Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          mcYCqRTHF3Rryc+bp1JG8U1JnNGvDPVYlB//Kkqg7sA=
Subject key identifier:   22:75:E8:DA:01:7B:E7:EB:B1:D7:88:15:2D:33:44:03:57:62:8C:C5
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       019875D23DE9DE73DB92688BBD57E47B02A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          1105
Signing time:             Mon 04 Aug 2025 16:02:49 +0000
Manifest this update:     Mon 04 Aug 2025 16:02:49 +0000
Manifest next update:     Tue 05 Aug 2025 16:02:49 +0000
Files and hashes:         1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=)
                          2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=)
                          3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: QI2413kvopWqyaI4HzDUDMo0u8tBiPN3CAalu6ucDHc=)
                          4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=)
                          5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=)
                          6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=)
                          7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=)
                          8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=)
                          9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=)
                          10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=)
                          11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=)
                          12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=)
                          13: nOw141dLNmkj2u2FTqG2Wvc-gVM.roa (hash: CQnQRUA/+q6ZVbEZKZtps04sWUzpVEunbxRhthCLZIQ=)
                          14: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=)
                          15: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=)
                          16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=)
                          17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d2:3d:e9:de:73:db:92:68:8b:bd:57:e4:7b:02:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Aug  4 16:02:49 2025 GMT
            Not After : Aug  5 16:02:49 2025 GMT
        Subject: CN=2275e8da017be7ebb1d788152d33440357628cc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:15:70:d2:90:ea:60:45:6c:38:1b:be:43:b2:
                    1b:38:60:b0:a5:7e:bf:51:2e:43:8d:9b:25:94:a8:
                    25:a5:d7:84:c2:8c:a2:ed:e3:6f:2e:ba:b9:1b:20:
                    f9:6d:3f:fa:da:41:80:66:07:31:ea:a0:d9:e1:b1:
                    e8:ef:57:3c:6a:ca:59:9e:c4:81:a4:6b:4a:8f:13:
                    cc:85:c9:87:80:a2:9a:6e:e0:7d:63:83:94:e1:26:
                    af:d8:4e:14:79:5b:19:48:6a:b8:aa:0d:93:d4:7d:
                    13:65:48:94:b4:ef:62:20:73:57:0c:e6:01:7e:6e:
                    34:fc:1f:f4:c7:e6:ef:19:ab:96:fe:7e:bc:63:1d:
                    7f:03:36:0f:14:60:20:1a:75:4d:f6:42:36:2a:a7:
                    48:c6:ea:5a:38:e8:20:fe:ed:57:10:f2:39:e0:8e:
                    eb:c6:1b:bb:a8:da:df:7a:08:b9:98:7e:18:47:8b:
                    54:9f:49:7a:2a:e2:af:61:ed:08:6e:70:e5:ce:86:
                    d4:c5:30:41:a5:01:83:e4:71:35:03:7b:52:27:81:
                    62:c4:30:53:85:a5:9f:db:a7:3c:a4:25:fb:dc:47:
                    46:b4:79:06:80:97:0f:b2:62:87:0b:e9:a7:da:08:
                    6f:68:45:00:2b:75:74:07:05:da:da:45:60:5d:dc:
                    9e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:75:E8:DA:01:7B:E7:EB:B1:D7:88:15:2D:33:44:03:57:62:8C:C5
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:0a:73:fb:96:c9:fb:34:df:8b:75:f6:26:d7:5d:f2:14:2b:
         81:e5:39:1d:7d:fd:bd:cb:b1:c2:85:ea:d1:e3:2e:19:98:e9:
         89:f5:58:52:84:d0:71:b7:29:aa:7c:59:2b:f9:88:96:e6:75:
         38:67:6d:7f:0b:2b:9f:b6:a3:63:2d:58:82:44:ea:56:bb:67:
         9e:7a:b5:30:55:06:36:24:68:a0:ec:01:97:28:27:7b:39:59:
         d0:d3:e3:19:9f:fe:d6:7f:5c:63:63:e0:5f:97:d2:27:47:15:
         46:59:9f:3a:18:70:ae:00:38:fd:2a:3c:e3:b1:31:86:88:c4:
         e0:a8:4c:23:37:89:e6:38:d4:a6:d1:db:7c:6e:5e:88:9a:f1:
         86:36:cd:4a:4b:59:24:ff:2f:45:77:c3:e8:ea:b9:fe:00:45:
         db:08:bb:b4:85:dc:3b:18:08:30:26:ab:83:e5:46:b6:42:af:
         69:d2:c0:a2:9f:9a:3a:8f:68:49:75:11:44:17:83:2a:02:79:
         7b:63:cc:1d:6c:50:9c:51:8e:5c:8e:a0:6e:fa:08:26:a5:86:
         e3:17:00:6b:86:71:64:d2:82:eb:ec:74:76:25:b6:88:ac:c9:
         63:3a:b9:10:5f:e8:4a:97:1b:d8:69:5d:6b:e4:46:7a:63:b3:
         cc:00:d0:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10j3p3nPbkmiLvVfkewKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjUwODA0MTYwMjQ5WhcNMjUwODA1MTYwMjQ5WjAzMTEwLwYDVQQD
EygyMjc1ZThkYTAxN2JlN2ViYjFkNzg4MTUyZDMzNDQwMzU3NjI4Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRVw0pDqYEVsOBu+Q7IbOGCwpX6/
US5DjZsllKglpdeEwoyi7eNvLrq5GyD5bT/62kGAZgcx6qDZ4bHo71c8aspZnsSB
pGtKjxPMhcmHgKKabuB9Y4OU4Sav2E4UeVsZSGq4qg2T1H0TZUiUtO9iIHNXDOYB
fm40/B/0x+bvGauW/n68Yx1/AzYPFGAgGnVN9kI2KqdIxupaOOgg/u1XEPI54I7r
xhu7qNrfegi5mH4YR4tUn0l6KuKvYe0IbnDlzobUxTBBpQGD5HE1A3tSJ4FixDBT
haWf26c8pCX73EdGtHkGgJcPsmKHC+mn2ghvaEUAK3V0BwXa2kVgXdyeQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJ16NoBe+frsdeIFS0zRANXYozFMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXApz+5bJ
+zTfi3X2Jtdd8hQrgeU5HX39vcuxwoXq0eMuGZjpifVYUoTQcbcpqnxZK/mIluZ1
OGdtfwsrn7ajYy1YgkTqVrtnnnq1MFUGNiRooOwBlygnezlZ0NPjGZ/+1n9cY2Pg
X5fSJ0cVRlmfOhhwrgA4/So847ExhojE4KhMIzeJ5jjUptHbfG5eiJrxhjbNSktZ
JP8vRXfD6Oq5/gBF2wi7tIXcOxgIMCarg+VGtkKvadLAop+aOo9oSXURRBeDKgJ5
e2PMHWxQnFGOXI6gbvoIJqWG4xcAa4ZxZNKC6+x0diW2iKzJYzq5EF/oSpcb2Gld
a+RGemOzzADQoA==
-----END CERTIFICATE-----