Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
File:                     tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json)
Hash identifier:          uOSs24O3WNcmZvuXA7JMp9PrUjB8Q+ew57bwpKovsns=
Subject key identifier:   39:FF:7B:16:8C:70:6F:DD:88:7D:EB:89:A7:CC:50:C1:09:00:9D:C2
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Certificate issuer:       /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial:       01987E659BEC28B798EFEF7DA8D41AEC1EE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
Manifest number:          0D94
Signing time:             Wed 06 Aug 2025 08:00:44 +0000
Manifest this update:     Wed 06 Aug 2025 08:00:44 +0000
Manifest next update:     Thu 07 Aug 2025 08:00:44 +0000
Files and hashes:         1: Cr7WIZXJqqSxx1MgWk3fJvY56gA.roa (hash: W0p2Ng/L4A+CUhGlPSgje47dkJ8+aMEjdUAnh4zo9Rc=)
                          2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: LF9M1q8QWRcwCU3EqJzX2z54oKe7eJJXhzqkE8v+dLU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:65:9b:ec:28:b7:98:ef:ef:7d:a8:d4:1a:ec:1e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
        Validity
            Not Before: Aug  6 08:00:44 2025 GMT
            Not After : Aug  7 08:00:44 2025 GMT
        Subject: CN=39ff7b168c706fdd887deb89a7cc50c109009dc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c5:35:64:87:ea:f7:e9:36:4b:d9:05:6d:e9:
                    35:90:20:44:66:c4:85:7c:6b:b3:d4:b8:87:4d:76:
                    c2:5b:55:0d:b1:3e:61:d9:3b:76:4c:f5:65:00:11:
                    ea:7a:98:f1:21:c5:54:d1:59:81:33:a4:68:9c:15:
                    ea:7f:4b:ea:ec:31:a3:1d:3d:ef:98:55:25:9c:44:
                    56:7c:cd:83:bc:e1:e8:30:cd:ce:28:8d:87:29:0e:
                    34:d6:4d:71:c6:0d:d5:aa:40:d1:df:a0:66:b3:f4:
                    db:54:b5:51:73:3b:1b:d6:a4:da:02:9b:96:53:4b:
                    06:aa:eb:88:21:4b:c9:c2:86:32:39:0b:c1:fe:81:
                    fa:2c:b0:87:e3:4e:fe:61:5c:7b:4f:7c:ba:ee:2b:
                    b6:99:b7:44:b3:71:0f:4a:cb:df:01:e2:e9:27:ac:
                    ba:53:31:b7:55:01:c5:94:9e:15:a2:bb:23:5e:d8:
                    94:06:2a:0e:b8:2f:30:1f:c2:37:d8:05:ab:15:90:
                    b0:a2:75:ca:b9:de:de:92:e4:69:16:b3:da:0c:e4:
                    51:0b:69:39:64:34:ba:8f:96:a0:db:e6:e7:c4:85:
                    87:2e:0c:28:3d:f7:14:33:7d:de:b1:6b:50:93:c0:
                    d5:2a:da:0b:9b:6c:d8:ad:c9:aa:80:31:28:4f:91:
                    88:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:FF:7B:16:8C:70:6F:DD:88:7D:EB:89:A7:CC:50:C1:09:00:9D:C2
            X509v3 Authority Key Identifier:
                keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:a9:e8:54:f2:74:a2:37:d2:92:26:c1:52:83:74:26:69:4d:
         6c:e4:b8:93:93:48:85:5d:04:43:10:da:8a:8b:ee:00:4c:e1:
         6e:df:33:60:25:ac:36:57:b9:bb:ea:35:f9:1c:91:f6:5c:28:
         d6:2f:dc:3a:8e:9b:7f:91:76:9c:ba:66:e7:0f:e7:8c:fd:08:
         65:82:56:70:4b:9c:d4:98:a4:52:b1:3f:8e:6f:31:2d:68:cb:
         3f:5a:72:d2:41:fd:d2:7f:aa:85:46:15:88:2a:fe:16:f4:7a:
         d4:f1:1b:44:02:a4:e0:85:3f:af:e2:83:a1:8a:f5:c7:15:5f:
         5e:d5:e4:55:dc:e5:5d:02:e3:58:44:43:9e:53:61:cc:11:6b:
         89:4c:7f:f0:46:c7:eb:b9:1f:ff:e0:f9:ee:10:c5:3d:d7:00:
         d0:a7:8d:50:6f:69:0c:86:94:fd:f9:a7:ad:7e:e7:88:ef:97:
         63:7a:26:57:86:10:d7:f6:b1:93:5d:e4:12:75:c4:26:64:02:
         5e:b0:f8:c3:79:b3:da:ed:9c:09:5d:36:71:cc:e9:6a:fc:96:
         8c:43:d8:60:b6:ac:3a:19:31:9b:2a:6b:36:05:bd:45:44:20:
         a2:a5:c0:c4:56:d2:64:88:d9:18:6e:65:aa:ee:b4:c2:07:b8:
         b4:35:d7:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+ZZvsKLeY7+99qNQa7B7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3
NTI0MmQwHhcNMjUwODA2MDgwMDQ0WhcNMjUwODA3MDgwMDQ0WjAzMTEwLwYDVQQD
EygzOWZmN2IxNjhjNzA2ZmRkODg3ZGViODlhN2NjNTBjMTA5MDA5ZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocU1ZIfq9+k2S9kFbek1kCBEZsSF
fGuz1LiHTXbCW1UNsT5h2Tt2TPVlABHqepjxIcVU0VmBM6RonBXqf0vq7DGjHT3v
mFUlnERWfM2DvOHoMM3OKI2HKQ401k1xxg3VqkDR36Bms/TbVLVRczsb1qTaApuW
U0sGquuIIUvJwoYyOQvB/oH6LLCH407+YVx7T3y67iu2mbdEs3EPSsvfAeLpJ6y6
UzG3VQHFlJ4VorsjXtiUBioOuC8wH8I32AWrFZCwonXKud7ekuRpFrPaDORRC2k5
ZDS6j5ag2+bnxIWHLgwoPfcUM33esWtQk8DVKtoLm2zYrcmqgDEoT5GI2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDn/exaMcG/diH3riafMUMEJAJ3CMB8GA1UdIwQY
MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt
NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz
LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6noVPJ0
ojfSkibBUoN0JmlNbOS4k5NIhV0EQxDaiovuAEzhbt8zYCWsNle5u+o1+RyR9lwo
1i/cOo6bf5F2nLpm5w/njP0IZYJWcEuc1JikUrE/jm8xLWjLP1py0kH90n+qhUYV
iCr+FvR61PEbRAKk4IU/r+KDoYr1xxVfXtXkVdzlXQLjWERDnlNhzBFriUx/8EbH
67kf/+D57hDFPdcA0KeNUG9pDIaU/fmnrX7niO+XY3omV4YQ1/axk13kEnXEJmQC
XrD4w3mz2u2cCV02cczpavyWjEPYYLasOhkxmyprNgW9RUQgoqXAxFbSZIjZGG5l
qu60wge4tDXX0g==
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:11:59 2025 by rpki-client