Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
File:                     5dbG6LztQL0DLRdxjBseOa6EGug.mft (raw, json)
Hash identifier:          0cCNhApSSeJQrje/Dkwo+wN8KMBOvrQhU6+SXqaM1Qc=
Subject key identifier:   68:FC:02:47:BB:8E:93:D4:36:CE:E1:C1:B4:DC:E9:C2:3E:38:CD:F3
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Certificate issuer:       /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial:       01976F62AD2D2703116B30A7B13DF411F38C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
Manifest number:          1598
Signing time:             Sat 14 Jun 2025 17:00:27 +0000
Manifest this update:     Sat 14 Jun 2025 17:00:27 +0000
Manifest next update:     Sun 15 Jun 2025 17:00:27 +0000
Files and hashes:         1: 1-4thfGCfV_85lt2WZkN-l71fwv0.roa (hash: 7cUPpyEsjpN2LkemwyOwpAzp6M6Mod4nt5VJCSxBi3s=)
                          2: 1-U546Wnv3X2dlqBwiPgmgD5rG0Q.roa (hash: UYLMoDLmtnbaqveYEw4e1FYtKG5Xz2eS50cYOB7habA=)
                          3: 4wlDChlgzrgFapvpBy46MAFlefc.roa (hash: EYqlVV6MH4EbjLdFRd/br9sG35MzdZTRrWmN3sTJ6/Y=)
                          4: 5dbG6LztQL0DLRdxjBseOa6EGug.crl (hash: V4bn81A3pQlAkelFRtB8FkDT4NJpGaXBBrkeJQZ2Pg4=)
                          5: 8j9-L_RONYbO5pct6BaIUP49Jq8.roa (hash: TIaaBWL1jzkAtw/gcAYt5xesS4BiLd6+3AzOv7BVHgs=)
                          6: A-Fkuj2Ry_3wy9lszQO5iFmpTsM.roa (hash: MqXfL/IjblbyaoanvxCZ0s6/syF5tUBaoXoKEYvO5Ck=)
                          7: CqQsoC1jFsSbLss7hEFtLKrKDMY.roa (hash: 7YVK/zmpOd/tEBFOBPOhNo6QF1d67oChKSOQOYEoacg=)
                          8: Grw7nIi6RKNyYj-gX0F5si2FPWg.roa (hash: P3/krGXIhVeYouYxQBpxzM61tb05ZyoVg+B5ZJUx//k=)
                          9: PPn88xNGN-bL0F7MubjXlyHvb9c.roa (hash: nLdf7Pq2piaIE9RRNqGUwrSH2EAIpbdo6397rklNDK8=)
                          10: QmD1NuxNLYfmzuhbCU_99CJ-o-k.roa (hash: ugpwTRCdEyAoIefE/m+oUbM/pJjpH0ikF/U5tO+O/jM=)
                          11: W5W8H6uR-lCCEmn3v-XsPLRNVss.roa (hash: MqFZSzbOqhNyXJIgrbDDE4K1XPvGby9AbWHLANkDs8A=)
                          12: cKTcZs-U_VD8X5oF6KYi9vL_XPY.roa (hash: Ojplqzn5+rFkagKqgJjGg7MR261z7vGOzqJ6p2GYag4=)
                          13: dUjWdWqHZ3bB28SlJrHRKXOFumI.roa (hash: L5pkt5HZhPKaDfcEd3yHsIdGb5cnUbqIUW0exwEPLyc=)
                          14: j3rbxvXK8ctBFBgkYLP92aiT8pc.roa (hash: SkgwXJK38mScZ5LxMMAb0ANPv8t3zcxnc/zFVB7Ba0w=)
                          15: mza84PKMv0aUDroEfzQZip-9Um8.roa (hash: xfLnRg1sIPVix0oNDyz6FdqLtVqmjxCCvOykxKOTB0s=)
                          16: u0oJmkSedaonOs5uLkSqqL59uJ4.roa (hash: C6uJzJ3uiAjMgAmGSpBjfqhHJVcbN5byOHdLx08rPTM=)
                          17: ujwUfZi-j2E7tiXxuxPwDEMg9Do.roa (hash: ZVTJzzTXgsjt6o/MwKVQt8mq4QnG+HkM2MYUgIyYqIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:62:ad:2d:27:03:11:6b:30:a7:b1:3d:f4:11:f3:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
        Validity
            Not Before: Jun 14 17:00:27 2025 GMT
            Not After : Jun 15 17:00:27 2025 GMT
        Subject: CN=68fc0247bb8e93d436cee1c1b4dce9c23e38cdf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:92:4e:af:02:31:06:84:e5:5c:e6:fd:2c:ee:
                    db:59:63:39:df:d4:1a:00:cf:e1:be:77:70:1f:df:
                    44:61:3b:aa:33:dc:56:fd:4f:49:9a:bd:b2:70:31:
