Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
File:                     o52_aHirAKRS-LB_iQ06s0g3Yns.mft (raw, json)
Hash identifier:          +Gp5iFpTrzNvynV5dIhJyxjlhFoVKKDjmqsNcEvII10=
Subject key identifier:   A3:AB:39:C1:CC:1C:1D:33:D1:AB:6C:24:33:07:50:59:3F:3B:DB:B4
Authority key identifier: A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B
Certificate issuer:       /CN=a39dbf6878ab00a452f8b07f890d3ab34837627b
Certificate serial:       019873E324486D66533D0B6C19196FF59AB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
Manifest number:          04DA
Signing time:             Mon 04 Aug 2025 07:02:02 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:02 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:02 +0000
Files and hashes:         1: ExGaGMHRMHV6Wwq7HUUBGaTmIOs.roa (hash: GrRPycpKBiqBeJAl7ze1jROyMQik0DJu7nFgEpAVFB8=)
                          2: o52_aHirAKRS-LB_iQ06s0g3Yns.crl (hash: ncWL9RqZAABufMlRATgHu8t4WLF55LRvVYs8eMkVYB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:24:48:6d:66:53:3d:0b:6c:19:19:6f:f5:9a:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a39dbf6878ab00a452f8b07f890d3ab34837627b
        Validity
            Not Before: Aug  4 07:02:02 2025 GMT
            Not After : Aug  5 07:02:02 2025 GMT
        Subject: CN=a3ab39c1cc1c1d33d1ab6c24330750593f3bdbb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:34:0b:6d:ae:be:9f:cd:83:46:73:f9:bf:c0:
                    85:bf:8c:71:bf:93:7c:6d:41:12:42:f6:aa:0c:e9:
                    cd:0f:98:26:63:4c:2d:f9:f9:e5:81:23:38:a0:50:
                    ff:ac:14:50:ca:40:c9:d7:e0:5b:21:14:db:91:89:
                    c3:a1:89:31:74:fc:cb:79:cc:65:fd:f2:4a:8c:fe:
                    11:8f:31:32:68:e3:48:a8:db:f1:65:64:0a:33:1d:
                    e0:32:12:36:3d:56:6a:97:34:bd:87:87:ed:12:bf:
                    a0:25:d4:68:d8:13:2d:57:e3:70:0c:94:03:f7:4d:
                    5a:b1:aa:3f:95:e6:e5:29:f6:97:d2:16:eb:0d:ec:
                    e4:e3:2e:13:dd:c5:2f:4d:07:72:95:84:ce:2e:af:
                    7a:af:39:ce:62:48:34:11:23:9b:4c:d7:dd:dd:eb:
                    bd:f3:17:8a:1d:73:ed:0b:72:f6:1e:2d:aa:d3:dd:
                    2f:79:92:c6:d1:90:25:87:7d:6a:e8:95:95:05:14:
                    0c:d3:7e:2f:0d:30:51:ef:88:83:13:4b:d2:42:61:
                    57:90:65:1c:4d:9c:4d:b9:35:c2:5d:df:57:7c:62:
                    59:b6:0b:0b:6e:5b:c2:6b:7a:1b:8e:83:ff:c9:a6:
                    c3:dd:ff:5c:79:9d:7a:cb:a3:3a:97:25:94:a8:d9:
                    6a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:AB:39:C1:CC:1C:1D:33:D1:AB:6C:24:33:07:50:59:3F:3B:DB:B4
            X509v3 Authority Key Identifier:
                keyid:A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:df:ca:90:f2:c7:09:8f:94:8e:66:42:32:f8:19:e9:e6:3e:
         e4:45:b8:83:3d:96:fe:23:8f:03:71:40:9d:e0:1e:62:71:a4:
         de:95:79:82:7d:52:2c:f6:2c:62:41:4b:55:ec:9b:12:77:69:
         99:d9:b3:27:7c:de:c8:24:7a:bd:1f:5c:88:cc:83:87:5c:8b:
         c5:29:d9:16:00:1d:04:16:75:74:ce:ce:95:01:82:77:56:6e:
         eb:6b:bb:82:bf:e7:19:0d:fb:43:5e:2f:7d:5b:68:8e:0d:62:
         d2:38:36:54:d6:13:b1:88:b7:26:e9:e8:1b:c0:dd:0d:8b:ef:
         5d:23:ae:86:42:26:78:ed:44:c5:66:e0:ab:3e:8f:61:e9:9d:
         ba:e1:03:1e:d1:d0:f8:f7:ab:23:c1:10:e2:31:c1:1d:2d:5c:
         ef:2f:2f:b7:ff:a6:45:54:fa:09:e3:42:a5:99:58:5b:fe:d8:
         00:f3:41:69:7d:13:55:45:da:cb:1e:0f:7a:e7:3b:31:bb:76:
         60:9c:a8:56:e1:de:ec:57:3a:0d:10:97:87:9d:89:4e:0d:f1:
         b0:6d:9c:d7:77:de:e9:97:18:a1:3a:51:67:aa:6c:84:e6:55:
         d7:f8:d9:d7:11:1c:85:0b:09:b4:5c:10:7b:5e:97:b7:73:80:
         fe:34:36:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4yRIbWZTPQtsGRlv9Zq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWRiZjY4NzhhYjAwYTQ1MmY4YjA3Zjg5MGQzYWIzNDgz
NzYyN2IwHhcNMjUwODA0MDcwMjAyWhcNMjUwODA1MDcwMjAyWjAzMTEwLwYDVQQD
EyhhM2FiMzljMWNjMWMxZDMzZDFhYjZjMjQzMzA3NTA1OTNmM2JkYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjQLba6+n82DRnP5v8CFv4xxv5N8
bUESQvaqDOnND5gmY0wt+fnlgSM4oFD/rBRQykDJ1+BbIRTbkYnDoYkxdPzLecxl
/fJKjP4RjzEyaONIqNvxZWQKMx3gMhI2PVZqlzS9h4ftEr+gJdRo2BMtV+NwDJQD
901asao/leblKfaX0hbrDezk4y4T3cUvTQdylYTOLq96rznOYkg0ESObTNfd3eu9
8xeKHXPtC3L2Hi2q090veZLG0ZAlh31q6JWVBRQM034vDTBR74iDE0vSQmFXkGUc
TZxNuTXCXd9XfGJZtgsLblvCa3objoP/yabD3f9ceZ16y6M6lyWUqNlq8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOrOcHMHB0z0atsJDMHUFk/O9u0MB8GA1UdIwQY
MBaAFKOdv2h4qwCkUviwf4kNOrNIN2J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAt
YWQ0NDIzNzY1ODkyLzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAtYWQ0NDIzNzY1ODky
LzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALt/KkPLH
CY+UjmZCMvgZ6eY+5EW4gz2W/iOPA3FAneAeYnGk3pV5gn1SLPYsYkFLVeybEndp
mdmzJ3zeyCR6vR9ciMyDh1yLxSnZFgAdBBZ1dM7OlQGCd1Zu62u7gr/nGQ37Q14v
fVtojg1i0jg2VNYTsYi3JunoG8DdDYvvXSOuhkImeO1ExWbgqz6PYemduuEDHtHQ
+PerI8EQ4jHBHS1c7y8vt/+mRVT6CeNCpZlYW/7YAPNBaX0TVUXayx4Peuc7Mbt2
YJyoVuHe7Fc6DRCXh52JTg3xsG2c13fe6ZcYoTpRZ6pshOZV1/jZ1xEchQsJtFwQ
e16Xt3OA/jQ2kA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:11:36 2025 by rpki-client