Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
File:                     MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft (raw, json)
Hash identifier:          BfJj15D+SR+2JlGljaOtK6iPUk3eiPuaT5ne1PzcyUg=
Subject key identifier:   40:03:C1:63:3A:B8:2D:AE:AA:D1:BD:B3:CF:C8:C7:8C:C9:43:C9:F6
Authority key identifier: 30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
Certificate issuer:       /CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Certificate serial:       0198733D064EA4DAB82DBC20C875AF90609C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
Manifest number:          0401
Signing time:             Mon 04 Aug 2025 04:00:35 +0000
Manifest this update:     Mon 04 Aug 2025 04:00:35 +0000
Manifest next update:     Tue 05 Aug 2025 04:00:35 +0000
Files and hashes:         1: MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl (hash: BeesSX2SzrTJIPa3GPf7Mfjk+HFFNB9XkOjwCATuOXQ=)
                          2: _Op4bSAp0gWDx4UfTJUc97va5qw.roa (hash: tJEKSC7Hrru5HEiTFvhI8vLaAa+FAs4tPlo2cnkUBAA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:06:4e:a4:da:b8:2d:bc:20:c8:75:af:90:60:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
        Validity
            Not Before: Aug  4 04:00:35 2025 GMT
            Not After : Aug  5 04:00:35 2025 GMT
        Subject: CN=4003c1633ab82daeaad1bdb3cfc8c78cc943c9f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f6:f9:cf:3c:e0:c5:f8:74:f1:4a:75:d7:63:
                    9a:2a:c5:90:46:8d:4d:3c:14:21:57:3d:1e:48:c1:
                    0a:a1:f9:b7:28:5a:18:e1:90:96:70:61:78:06:5d:
                    3a:3e:c0:9b:ad:7c:5f:f4:c1:b6:4f:20:f7:3a:f1:
                    29:4a:3e:08:79:71:5b:da:89:e3:b1:8b:58:33:1c:
                    50:6c:dc:39:9d:af:5c:9a:c3:0f:33:91:51:11:a0:
                    61:13:0a:06:52:75:42:f6:a2:87:a9:55:8f:cd:99:
                    5c:af:18:41:6c:00:c5:f0:a8:13:53:e0:6c:a2:4f:
                    19:b4:55:28:a5:e3:24:3b:d8:ff:95:39:38:dc:c8:
                    47:99:0f:2a:69:9a:71:65:a9:a7:e2:bd:13:37:75:
                    d1:03:1e:f6:67:73:01:e2:1d:cf:75:e7:b4:6d:c6:
                    53:cb:99:fd:91:09:42:c5:29:6f:be:17:e3:7f:1a:
                    1b:46:9b:cb:fc:6d:9f:75:e4:74:e9:39:e9:e5:90:
                    8f:5e:85:bf:93:a8:0f:9b:6b:d8:ba:1c:21:d8:a8:
                    fa:d8:6f:1f:6b:6c:89:a4:75:0c:28:a7:ac:74:db:
                    2b:8b:65:1d:e9:63:f7:f9:33:e3:b8:ac:ae:2a:9e:
                    de:1c:1e:7e:a1:f8:fb:ce:b5:a4:f2:f0:ed:bb:63:
                    18:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:03:C1:63:3A:B8:2D:AE:AA:D1:BD:B3:CF:C8:C7:8C:C9:43:C9:F6
            X509v3 Authority Key Identifier:
                keyid:30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:00:c2:e7:b2:40:60:15:72:be:7e:f4:70:03:04:e3:2b:b5:
         4c:ba:44:80:ed:ec:c8:0f:9a:f3:f3:9a:44:a1:a3:d9:4a:e7:
         5d:1b:d1:ff:67:a4:a6:f0:d1:fc:fd:0a:8e:ed:be:72:81:b7:
         36:2d:49:1c:41:5f:b8:98:07:4e:34:42:60:04:2c:a3:ee:0b:
         b5:b8:e4:b2:23:90:22:17:74:f7:9c:47:87:bb:85:64:75:31:
         c2:80:71:d3:87:4a:28:39:5b:f9:d1:76:ee:aa:e0:86:b0:ec:
         2e:86:72:e1:45:a8:c8:8a:1f:8f:30:da:40:01:22:ba:7c:6f:
         90:ef:3c:6a:50:4d:94:19:dd:21:f4:60:68:7b:96:68:26:e2:
         99:93:62:a4:46:c3:02:25:26:3b:e4:63:04:09:5b:7b:81:db:
         56:6f:cc:3d:40:36:88:6c:af:b2:23:bb:d6:e6:3b:fd:28:4f:
         81:a1:53:bc:a0:e1:67:9b:c6:40:17:c4:ca:ef:6c:8e:1c:4f:
         c1:cd:22:4b:9f:2d:36:8d:cc:e6:4d:6c:76:d4:80:c7:74:05:
         f1:4f:8c:b5:71:4a:9e:ea:79:5d:38:de:6a:21:0a:03:d0:f9:
         0a:be:ec:48:68:7a:66:8f:7c:29:a5:8c:88:4f:5e:3a:d3:0c:
         86:3f:cd:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPQZOpNq4LbwgyHWvkGCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzVkODdjMTk3YTBmYTA0ZGE4ZjIyNTM1OGQzZmFmNzg2
ZjdkMGIwHhcNMjUwODA0MDQwMDM1WhcNMjUwODA1MDQwMDM1WjAzMTEwLwYDVQQD
Eyg0MDAzYzE2MzNhYjgyZGFlYWFkMWJkYjNjZmM4Yzc4Y2M5NDNjOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvb5zzzgxfh08Up112OaKsWQRo1N
PBQhVz0eSMEKofm3KFoY4ZCWcGF4Bl06PsCbrXxf9MG2TyD3OvEpSj4IeXFb2onj
sYtYMxxQbNw5na9cmsMPM5FREaBhEwoGUnVC9qKHqVWPzZlcrxhBbADF8KgTU+Bs
ok8ZtFUopeMkO9j/lTk43MhHmQ8qaZpxZamn4r0TN3XRAx72Z3MB4h3Pdee0bcZT
y5n9kQlCxSlvvhfjfxobRpvL/G2fdeR06Tnp5ZCPXoW/k6gPm2vYuhwh2Kj62G8f
a2yJpHUMKKesdNsri2Ud6WP3+TPjuKyuKp7eHB5+ofj7zrWk8vDtu2MY7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEADwWM6uC2uqtG9s8/Ix4zJQ8n2MB8GA1UdIwQY
MBaAFDB12HwZeg+gTajyJTWNP694b30LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEt
ODk5ODFjOGY5ZTdiLzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEtODk5ODFjOGY5ZTdi
LzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwQDC57JA
YBVyvn70cAME4yu1TLpEgO3syA+a8/OaRKGj2UrnXRvR/2ekpvDR/P0Kju2+coG3
Ni1JHEFfuJgHTjRCYAQso+4LtbjksiOQIhd095xHh7uFZHUxwoBx04dKKDlb+dF2
7qrghrDsLoZy4UWoyIofjzDaQAEiunxvkO88alBNlBndIfRgaHuWaCbimZNipEbD
AiUmO+RjBAlbe4HbVm/MPUA2iGyvsiO71uY7/ShPgaFTvKDhZ5vGQBfEyu9sjhxP
wc0iS58tNo3M5k1sdtSAx3QF8U+MtXFKnup5XTjeaiEKA9D5Cr7sSGh6Zo98KaWM
iE9eOtMMhj/N5A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:46 2025 by rpki-client