Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.mft
File:                     stf5mYOKoWO_NE_GmRe7YNEv38M.mft (raw, json)
Hash identifier:          37GzHE+nzy8UGNqWgl5E1RSVOj2nu7/cvyZiZq+zwUE=
Subject key identifier:   66:D2:AE:65:2B:3A:B2:25:74:A8:18:1C:38:A8:56:55:10:3A:A3:1F
Authority key identifier: B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3
Certificate issuer:       /CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
Certificate serial:       01987DC0FC3D576926B776C6DF07E627D63B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.mft
Manifest number:          110B
Signing time:             Wed 06 Aug 2025 05:00:56 +0000
Manifest this update:     Wed 06 Aug 2025 05:00:56 +0000
Manifest next update:     Thu 07 Aug 2025 05:00:56 +0000
Files and hashes:         1: i-DPtzOhX1UrAwvJvp6e_VFBpfU.roa (hash: b0DJ4Ik9RBvNDvd/V/+wWQQR6BcIK0SHDpRuzhlzJ6o=)
                          2: stf5mYOKoWO_NE_GmRe7YNEv38M.crl (hash: TmYDbMHChbpLVL9OeBYgTAwRcFRr9Zn0DgDccHkn5gw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:c0:fc:3d:57:69:26:b7:76:c6:df:07:e6:27:d6:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
        Validity
            Not Before: Aug  6 05:00:56 2025 GMT
            Not After : Aug  7 05:00:56 2025 GMT
        Subject: CN=66d2ae652b3ab22574a8181c38a85655103aa31f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:58:ec:d9:9c:38:28:d3:b8:76:1e:4b:3b:42:
                    47:b1:7c:ec:82:ff:02:a8:51:66:af:09:6f:dc:20:
                    eb:10:dd:24:fe:54:0b:8a:d9:99:f1:5f:57:4c:05:
                    b7:6e:7b:1f:e5:3c:16:42:a3:e2:1e:8f:36:a6:4c:
                    a3:91:a0:f8:f3:5f:ab:f3:94:fd:2d:19:54:44:21:
                    46:8f:4c:cd:0f:0a:40:78:be:8a:66:b5:27:70:70:
                    54:66:38:e6:57:68:67:e7:a3:0b:14:98:3e:5e:31:
                    a7:ed:8f:19:52:b6:8e:7d:7b:e9:e4:7e:72:ed:ce:
                    91:dd:10:4c:bb:d6:5d:63:9b:f4:a3:96:54:f9:00:
                    76:22:c7:6d:5c:fa:3f:10:ae:9b:42:73:77:85:8c:
                    86:7a:e3:48:ee:b5:ae:59:af:8f:1c:a5:50:c4:0e:
                    8a:0e:c6:55:a6:7d:8d:de:6b:71:82:c4:59:a9:ed:
                    55:65:21:d0:5b:45:db:21:87:d0:50:9e:6a:3d:22:
                    cc:45:ce:83:c8:63:fa:5f:55:e9:c2:18:ea:85:00:
                    9d:9b:17:21:bc:78:96:a2:c2:49:81:67:c6:42:60:
                    ba:54:e1:20:52:67:b0:ae:e8:c3:4c:1f:89:02:1c:
                    dc:9b:22:f9:ee:1b:c0:87:9e:49:a6:de:35:fb:63:
                    a1:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D2:AE:65:2B:3A:B2:25:74:A8:18:1C:38:A8:56:55:10:3A:A3:1F
