Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft
File:                     gSBe85sNP11y-h2XHUGR4Lomhr8.mft (raw, json)
Hash identifier:          vTErm7eRJrKRrcdVNAfBYeIMKKna8kOC1rAhXQiQhJ0=
Subject key identifier:   F7:B0:16:66:A6:D8:12:13:9A:1F:E8:1F:8D:A8:72:6A:E3:90:96:F9
Authority key identifier: 81:20:5E:F3:9B:0D:3F:5D:72:FA:1D:97:1D:41:91:E0:BA:26:86:BF
Certificate issuer:       /CN=81205ef39b0d3f5d72fa1d971d4191e0ba2686bf
Certificate serial:       019879E424B43480A06BDBCCB4465E386D30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gSBe85sNP11y-h2XHUGR4Lomhr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft
Manifest number:          0D00
Signing time:             Tue 05 Aug 2025 11:00:51 +0000
Manifest this update:     Tue 05 Aug 2025 11:00:51 +0000
Manifest next update:     Wed 06 Aug 2025 11:00:51 +0000
Files and hashes:         1: gSBe85sNP11y-h2XHUGR4Lomhr8.crl (hash: eod1pyH5RkFTA21StpniSEzLBvpJuh5oKeESqfGJPoU=)
                          2: tejhqyIYcfJnZD52AowM2BpZATQ.roa (hash: oI2/9MVukstCSiurn/ztv7Ci6tJsVocDaOvri7bb8FY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gSBe85sNP11y-h2XHUGR4Lomhr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 11:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:79:e4:24:b4:34:80:a0:6b:db:cc:b4:46:5e:38:6d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81205ef39b0d3f5d72fa1d971d4191e0ba2686bf
        Validity
            Not Before: Aug  5 11:00:51 2025 GMT
            Not After : Aug  6 11:00:51 2025 GMT
        Subject: CN=f7b01666a6d812139a1fe81f8da8726ae39096f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c7:78:07:5d:e3:34:10:07:7d:ec:c8:3e:d4:
                    a2:c1:4b:24:01:4a:3d:e8:da:4b:57:a6:0d:54:f0:
                    a9:8c:3f:23:0b:ba:85:a4:ee:46:12:bc:b5:7b:1c:
                    77:1d:7e:00:1f:ac:c5:4f:0a:af:f6:ed:7f:62:0e:
                    88:ea:d2:5a:c1:40:5c:57:2b:81:b3:27:dd:9a:5c:
                    03:40:b7:70:7d:58:50:30:1f:c3:66:e0:5c:02:20:
                    e0:ed:0e:5a:02:90:a9:ec:6e:50:78:ee:37:82:a3:
                    b7:e3:3c:53:70:3a:d5:a2:db:92:35:98:c9:50:6f:
                    5c:67:55:5a:20:d1:f2:16:1a:8b:fa:9b:b7:42:ca:
                    2f:89:2b:b6:0e:eb:7c:1d:80:47:ef:61:eb:4b:2e:
                    b1:b7:aa:5f:57:fd:ec:08:65:35:c8:d9:3a:1a:fc:
                    07:e0:1a:51:88:8b:67:5e:64:31:30:10:7b:ac:11:
                    4c:26:84:3f:f4:0c:b9:ae:5c:08:6b:2d:15:d8:8f:
                    ff:6d:c5:65:73:7a:73:5d:c7:a4:0a:bd:16:44:d9:
                    fd:2f:0d:a8:f5:4d:42:4c:ab:b6:35:8f:e6:1a:03:
                    ee:01:72:f9:17:e9:34:3f:47:b1:cd:32:bc:8a:29:
                    b9:f7:67:71:d6:e6:0a:61:8b:c9:5f:a0:3f:4f:06:
                    bd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:B0:16:66:A6:D8:12:13:9A:1F:E8:1F:8D:A8:72:6A:E3:90:96:F9
