmkPZhiAnH5vrUaIFS7tK7iFyoh64qlxNz
hdLtQ6dCfLn7LFdqVLnUJ+onP9TpkyU46DWqnlF6J+u4VNrdmkgAvMNVaghEXc2x
stqGbNQLs011+SNnRl53DbSDRBiYm2FQAuT1N39zvDYkoKA+q4MpNYfSdWbDTg3t
0flyQP+iC3eTVUP9LxYpFA3zVEGy7Jq9GoCePgMrQ8dtjM6zfjLly9slBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmaHduJeY3iQa+/jIoFYVvHOEaFMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIRgjtHqX
sLTdddtrq0IHb2jSuKd8+B64237i24xffxjullHjASHb/9hRwmX2UGZKZGXQ39PB
Qre1ym7QZfoe1/ALf3YrqTmYWDgh/YicG4Cd5Yg/2vSr4fHf3QwX7xoLXL74LlSK
gSePW+6nutVxvR5bT7jxeAIMWj+6MRlsZOAlUCNVjw4CzVNt5IzKx1/vhHaVrI3x
p8GWi70neP3ni+IRhWbrXnkXdBWA5F06iyUkuHhMVx9XTWeUCsEuCXXwLEuSKzo8
svHCgqOxpl6jssu3z21lFvkAKoOIqHrTHvJ9PvyynscqoUAjThphPBhQ+83UHmUV
gubqar6ZH//HrA==
-----END CERTIFICATE-----