Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft
File:                     1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft (raw, json)
Hash identifier:          jTWMToHqS+v5aqIpMQ1WRW8CZacTMatqbTn04fBguzo=
Subject key identifier:   F7:61:AD:51:F6:E4:D1:EA:9B:31:58:05:24:43:76:94:00:18:E8:B4
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Certificate issuer:       /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial:       019881672E4231D4700DCA1A58DD8D7A92F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft
Manifest number:          0863
Signing time:             Wed 06 Aug 2025 22:01:19 +0000
Manifest this update:     Wed 06 Aug 2025 22:01:19 +0000
Manifest next update:     Thu 07 Aug 2025 22:01:19 +0000
Files and hashes:         1: 1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl (hash: 1V0GXRkwfLKPcK4wE4BUuOSi1/uPReROcu4HxaT1+H8=)
                          2: HUjG5wlXIs_S_8BTLmPoqHtpE_8.roa (hash: n0+Gv3Td1KV66vO7s/EA+fLLoF/hxd3hZyfSfNcw3NA=)
                          3: IosBMyCwhJpK9xWG1hvvXMqJa78.roa (hash: IYmZiNnkFwPxUpuPBI4TiPPkO8hQgA4aXIJpQwDNzpw=)
                          4: UNVV8q9mxHzj40ukB0dOp3qehFE.roa (hash: BXbVtWFAEKhtBygy5e3mBPkEaoCOBDieBmzKaOr8eAc=)
                          5: WJoZ3Cyd9hGNWW7azIwgdgzOVS4.roa (hash: 4VZTAKZBwZm9hthBlF7ANdxLjE6ybka+xW9+Dectll0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:2e:42:31:d4:70:0d:ca:1a:58:dd:8d:7a:92:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
        Validity
            Not Before: Aug  6 22:01:19 2025 GMT
            Not After : Aug  7 22:01:19 2025 GMT
        Subject: CN=f761ad51f6e4d1ea9b315805244376940018e8b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ec:f8:45:de:07:7b:37:be:6c:82:39:fe:35:
                    4c:73:47:ad:fd:c9:2e:12:be:d2:9e:f9:77:77:d8:
                    fe:43:31:1d:3f:7e:a6:a9:5c:62:3a:d1:75:ca:14:
                    28:c4:51:12:89:66:b9:71:c2:33:fa:1a:e9:a0:2f:
                    33:04:7e:19:c2:dc:e9:7a:ea:4b:c3:37:44:10:88:
                    fa:58:04:c0:d5:42:88:8f:80:8d:23:d1:30:e5:63:
                    57:17:c2:58:ce:72:d2:6f:35:54:d2:cf:67:68:26:
                    8a:99:89:e2:a3:26:af:b8:7f:89:e3:89:87:87:e9:
                    48:44:62:a5:37:8a:d4:22:5d:ca:bb:86:b6:d8:06:
                    1b:5b:37:61:c8:2d:e0:e5:1b:c0:d0:a0:8c:df:46:
                    0a:3b:cb:00:2d:b4:c0:5f:23:d8:c9:33:28:55:81:
                    69:f2:b8:37:1a:b3:dc:e1:3d:df:34:f4:8c:9a:de:
                    37:b3:28:0d:32:63:d9:d1:12:a8:27:9d:82:3d:46:
                    2e:f8:73:2d:c7:42:50:95:26:63:50:f9:42:84:07:
                    ac:e8:1b:c4:81:63:2c:9b:42:10:a7:b4:a4:c4:25:
                    0b:b7:a9:ca:80:c0:82:f0:a0:42:79:b1:d6:80:8a:
                    3d:46:f4:8e:87:de:71:2b:c9:39:90:50:ac:57:8e:
                    d8:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:61:AD:51:F6:E4:D1:EA:9B:31:58:05:24:43:76:94:00:18:E8:B4
            X509v3 Authority Key Identifier:
                keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:76:82:2a:66:ca:b1:bb:b4:3c:ed:9f:52:4b:d2:c5:7a:e3:
         cf:bb:e1:dc:9b:63:b8:b3:f7:99:89:37:89:96:57:55:84:5b:
         93:20:fb:b8:1c:de:77:f1:42:90:23:c6:5b:d8:55:cd:ab:04:
         28:2e:24:02:6d:b9:0b:91:d4:90:64:00:cc:6f:84:b2:ce:31:
         76:d3:27:a4:0b:19:4b:72:07:57:09:b6:c6:5f:c4:5a:e6:e2:
         0d:5d:d3:db:ac:89:5b:49:63:8c:b3:25:e4:8c:03:e7:1b:73:
         9c:a0:8b:69:49:8e:d4:47:d1:a4:e6:19:2e:6d:a4:4b:be:ad:
         8c:63:7d:27:53:b2:d9:eb:aa:79:51:08:5b:79:a0:d1:b7:73:
         93:5a:16:b0:d5:00:ab:e2:31:17:77:b7:58:95:a2:85:11:b5:
         94:09:c0:b8:bf:9f:54:26:d7:8d:08:fd:ca:23:36:e0:9b:5c:
         87:7e:a9:eb:54:7e:14:a5:0f:ff:ed:a0:1b:85:e6:c5:99:bc:
         e6:43:7a:f3:54:e7:f1:50:6b:1d:79:ec:00:95:e1:af:4e:5c:
         65:c8:9b:b6:3c:8c:5f:b0:af:4c:f3:cc:9a:dd:50:5e:12:69:
         18:cb:f2:63:2d:24:4b:96:4e:55:88:b7:4b:cd:df:6b:bd:22:
         a0:3d:32:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZy5CMdRwDcoaWN2NepLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjUwODA2MjIwMTE5WhcNMjUwODA3MjIwMTE5WjAzMTEwLwYDVQQD
EyhmNzYxYWQ1MWY2ZTRkMWVhOWIzMTU4MDUyNDQzNzY5NDAwMThlOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlez4Rd4Heze+bII5/jVMc0et/cku
Er7Snvl3d9j+QzEdP36mqVxiOtF1yhQoxFESiWa5ccIz+hrpoC8zBH4ZwtzpeupL
wzdEEIj6WATA1UKIj4CNI9Ew5WNXF8JYznLSbzVU0s9naCaKmYnioyavuH+J44mH
h+lIRGKlN4rUIl3Ku4a22AYbWzdhyC3g5RvA0KCM30YKO8sALbTAXyPYyTMoVYFp
8rg3GrPc4T3fNPSMmt43sygNMmPZ0RKoJ52CPUYu+HMtx0JQlSZjUPlChAes6BvE
gWMsm0IQp7SkxCULt6nKgMCC8KBCebHWgIo9RvSOh95xK8k5kFCsV47YkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdhrVH25NHqmzFYBSRDdpQAGOi0MB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHaCKmbK
sbu0PO2fUkvSxXrjz7vh3JtjuLP3mYk3iZZXVYRbkyD7uBzed/FCkCPGW9hVzasE
KC4kAm25C5HUkGQAzG+Ess4xdtMnpAsZS3IHVwm2xl/EWubiDV3T26yJW0ljjLMl
5IwD5xtznKCLaUmO1EfRpOYZLm2kS76tjGN9J1Oy2euqeVEIW3mg0bdzk1oWsNUA
q+IxF3e3WJWihRG1lAnAuL+fVCbXjQj9yiM24Jtch36p61R+FKUP/+2gG4XmxZm8
5kN681Tn8VBrHXnsAJXhr05cZcibtjyMX7CvTPPMmt1QXhJpGMvyYy0kS5ZOVYi3
S83fa70ioD0yqA==
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:23:09 2025 by rpki-client