            X509v3 Authority Key Identifier:
                keyid:81:20:5E:F3:9B:0D:3F:5D:72:FA:1D:97:1D:41:91:E0:BA:26:86:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gSBe85sNP11y-h2XHUGR4Lomhr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:12:50:50:84:93:70:fc:f7:87:29:a6:f7:5f:6c:41:d7:44:
         23:f4:ea:57:ae:ce:15:b9:f3:f9:c2:da:1b:2a:26:42:74:0c:
         f5:f1:8d:7f:ad:cb:11:d2:80:37:64:1c:64:89:de:e4:49:a6:
         28:35:4a:aa:cd:21:34:a2:c3:fd:a3:09:08:4a:4a:30:36:dc:
         be:42:96:70:9e:46:0d:f3:2a:0c:6a:db:85:a1:e7:33:64:1b:
         0e:3c:9c:a1:e0:7d:fb:27:c5:53:56:d9:6e:7f:d9:1c:de:34:
         2f:3d:f8:eb:5c:da:a9:b0:2a:77:63:13:20:b8:5b:c0:e2:19:
         8b:e6:4b:24:dd:42:52:a5:95:33:33:c3:0a:b6:64:13:42:a1:
         2d:c2:80:b2:94:64:f5:10:32:eb:c8:57:8b:bc:e5:58:97:10:
         2c:ec:06:a6:4f:44:1c:d9:66:2c:c5:9a:54:bc:fa:15:0b:ed:
         46:ce:64:3d:c1:22:7f:a8:5b:b4:c7:d6:9b:e7:c3:bc:ad:ab:
         a6:08:1a:b0:df:83:da:c5:26:87:ab:f0:df:12:7b:91:e4:bc:
         56:d1:77:c0:89:4f:b7:7b:6f:a8:39:0a:09:45:ef:43:ea:a8:
         ca:02:76:b2:62:25:80:3c:1f:28:82:fd:8d:a5:b5:da:e4:17:
         a7:f3:38:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh55CS0NICga9vMtEZeOG0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMjA1ZWYzOWIwZDNmNWQ3MmZhMWQ5NzFkNDE5MWUwYmEy
Njg2YmYwHhcNMjUwODA1MTEwMDUxWhcNMjUwODA2MTEwMDUxWjAzMTEwLwYDVQQD
EyhmN2IwMTY2NmE2ZDgxMjEzOWExZmU4MWY4ZGE4NzI2YWUzOTA5NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cd4B13jNBAHfezIPtSiwUskAUo9
6NpLV6YNVPCpjD8jC7qFpO5GEry1exx3HX4AH6zFTwqv9u1/Yg6I6tJawUBcVyuB
syfdmlwDQLdwfVhQMB/DZuBcAiDg7Q5aApCp7G5QeO43gqO34zxTcDrVotuSNZjJ
UG9cZ1VaINHyFhqL+pu3QsoviSu2Dut8HYBH72HrSy6xt6pfV/3sCGU1yNk6GvwH
4BpRiItnXmQxMBB7rBFMJoQ/9Ay5rlwIay0V2I//bcVlc3pzXcekCr0WRNn9Lw2o
9U1CTKu2NY/mGgPuAXL5F+k0P0exzTK8iim592dx1uYKYYvJX6A/Twa9hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPewFmam2BITmh/oH42ocmrjkJb5MB8GA1UdIwQY
MBaAFIEgXvObDT9dcvodlx1BkeC6Joa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1NCZTg1c05QMTF5LWgyWEhVR1I0TG9taHI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iNTY4ODEtZTkxOS00NDVhLTk5MjMt
ODlhOTAyMzI2MWYxLzEvZ1NCZTg1c05QMTF5LWgyWEhVR1I0TG9taHI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iNTY4ODEtZTkxOS00NDVhLTk5MjMtODlhOTAyMzI2MWYx
LzEvZ1NCZTg1c05QMTF5LWgyWEhVR1I0TG9taHI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRJQUIST
cPz3hymm919sQddEI/TqV67OFbnz+cLaGyomQnQM9fGNf63LEdKAN2QcZIne5Emm
KDVKqs0hNKLD/aMJCEpKMDbcvkKWcJ5GDfMqDGrbhaHnM2QbDjycoeB9+yfFU1bZ
bn/ZHN40Lz3461zaqbAqd2MTILhbwOIZi+ZLJN1CUqWVMzPDCrZkE0KhLcKAspRk
9RAy68hXi7zlWJcQLOwGpk9EHNlmLMWaVLz6FQvtRs5kPcEif6hbtMfWm+fDvK2r
pggasN+D2sUmh6vw3xJ7keS8VtF3wIlPt3tvqDkKCUXvQ+qoygJ2smIlgDwfKIL9
jaW12uQXp/M4uQ==
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:21:00 2025 by rpki-client