Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
File:                     h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft (raw, json)
Hash identifier:          pCz/1jEKbyEEM8dHjQ7ln8GkCzYw2GhMPTRIfEa4Kb4=
Subject key identifier:   A1:05:C8:53:2E:4F:DB:5D:C3:D2:42:C5:ED:7E:2D:2F:1F:EF:18:F3
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Certificate issuer:       /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial:       019873740347446E43014B6BFA8B4C5C8811
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
Manifest number:          1619
Signing time:             Mon 04 Aug 2025 05:00:39 +0000
Manifest this update:     Mon 04 Aug 2025 05:00:39 +0000
Manifest next update:     Tue 05 Aug 2025 05:00:39 +0000
Files and hashes:         1: Dk5BhXJ_gIsgQ0utb4gvZ39LMIc.roa (hash: 9IdU4NLUHr5S9QPXNXQfwW6+YPaEhUYFtSNkpxSH/2Q=)
                          2: h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl (hash: ydpgIoH6DIEap1CLeCbW+7vqAZOhjuLiuQy0pvNPgMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:74:03:47:44:6e:43:01:4b:6b:fa:8b:4c:5c:88:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
        Validity
            Not Before: Aug  4 05:00:39 2025 GMT
            Not After : Aug  5 05:00:39 2025 GMT
        Subject: CN=a105c8532e4fdb5dc3d242c5ed7e2d2f1fef18f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:d4:14:bd:3d:09:29:97:e9:44:7b:62:c0:04:
                    8d:9b:7e:59:f0:01:7b:35:e0:06:d8:ef:35:f5:63:
                    1a:24:b7:28:a4:72:5b:fd:07:af:a0:56:11:ce:1e:
                    c2:4c:61:0c:90:1f:26:f2:d3:66:72:a7:cf:26:c8:
                    00:49:47:63:ab:db:0e:c1:fa:31:48:a4:20:64:54:
                    4f:16:3a:6e:c5:9e:b4:aa:d0:e7:9a:79:10:bb:8f:
                    bd:85:cc:09:bb:50:65:bd:40:8e:04:59:31:50:8d:
                    e5:94:7f:33:10:51:88:e4:f5:e4:44:5d:e6:60:44:
                    ca:78:0c:0d:e7:fb:c1:c1:84:11:38:46:50:5c:98:
                    c3:84:3f:81:af:f8:3c:40:28:c1:da:d4:c8:d3:ae:
                    c1:2e:90:6b:e5:fc:94:86:54:66:7e:58:74:75:a6:
                    26:61:d3:34:4f:2b:74:eb:26:8c:d7:cb:98:4b:1d:
                    38:c3:44:41:de:73:69:c7:41:99:f0:fd:99:11:91:
                    29:70:8f:14:ae:bc:60:4b:6e:f3:95:6e:9d:15:7f:
                    bf:e6:82:5e:72:43:37:38:a4:a0:03:a6:88:e5:06:
                    88:a3:47:d0:3d:f7:a6:4b:28:c1:58:bc:37:02:a9:
                    9d:5a:56:ba:f6:a4:2f:41:86:82:b3:db:e7:cb:dd:
                    9e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:05:C8:53:2E:4F:DB:5D:C3:D2:42:C5:ED:7E:2D:2F:1F:EF:18:F3
            X509v3 Authority Key Identifier:
                keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:a1:02:fe:19:cf:6f:c4:e2:4e:07:14:72:e1:8c:27:3f:bb:
         e3:35:85:e6:b4:09:61:2c:21:00:d8:72:b8:0a:9e:5c:d5:5a:
         44:02:be:61:5e:36:0d:d3:5d:ec:65:b2:ab:ad:01:6a:64:cc:
         e6:8d:e8:21:2b:02:39:9a:b8:f4:41:50:36:9c:43:2e:a7:b0:
         8c:ea:03:0f:73:43:08:64:32:b0:a4:48:02:01:1d:46:7c:e9:
         d0:d6:ea:bb:33:e9:e2:c7:4f:18:39:10:c1:44:a4:4a:4a:e4:
         96:59:66:51:a4:17:54:68:d3:2d:ff:a3:1b:b7:79:c6:3e:16:
         33:3d:cf:a2:bd:b6:8e:b2:95:1a:36:d8:b5:88:ef:fd:7d:06:
         84:51:9e:e7:ad:b8:71:80:9c:a2:b9:1d:43:53:69:96:05:a0:
         80:e1:c0:5a:f0:fe:a4:3c:a2:54:76:0a:23:5d:6b:de:99:fe:
         bf:75:02:eb:69:8e:e1:20:55:71:c3:ad:9d:39:99:0b:fa:43:
         ee:0a:86:ee:24:48:ab:b0:1e:fe:4c:93:75:9a:49:d7:04:7f:
         e6:ec:82:81:2e:75:29:19:6d:d3:f9:99:dc:2c:57:dc:5c:10:
         02:e9:91:47:35:e4:91:26:53:96:09:1a:91:8d:fa:89:bc:24:
         19:d6:eb:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdANHRG5DAUtr+otMXIgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjUwODA0MDUwMDM5WhcNMjUwODA1MDUwMDM5WjAzMTEwLwYDVQQD
EyhhMTA1Yzg1MzJlNGZkYjVkYzNkMjQyYzVlZDdlMmQyZjFmZWYxOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+tQUvT0JKZfpRHtiwASNm35Z8AF7
NeAG2O819WMaJLcopHJb/QevoFYRzh7CTGEMkB8m8tNmcqfPJsgASUdjq9sOwfox
SKQgZFRPFjpuxZ60qtDnmnkQu4+9hcwJu1BlvUCOBFkxUI3llH8zEFGI5PXkRF3m
YETKeAwN5/vBwYQROEZQXJjDhD+Br/g8QCjB2tTI067BLpBr5fyUhlRmflh0daYm
YdM0Tyt06yaM18uYSx04w0RB3nNpx0GZ8P2ZEZEpcI8UrrxgS27zlW6dFX+/5oJe
ckM3OKSgA6aI5QaIo0fQPfemSyjBWLw3AqmdWla69qQvQYaCs9vny92e4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEFyFMuT9tdw9JCxe1+LS8f7xjzMB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdKEC/hnP
b8TiTgcUcuGMJz+74zWF5rQJYSwhANhyuAqeXNVaRAK+YV42DdNd7GWyq60BamTM
5o3oISsCOZq49EFQNpxDLqewjOoDD3NDCGQysKRIAgEdRnzp0NbquzPp4sdPGDkQ
wUSkSkrklllmUaQXVGjTLf+jG7d5xj4WMz3Por22jrKVGjbYtYjv/X0GhFGe5624
cYCcorkdQ1NplgWggOHAWvD+pDyiVHYKI11r3pn+v3UC62mO4SBVccOtnTmZC/pD
7gqG7iRIq7Ae/kyTdZpJ1wR/5uyCgS51KRlt0/mZ3CxX3FwQAumRRzXkkSZTlgka
kY36ibwkGdbr/g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:05 2025 by rpki-client