Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
File:                     CzVgh8IMejJUFv2oA8t289p5R6k.mft (raw, json)
Hash identifier:          GmLqOnJwF59gTvrp4hBTpC7IwMlxa6aLrguN2wjXmVI=
Subject key identifier:   35:C3:C7:B4:F2:1D:62:08:69:2F:0F:4C:8E:C4:0C:31:06:BA:81:40
Authority key identifier: 0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
Certificate issuer:       /CN=0b356087c20c7a325416fda803cb76f3da7947a9
Certificate serial:       01987CE55AA251774E51D785FE5D1A179BDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
Manifest number:          03A5
Signing time:             Wed 06 Aug 2025 01:01:02 +0000
Manifest this update:     Wed 06 Aug 2025 01:01:02 +0000
Manifest next update:     Thu 07 Aug 2025 01:01:02 +0000
Files and hashes:         1: CzVgh8IMejJUFv2oA8t289p5R6k.crl (hash: 3wC1Tuza6HB0zYGT64tYcCt1yrrZ3hJb9R/HGRr3jro=)
                          2: VWgiKeUlZyr_tkfBtwpTnh3j5es.roa (hash: F+rSoMMmSh1ZRMmb8OY6V8ChtegfB1X8DkMugPNoNpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 01:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:e5:5a:a2:51:77:4e:51:d7:85:fe:5d:1a:17:9b:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b356087c20c7a325416fda803cb76f3da7947a9
        Validity
            Not Before: Aug  6 01:01:02 2025 GMT
            Not After : Aug  7 01:01:02 2025 GMT
        Subject: CN=35c3c7b4f21d6208692f0f4c8ec40c3106ba8140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:65:eb:7c:16:57:09:a7:4a:e8:e2:28:2e:b9:
                    3f:8e:77:1d:6c:03:51:86:3f:68:2b:4c:77:3f:84:
                    74:80:88:60:19:7a:25:99:6d:ec:ab:8e:4e:27:f4:
                    64:7a:04:6a:bf:da:88:72:90:e9:f1:b5:4f:5f:6d:
                    89:01:85:c8:d2:c9:0f:0b:93:e6:75:4b:31:04:0e:
                    19:65:8b:e4:ed:79:44:cb:49:f0:21:15:0a:e4:d5:
                    62:f3:3a:83:12:f2:82:4c:bb:a9:d3:f7:bd:e9:b8:
                    f7:1e:1a:3f:d1:08:68:5b:bd:7d:de:05:66:ec:03:
                    fc:c4:f0:9a:77:6d:8b:a4:be:04:7b:80:4c:ce:aa:
                    94:03:ce:e7:ab:a3:ca:b1:e2:c6:6a:ce:db:2c:8e:
                    b3:e2:15:0f:7b:87:53:da:a5:9c:76:85:39:f2:3a:
                    e4:cf:79:54:65:f7:f8:92:5d:9b:c6:37:02:ca:37:
                    f8:1c:6c:86:af:4e:ef:3e:e2:f9:c6:30:1d:6d:57:
                    87:dd:6d:04:1f:28:0b:0f:b3:4a:a2:9b:37:f9:13:
                    a6:20:9e:78:af:c0:20:5f:7e:01:eb:62:e1:e4:a6:
                    45:bc:0d:d1:30:ff:12:16:d6:a9:81:80:70:ea:40:
                    13:09:48:bc:7e:7f:85:59:71:f3:64:b2:25:59:4e:
