Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
File:                     fexyg377vE6m3dS-lDYZFrTDYto.mft (raw, json)
Hash identifier:          zxjU99sBJAWHq1ozfcOW3hhLeD9D87TTPxdZY3ImsE8=
Subject key identifier:   3E:52:BF:6A:47:CB:09:64:40:57:50:9B:18:B5:A0:B8:1B:B8:B2:15
Authority key identifier: 7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
Certificate issuer:       /CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Certificate serial:       01988BEA1C11901D3F7784C7DC4AF68905B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
Manifest number:          0D0B
Signing time:             Fri 08 Aug 2025 23:00:32 +0000
Manifest this update:     Fri 08 Aug 2025 23:00:32 +0000
Manifest next update:     Sat 09 Aug 2025 23:00:32 +0000
Files and hashes:         1: U2BvE4zbzFJTHLJzSmZ1W9x-kCM.roa (hash: CneTmiRYnA+2gIbWw8P2gftXT9GSMXZurQf8UEQYJtM=)
                          2: fexyg377vE6m3dS-lDYZFrTDYto.crl (hash: ntoeKEAeoH3ETWnSN0EqcaYzhzemzYwv2stKzvQ6ArA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:1c:11:90:1d:3f:77:84:c7:dc:4a:f6:89:05:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
        Validity
            Not Before: Aug  8 23:00:32 2025 GMT
            Not After : Aug  9 23:00:32 2025 GMT
        Subject: CN=3e52bf6a47cb09644057509b18b5a0b81bb8b215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:24:6d:d8:47:6e:3a:33:0b:a7:84:00:eb:0a:
                    a5:aa:cc:1e:31:e7:c0:db:5d:9e:41:2d:a8:92:9d:
                    bb:0c:11:fe:c0:32:74:6a:fa:6e:ab:4f:8d:22:7d:
                    0f:6b:03:53:5f:0d:87:b1:d4:a8:ec:1c:73:d0:7a:
                    6e:c2:d5:71:38:7d:5c:9a:cb:3c:e9:8b:88:9f:c2:
                    39:d4:54:ad:8d:bc:97:6a:4e:ca:ce:02:47:24:5c:
                    92:82:fe:4a:66:4f:e6:cc:c6:ee:ec:b5:ce:85:a3:
                    d4:f1:89:c2:bd:61:dc:3c:d3:85:95:24:c9:01:fb:
                    85:7e:b0:72:38:2c:c9:1a:da:83:19:c1:0c:4a:be:
                    12:9b:ff:92:22:82:b4:de:41:0e:79:cd:ab:2c:76:
                    a0:06:1d:ac:1d:40:77:0a:d0:b2:f3:c5:ed:e2:78:
                    11:6b:10:8e:95:a1:a8:29:02:57:d0:5d:a6:30:be:
                    b1:ad:c3:10:65:52:5d:ac:33:e9:05:28:59:ee:1b:
                    42:2e:bf:ba:fa:57:fc:69:12:ff:8f:8a:73:c5:1d:
                    53:de:30:5d:2b:60:73:3b:3d:2c:f1:44:56:e0:f7:
                    38:a6:ab:36:ac:42:cb:e3:a1:e6:d7:63:af:f6:fd:
                    59:0e:97:2d:91:6b:00:b0:7a:ee:02:3e:a0:d4:7a:
                    f6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:52:BF:6A:47:CB:09:64:40:57:50:9B:18:B5:A0:B8:1B:B8:B2:15
            X509v3 Authority Key Identifier:
                keyid:7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:c7:25:53:85:86:93:35:80:8d:62:64:90:1e:8d:7d:b9:36:
         07:a5:f1:05:b0:4f:3a:8e:ee:24:4f:8e:ec:4c:cb:62:2d:21:
         bb:83:32:0e:2a:97:a6:56:59:08:9f:f7:3c:67:05:3f:f9:c1:
         f9:f1:5d:34:c5:b5:ab:38:a7:e3:2c:a9:f4:d0:30:b2:97:97:
         ab:3b:5c:be:b4:b3:58:9c:65:ec:e2:71:8d:00:51:9b:89:2d:
         df:3b:b9:21:c0:ea:12:6b:2f:ad:a5:8b:b8:86:a3:f6:fd:bd:
         1e:cd:a0:cb:cf:e8:82:05:08:af:68:9a:00:d3:f2:8e:7d:f9:
         cf:f7:2a:09:59:ab:74:ec:1f:0e:45:9a:ce:78:18:07:62:e3:
         f9:67:3b:4e:a1:ba:36:6c:45:09:d2:6c:e1:3a:c6:e6:a4:6f:
         ab:a3:e9:d1:d2:ac:82:2e:d1:de:3c:47:ff:e1:f1:1c:1c:f4:
         c1:d0:b0:c9:f1:8a:8d:3e:46:f8:5d:02:82:96:1a:70:92:44:
         55:f2:09:c8:2c:d8:76:48:eb:f0:fa:05:f0:9c:b2:7a:9e:a7:
         b1:40:42:9d:a1:59:22:61:b4:fc:8b:fe:ee:a6:b4:48:f8:98:
         2e:2e:03:bc:74:5a:c7:3e:5d:a5:3e:bc:ff:6a:7f:37:43:8b:
         38:92:1e:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6hwRkB0/d4TH3Er2iQW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZWM3MjgzN2VmYmJjNGVhNmRkZDRiZTk0MzYxOTE2YjRj
MzYyZGEwHhcNMjUwODA4MjMwMDMyWhcNMjUwODA5MjMwMDMyWjAzMTEwLwYDVQQD
EygzZTUyYmY2YTQ3Y2IwOTY0NDA1NzUwOWIxOGI1YTBiODFiYjhiMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRt2EduOjMLp4QA6wqlqsweMefA
212eQS2okp27DBH+wDJ0avpuq0+NIn0PawNTXw2HsdSo7Bxz0HpuwtVxOH1cmss8
6YuIn8I51FStjbyXak7KzgJHJFySgv5KZk/mzMbu7LXOhaPU8YnCvWHcPNOFlSTJ
AfuFfrByOCzJGtqDGcEMSr4Sm/+SIoK03kEOec2rLHagBh2sHUB3CtCy88Xt4ngR
axCOlaGoKQJX0F2mML6xrcMQZVJdrDPpBShZ7htCLr+6+lf8aRL/j4pzxR1T3jBd
K2BzOz0s8URW4Pc4pqs2rELL46Hm12Ov9v1ZDpctkWsAsHruAj6g1Hr2vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5Sv2pHywlkQFdQmxi1oLgbuLIVMB8GA1UdIwQY
MBaAFH3scoN++7xOpt3UvpQ2GRa0w2LaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUt
Mzg2NjE3YTY2NGZlLzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZl
LzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPcclU4WG
kzWAjWJkkB6Nfbk2B6XxBbBPOo7uJE+O7EzLYi0hu4MyDiqXplZZCJ/3PGcFP/nB
+fFdNMW1qzin4yyp9NAwspeXqztcvrSzWJxl7OJxjQBRm4kt3zu5IcDqEmsvraWL
uIaj9v29Hs2gy8/oggUIr2iaANPyjn35z/cqCVmrdOwfDkWazngYB2Lj+Wc7TqG6
NmxFCdJs4TrG5qRvq6Pp0dKsgi7R3jxH/+HxHBz0wdCwyfGKjT5G+F0CgpYacJJE
VfIJyCzYdkjr8PoF8Jyyep6nsUBCnaFZImG0/Iv+7qa0SPiYLi4DvHRaxz5dpT68
/2p/N0OLOJIeiw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:21 2025 by rpki-client