Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft
File:                     sO8ZvLI6LwTFhqwTEakbx8oql2U.mft (raw, json)
Hash identifier:          UJ3yWSaOc5v+EVtM8veQ8ovGemOsPiXUy4EOzSvyxIw=
Subject key identifier:   3C:1E:3D:F9:4B:B0:A7:44:A8:1E:38:1E:73:22:5E:DD:06:E3:DF:AB
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Certificate issuer:       /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial:       019A52D14D391A683F51ADDFFDEABE7B94F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft
Manifest number:          0AFE
Signing time:             Wed 05 Nov 2025 07:00:39 +0000
Manifest this update:     Wed 05 Nov 2025 07:00:39 +0000
Manifest next update:     Thu 06 Nov 2025 07:00:39 +0000
Files and hashes:         1: E6bot_tKJqCzADpBxFeKtsutgCs.roa (hash: IzVVajCV/IB0bxI8d5Bqo7CZjFjDagAuPrwaJPvu9o8=)
                          2: sO8ZvLI6LwTFhqwTEakbx8oql2U.crl (hash: HtqkGDuLtgtwGvwKBKdzgEg1Ur/fYT+LjEVq8Zrp9Qk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:4d:39:1a:68:3f:51:ad:df:fd:ea:be:7b:94:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
        Validity
            Not Before: Nov  5 07:00:39 2025 GMT
            Not After : Nov  6 07:00:39 2025 GMT
        Subject: CN=3c1e3df94bb0a744a81e381e73225edd06e3dfab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f2:75:73:d3:65:b0:85:26:d6:86:86:4a:67:
                    0c:28:ed:df:94:1b:ca:89:f6:57:0b:f1:cb:56:07:
                    e8:a1:47:26:7b:fe:b3:86:6c:f3:2f:18:4e:7f:be:
                    4c:15:30:1e:70:a5:45:6b:d3:41:a4:ca:8e:c8:cd:
                    62:8e:89:9b:cc:c9:89:cf:0a:18:0f:ea:f9:5c:21:
                    44:b9:6f:b1:a1:ad:fa:06:28:6e:32:62:5e:c9:70:
                    13:0d:7b:f4:b8:33:9b:a2:7c:fe:30:3a:d0:1e:4b:
                    6c:e9:c5:11:0d:3f:b3:71:62:ab:89:2e:3b:ca:4f:
                    9b:02:87:80:7a:f3:28:72:d6:c6:45:02:cc:80:95:
                    c9:8d:2a:fa:52:23:5d:f6:db:a9:3f:10:73:13:c3:
                    43:8f:ac:f3:70:69:bf:4a:14:00:cc:4b:4a:c3:5e:
                    c5:ae:48:e5:22:1e:bf:60:fb:1a:f9:ab:0a:91:32:
                    5e:a1:ac:48:fd:f6:2d:ef:80:6b:b8:e3:d1:60:5f:
                    34:e6:82:e9:13:41:eb:7e:d0:79:4b:6a:c9:97:80:
                    1d:05:f7:f7:c9:78:45:b6:5f:aa:b7:91:26:1b:26:
                    81:56:fb:d2:52:b5:e4:ce:7e:bf:e8:e1:63:d0:41:
                    45:e5:d9:06:52:69:ae:c1:dc:4c:3f:43:a2:a7:f1:
                    7a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:1E:3D:F9:4B:B0:A7:44:A8:1E:38:1E:73:22:5E:DD:06:E3:DF:AB
            X509v3 Authority Key Identifier:
                keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:ed:f7:8c:58:29:2d:28:08:f6:ac:cb:a3:26:7d:dc:d4:09:
         96:d3:2d:f0:fb:c6:34:88:e9:8a:49:12:76:14:fb:2d:eb:8c:
         0e:2a:41:0d:e1:c2:28:26:f8:82:a3:19:99:81:ae:59:67:ee:
         1d:75:25:dc:ea:46:bf:27:54:ec:96:e4:90:01:e0:21:b3:67:
         af:ea:7f:89:7c:b1:bd:0f:e4:67:5a:ac:21:26:e5:08:3c:15:
         c0:f0:90:9d:7d:9d:85:c9:89:e2:b0:c1:0a:16:61:ef:21:14:
         4d:21:26:11:0e:33:1d:a9:14:27:ad:98:e9:45:30:5b:5f:d0:
         6b:f5:8d:ae:ab:a0:59:77:12:6c:9d:69:9a:8c:c3:79:c5:a9:
         63:be:2f:77:4b:d6:57:f2:76:f7:29:91:39:ef:c6:eb:f6:c3:
         df:bc:62:39:93:2a:d0:d9:2f:34:05:ac:39:92:4a:7d:aa:33:
         68:b4:88:18:24:af:16:34:c0:65:79:01:59:c3:2b:76:50:d3:
         3b:6a:5f:dd:2e:cd:6c:12:92:b3:10:a5:d5:b8:96:7d:0e:94:
         28:9b:ff:e7:3f:76:86:db:d3:be:17:42:63:18:c8:ac:1b:30:
         82:e8:f4:54:87:87:2b:cd:24:cd:20:46:e0:f2:90:2d:ca:83:
         72:8e:ff:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0U05Gmg/Ua3f/eq+e5TxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjUxMTA1MDcwMDM5WhcNMjUxMTA2MDcwMDM5WjAzMTEwLwYDVQQD
EygzYzFlM2RmOTRiYjBhNzQ0YTgxZTM4MWU3MzIyNWVkZDA2ZTNkZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/J1c9NlsIUm1oaGSmcMKO3flBvK
ifZXC/HLVgfooUcme/6zhmzzLxhOf75MFTAecKVFa9NBpMqOyM1ijombzMmJzwoY
D+r5XCFEuW+xoa36BihuMmJeyXATDXv0uDObonz+MDrQHkts6cURDT+zcWKriS47
yk+bAoeAevMoctbGRQLMgJXJjSr6UiNd9tupPxBzE8NDj6zzcGm/ShQAzEtKw17F
rkjlIh6/YPsa+asKkTJeoaxI/fYt74BruOPRYF805oLpE0HrftB5S2rJl4AdBff3
yXhFtl+qt5EmGyaBVvvSUrXkzn6/6OFj0EFF5dkGUmmuwdxMP0Oip/F6EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwePflLsKdEqB44HnMiXt0G49+rMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALe33jFgp
LSgI9qzLoyZ93NQJltMt8PvGNIjpikkSdhT7LeuMDipBDeHCKCb4gqMZmYGuWWfu
HXUl3OpGvydU7JbkkAHgIbNnr+p/iXyxvQ/kZ1qsISblCDwVwPCQnX2dhcmJ4rDB
ChZh7yEUTSEmEQ4zHakUJ62Y6UUwW1/Qa/WNrqugWXcSbJ1pmozDecWpY74vd0vW
V/J29ymROe/G6/bD37xiOZMq0NkvNAWsOZJKfaozaLSIGCSvFjTAZXkBWcMrdlDT
O2pf3S7NbBKSsxCl1biWfQ6UKJv/5z92htvTvhdCYxjIrBswguj0VIeHK80kzSBG
4PKQLcqDco7/jA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:31:38 2025 by rpki-client