                    4b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:C3:C7:B4:F2:1D:62:08:69:2F:0F:4C:8E:C4:0C:31:06:BA:81:40
            X509v3 Authority Key Identifier:
                keyid:0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:c2:95:b0:b8:40:0c:7b:78:55:d7:f2:0a:3c:04:d8:f8:e6:
         1f:8b:04:e9:1e:57:c5:a7:b2:a1:27:a9:77:44:b7:ce:d6:e0:
         ff:4f:c3:65:d0:43:7c:ed:a1:7e:f8:9a:3a:1d:80:2a:52:07:
         e3:a7:51:c6:23:42:09:d7:19:aa:8e:2c:39:5a:3a:80:10:df:
         9c:e8:ba:0e:8b:6c:cd:e3:b6:80:26:cb:4c:19:9b:71:1c:6b:
         0c:55:8d:01:30:1f:18:11:d4:ac:e8:e2:7c:87:a7:e4:53:ac:
         3f:e9:27:ad:e4:c2:ed:59:0d:f0:70:5d:8a:67:77:44:16:fb:
         f7:a4:64:f6:2a:35:05:83:26:be:86:15:2f:e2:5d:6d:dc:d5:
         66:32:fb:16:a6:0d:f6:83:37:94:29:df:06:f0:3c:77:c8:21:
         3f:36:27:d1:42:eb:8b:45:a3:34:ed:2f:5e:b4:5d:ed:50:d7:
         ea:77:df:57:f8:a7:0b:5c:bb:58:25:44:8a:e4:f8:f9:6c:c5:
         e7:c5:d2:65:9d:af:46:56:5f:43:0c:48:46:87:d0:37:60:fc:
         2e:77:ad:a3:84:27:9a:ed:14:05:2f:92:50:db:42:81:b7:aa:
         29:9f:8b:20:12:f3:9e:ef:4e:a4:cb:b3:f6:ac:bf:2a:6c:ec:
         fc:a2:11:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh85VqiUXdOUdeF/l0aF5vaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMzU2MDg3YzIwYzdhMzI1NDE2ZmRhODAzY2I3NmYzZGE3
OTQ3YTkwHhcNMjUwODA2MDEwMTAyWhcNMjUwODA3MDEwMTAyWjAzMTEwLwYDVQQD
EygzNWMzYzdiNGYyMWQ2MjA4NjkyZjBmNGM4ZWM0MGMzMTA2YmE4MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGXrfBZXCadK6OIoLrk/jncdbANR
hj9oK0x3P4R0gIhgGXolmW3sq45OJ/RkegRqv9qIcpDp8bVPX22JAYXI0skPC5Pm
dUsxBA4ZZYvk7XlEy0nwIRUK5NVi8zqDEvKCTLup0/e96bj3Hho/0QhoW7193gVm
7AP8xPCad22LpL4Ee4BMzqqUA87nq6PKseLGas7bLI6z4hUPe4dT2qWcdoU58jrk
z3lUZff4kl2bxjcCyjf4HGyGr07vPuL5xjAdbVeH3W0EHygLD7NKops3+ROmIJ54
r8AgX34B62Lh5KZFvA3RMP8SFtapgYBw6kATCUi8fn+FWXHzZLIlWU5LuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXDx7TyHWIIaS8PTI7EDDEGuoFAMB8GA1UdIwQY
MBaAFAs1YIfCDHoyVBb9qAPLdvPaeUepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAt
NTdlYWY4MzNhYjBiLzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAtNTdlYWY4MzNhYjBi
LzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUcKVsLhA
DHt4VdfyCjwE2PjmH4sE6R5XxaeyoSepd0S3ztbg/0/DZdBDfO2hfviaOh2AKlIH
46dRxiNCCdcZqo4sOVo6gBDfnOi6DotszeO2gCbLTBmbcRxrDFWNATAfGBHUrOji
fIen5FOsP+knreTC7VkN8HBdimd3RBb796Rk9io1BYMmvoYVL+JdbdzVZjL7FqYN
9oM3lCnfBvA8d8ghPzYn0ULri0WjNO0vXrRd7VDX6nffV/inC1y7WCVEiuT4+WzF
58XSZZ2vRlZfQwxIRofQN2D8Lneto4Qnmu0UBS+SUNtCgbeqKZ+LIBLznu9OpMuz
9qy/Kmzs/KIRTw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:15:25 2025 by rpki-client