Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
File:                     xBK7PaZcqrUkhR74bOm6piB04e0.mft (raw, json)
Hash identifier:          uP5Ug8hvWzzmvvnEgFu6CKmkA6mWlHXG/boN8Awxvlw=
Subject key identifier:   60:D1:5C:A4:0C:49:0C:0F:B4:73:62:84:E4:21:A2:93:7A:5A:B3:62
Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
Certificate issuer:       /CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Certificate serial:       019874F4B5364643E851D305AF375D28E457
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
Manifest number:          1613
Signing time:             Mon 04 Aug 2025 12:00:50 +0000
Manifest this update:     Mon 04 Aug 2025 12:00:50 +0000
Manifest next update:     Tue 05 Aug 2025 12:00:50 +0000
Files and hashes:         1: kMIoPYj99g2K5sWXNcD0fsxHkHM.roa (hash: FopABAV6PSptIp6OTBNiTRgtYU723NWq9ChEZhzR3FM=)
                          2: xBK7PaZcqrUkhR74bOm6piB04e0.crl (hash: V95wBqRv6lHJMkKWD38rQL+aHmyw8OSewKxLjlYBLDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:f4:b5:36:46:43:e8:51:d3:05:af:37:5d:28:e4:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed
        Validity
            Not Before: Aug  4 12:00:50 2025 GMT
            Not After : Aug  5 12:00:50 2025 GMT
        Subject: CN=60d15ca40c490c0fb4736284e421a2937a5ab362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5a:ec:00:1d:99:1d:6a:89:d8:bf:a8:97:50:
                    b4:62:83:a3:c1:85:3a:82:cd:67:70:fe:fd:56:1f:
                    ca:2f:5a:3b:95:60:93:3e:41:bd:a2:2e:4d:be:fa:
                    3b:14:e2:5c:57:27:90:c6:6e:56:e9:8b:59:38:90:
                    7c:ee:31:04:d1:00:f5:1b:0a:31:e2:a5:c4:9e:2b:
                    34:84:31:97:fc:5e:00:b0:37:d0:51:39:bb:78:f3:
                    1a:be:e7:2b:1d:50:0a:61:3e:f9:60:ee:89:e6:de:
                    66:52:2e:cd:a7:ab:1f:0b:e3:18:ca:64:7b:6d:50:
                    1f:7d:b0:07:83:e3:20:09:68:6d:7a:35:e1:1e:a3:
                    cc:ba:c5:e8:d3:7d:6c:85:eb:49:b6:6f:19:d9:7c:
                    78:cd:6e:f4:4a:12:1d:6f:f7:15:bf:2c:4a:ac:e1:
                    21:0f:52:f9:0b:df:09:d4:48:29:25:07:da:f2:56:
                    be:ef:9b:90:e5:49:73:93:34:b5:0f:f3:b9:ed:2f:
                    e6:cf:0a:4c:8e:c8:69:55:26:02:f2:2c:8e:93:a5:
                    62:a2:8c:0e:a2:5d:a2:7e:98:e8:0d:42:f6:13:fa:
                    6d:37:95:f7:6e:13:7f:85:2a:09:11:92:de:57:bc:
                    51:79:b7:1c:9e:4e:1b:81:21:90:61:42:43:a6:c8:
                    6b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:D1:5C:A4:0C:49:0C:0F:B4:73:62:84:E4:21:A2:93:7A:5A:B3:62
            X509v3 Authority Key Identifier:
                keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:63:1c:71:76:ac:21:9b:6b:3b:12:1c:69:20:7c:24:1c:f2:
         96:ae:ce:59:76:77:e3:bb:b0:a0:ee:35:91:00:83:c5:0c:46:
         77:dd:44:1e:bc:20:7c:58:0d:eb:03:f1:a5:48:10:0e:36:b3:
         18:81:60:5a:1a:43:47:ee:89:8e:e1:2c:71:73:a4:b6:44:17:
         27:52:bb:29:26:02:8e:e9:8b:17:f0:a7:2c:8c:6c:52:07:ed:
         5f:7c:7f:18:ad:3e:0c:df:bd:f9:c9:07:fc:cd:1f:2e:d5:07:
         96:04:9f:0d:e6:51:0e:b0:3c:2c:d7:6d:9c:48:26:00:52:96:
         96:32:06:a4:3d:d2:2e:dc:73:50:6b:91:cf:63:25:97:d8:fe:
         9a:07:2e:b4:35:d6:4d:bd:28:96:bc:ad:3f:d8:c5:62:ba:ec:
         f9:8b:b3:36:34:76:40:ea:80:69:9c:fa:b4:55:7b:5b:36:f3:
         8f:22:24:98:ef:63:34:69:d7:b1:f5:53:e7:7c:c6:89:6a:b0:
         08:84:50:43:53:1e:ab:1c:13:47:83:86:27:37:3f:0b:32:33:
         a1:e7:3a:97:92:fe:6e:c2:ae:1b:4a:b5:3f:1b:06:7a:69:d1:
         db:fc:7b:9e:b7:b5:0a:bd:d8:35:ed:59:ec:03:b5:94:c1:06:
         7f:66:ca:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09LU2RkPoUdMFrzddKORXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3
NGUxZWQwHhcNMjUwODA0MTIwMDUwWhcNMjUwODA1MTIwMDUwWjAzMTEwLwYDVQQD
Eyg2MGQxNWNhNDBjNDkwYzBmYjQ3MzYyODRlNDIxYTI5MzdhNWFiMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlrsAB2ZHWqJ2L+ol1C0YoOjwYU6
gs1ncP79Vh/KL1o7lWCTPkG9oi5Nvvo7FOJcVyeQxm5W6YtZOJB87jEE0QD1Gwox
4qXEnis0hDGX/F4AsDfQUTm7ePMavucrHVAKYT75YO6J5t5mUi7Np6sfC+MYymR7
bVAffbAHg+MgCWhtejXhHqPMusXo031shetJtm8Z2Xx4zW70ShIdb/cVvyxKrOEh
D1L5C98J1EgpJQfa8la+75uQ5UlzkzS1D/O57S/mzwpMjshpVSYC8iyOk6VioowO
ol2ifpjoDUL2E/ptN5X3bhN/hSoJEZLeV7xRebccnk4bgSGQYUJDpshrmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDRXKQMSQwPtHNihOQhopN6WrNiMB8GA1UdIwQY
MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt
OWI5MzJlY2QyZWNjLzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgtOWI5MzJlY2QyZWNj
LzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWMccXas
IZtrOxIcaSB8JBzylq7OWXZ347uwoO41kQCDxQxGd91EHrwgfFgN6wPxpUgQDjaz
GIFgWhpDR+6JjuEscXOktkQXJ1K7KSYCjumLF/CnLIxsUgftX3x/GK0+DN+9+ckH
/M0fLtUHlgSfDeZRDrA8LNdtnEgmAFKWljIGpD3SLtxzUGuRz2Mll9j+mgcutDXW
Tb0olrytP9jFYrrs+YuzNjR2QOqAaZz6tFV7WzbzjyIkmO9jNGnXsfVT53zGiWqw
CIRQQ1MeqxwTR4OGJzc/CzIzoec6l5L+bsKuG0q1PxsGemnR2/x7nre1Cr3YNe1Z
7AO1lMEGf2bKDw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:14:33 2025 by rpki-client