            X509v3 Authority Key Identifier:
                keyid:B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:c4:f4:25:7c:2c:ef:f4:95:41:d2:fc:04:f8:48:38:c6:6b:
         f8:a3:a6:5e:c6:42:6f:eb:ab:bb:71:56:3d:d8:1b:8a:b1:04:
         08:13:0a:2c:48:8c:4e:84:c8:90:35:c1:af:69:68:63:87:34:
         62:14:4c:dd:73:53:10:91:d8:9c:4e:68:84:b5:0d:44:02:a1:
         27:9c:a1:4e:0f:ce:3f:7a:50:d3:a3:74:d6:90:62:5d:61:6f:
         a3:d6:c4:1b:2c:11:d7:b6:d5:e8:26:ac:12:6d:cc:e9:9c:fd:
         2d:c5:d4:03:67:81:dd:7c:6d:3a:b6:f4:a2:fb:cc:ea:f2:10:
         78:d1:ab:55:fe:e3:9b:fd:11:f2:32:74:6f:93:6a:b5:46:4b:
         31:c1:a9:fc:37:47:9a:71:df:2f:04:f2:22:61:83:27:3b:7d:
         a1:61:7d:07:76:b2:d7:3b:a1:5d:07:a6:79:9b:e6:d6:39:ad:
         11:33:6d:7b:5d:ce:d2:b4:82:b6:72:d0:d6:21:d5:54:2f:d4:
         f4:38:05:55:d5:27:5f:ac:36:50:b7:2c:d8:ce:b4:c2:89:ce:
         2d:95:4e:44:87:6c:66:85:40:bb:b6:2a:d3:87:13:c8:d0:5c:
         1d:af:dd:13:24:da:b6:1f:a9:15:05:ba:34:29:10:43:64:bd:
         d6:59:52:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9wPw9V2kmt3bG3wfmJ9Y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDdmOTk5ODM4YWExNjNiZjM0NGZjNjk5MTdiYjYwZDEy
ZmRmYzMwHhcNMjUwODA2MDUwMDU2WhcNMjUwODA3MDUwMDU2WjAzMTEwLwYDVQQD
Eyg2NmQyYWU2NTJiM2FiMjI1NzRhODE4MWMzOGE4NTY1NTEwM2FhMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11js2Zw4KNO4dh5LO0JHsXzsgv8C
qFFmrwlv3CDrEN0k/lQLitmZ8V9XTAW3bnsf5TwWQqPiHo82pkyjkaD481+r85T9
LRlURCFGj0zNDwpAeL6KZrUncHBUZjjmV2hn56MLFJg+XjGn7Y8ZUraOfXvp5H5y
7c6R3RBMu9ZdY5v0o5ZU+QB2IsdtXPo/EK6bQnN3hYyGeuNI7rWuWa+PHKVQxA6K
DsZVpn2N3mtxgsRZqe1VZSHQW0XbIYfQUJ5qPSLMRc6DyGP6X1XpwhjqhQCdmxch
vHiWosJJgWfGQmC6VOEgUmewrujDTB+JAhzcmyL57hvAh55Jpt41+2OhfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbSrmUrOrIldKgYHDioVlUQOqMfMB8GA1UdIwQY
MBaAFLLX+ZmDiqFjvzRPxpkXu2DRL9/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82OThlZmItYzZiNC00ZDJjLTkzNjgt
N2NlYzJkNTM0NWI0LzEvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82OThlZmItYzZiNC00ZDJjLTkzNjgtN2NlYzJkNTM0NWI0
LzEvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsT0JXws
7/SVQdL8BPhIOMZr+KOmXsZCb+uru3FWPdgbirEECBMKLEiMToTIkDXBr2loY4c0
YhRM3XNTEJHYnE5ohLUNRAKhJ5yhTg/OP3pQ06N01pBiXWFvo9bEGywR17bV6Cas
Em3M6Zz9LcXUA2eB3XxtOrb0ovvM6vIQeNGrVf7jm/0R8jJ0b5NqtUZLMcGp/DdH
mnHfLwTyImGDJzt9oWF9B3ay1zuhXQemeZvm1jmtETNte13O0rSCtnLQ1iHVVC/U
9DgFVdUnX6w2ULcs2M60wonOLZVORIdsZoVAu7Yq04cTyNBcHa/dEyTath+pFQW6
NCkQQ2S91llSwA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:11:27 2025 by rpki-client