                    9e:36:72:45:f3:1e:34:39:eb:cf:6b:e5:1f:da:f2:
                    ed:83:04:41:3c:49:a7:ea:a4:cd:4a:2f:63:93:7b:
                    35:b1:be:19:56:27:93:b2:a7:c3:2a:a1:fe:0c:60:
                    4a:cd:b8:51:ab:c7:62:d1:09:3b:39:0c:da:2e:e3:
                    d6:cd:03:24:12:d4:c9:ac:c0:46:cc:8d:63:3d:7a:
                    c1:32:5b:b1:11:67:c3:c3:43:37:19:82:88:12:5c:
                    d9:cf:c0:85:af:51:69:0c:f9:06:9b:96:ff:bf:b3:
                    4b:46:74:13:98:4d:8f:8b:89:e4:47:1b:2b:81:13:
                    a8:67:cb:ec:28:48:1e:1f:62:31:7e:7d:43:d5:bc:
                    fc:1e:57:66:26:00:c9:a9:83:71:b3:27:2b:da:12:
                    ba:ee:64:cb:99:3e:7d:ee:6e:03:58:98:9c:5d:3d:
                    a9:6b:18:82:3d:20:5c:36:63:d1:d0:c1:34:4b:1c:
                    a6:be:3f:60:0d:4f:c9:03:e9:41:b4:48:b8:d5:07:
                    18:51:e6:c1:7b:18:0c:bb:89:33:d5:bc:ff:27:60:
                    f1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:FC:02:47:BB:8E:93:D4:36:CE:E1:C1:B4:DC:E9:C2:3E:38:CD:F3
            X509v3 Authority Key Identifier:
                keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:cb:b3:ae:06:80:b2:93:85:99:a3:eb:13:63:4f:54:fb:56:
         37:b9:57:0c:68:94:99:5e:d6:8c:6a:b9:63:4d:49:a0:16:43:
         bb:ad:bb:08:98:20:f9:34:43:6e:86:c8:77:67:8e:b9:0c:1f:
         6b:8e:a7:50:f9:2e:84:17:b4:61:ce:f6:b8:07:68:16:3e:8c:
         7d:37:3a:9b:76:4f:24:e4:56:f9:6d:55:dc:2a:6d:28:df:24:
         d4:37:46:27:94:38:31:f8:bf:64:5b:8f:c5:00:4a:f8:16:04:
         c9:4a:b9:83:92:c7:d7:5b:e9:91:95:14:cc:d1:41:69:10:ac:
         73:e2:12:51:13:b8:db:c9:e9:39:7f:22:ce:b8:7d:ec:cb:b5:
         a1:90:4d:68:82:dc:76:5d:9a:c8:83:7f:66:ba:81:2b:e4:58:
         5a:75:75:b3:6b:dd:5f:48:77:bd:96:24:d0:35:24:d0:ba:d4:
         d5:49:93:e8:c9:43:e7:6c:a3:a7:e0:11:cb:a6:20:f4:21:75:
         a8:a5:4f:8e:6b:0b:90:ed:1a:f9:d4:05:b9:db:31:f6:61:6c:
         e4:6e:79:20:ff:a1:c8:48:00:59:b3:49:e1:6d:3b:4b:5e:2c:
         e0:2f:e9:db:91:3e:ee:d2:3b:3b:43:e4:1e:70:d8:6c:1c:18:
         30:d7:fb:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvYq0tJwMRazCnsT30EfOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwNjE0MTcwMDI3WhcNMjUwNjE1MTcwMDI3WjAzMTEwLwYDVQQD
Eyg2OGZjMDI0N2JiOGU5M2Q0MzZjZWUxYzFiNGRjZTljMjNlMzhjZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pJOrwIxBoTlXOb9LO7bWWM539Qa
AM/hvndwH99EYTuqM9xW/U9Jmr2ycDGeNnJF8x40OevPa+Uf2vLtgwRBPEmn6qTN
Si9jk3s1sb4ZVieTsqfDKqH+DGBKzbhRq8di0Qk7OQzaLuPWzQMkEtTJrMBGzI1j
PXrBMluxEWfDw0M3GYKIElzZz8CFr1FpDPkGm5b/v7NLRnQTmE2Pi4nkRxsrgROo
Z8vsKEgeH2Ixfn1D1bz8HldmJgDJqYNxsycr2hK67mTLmT597m4DWJicXT2paxiC
PSBcNmPR0ME0Sxymvj9gDU/JA+lBtEi41QcYUebBexgMu4kz1bz/J2DxqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGj8Ake7jpPUNs7hwbTc6cI+OM3zMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhMuzrgaA
spOFmaPrE2NPVPtWN7lXDGiUmV7WjGq5Y01JoBZDu627CJgg+TRDbobId2eOuQwf
a46nUPkuhBe0Yc72uAdoFj6MfTc6m3ZPJORW+W1V3CptKN8k1DdGJ5Q4Mfi/ZFuP
xQBK+BYEyUq5g5LH11vpkZUUzNFBaRCsc+ISURO428npOX8izrh97Mu1oZBNaILc
dl2ayIN/ZrqBK+RYWnV1s2vdX0h3vZYk0DUk0LrU1UmT6MlD52yjp+ARy6Yg9CF1
qKVPjmsLkO0a+dQFudsx9mFs5G55IP+hyEgAWbNJ4W07S14s4C/p25E+7tI7O0Pk
HnDYbBwYMNf7wQ==
-----END CERTIFICATE-----