Manifest

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
File:                     bW-_qXU9uNhGQz21NR2ansB8lr0.mft (raw, json)
Hash identifier:          KVNFrMVKm24X47JCoHEdAb37J89ovAWk0lV50p6O09Y=
Subject key identifier:   C9:50:BF:21:67:38:3C:4F:F8:95:88:ED:AE:51:94:CE:E6:49:1F:B2
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Certificate issuer:       /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial:       01AAAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
Manifest number:          013F46
Signing time:             Thu 24 Jul 2025 11:01:35 +0000
Manifest this update:     Thu 24 Jul 2025 11:01:35 +0000
Manifest next update:     Thu 24 Jul 2025 17:01:35 +0000
Files and hashes:         1: 0eIyeiGyIFKlmQZQX86bC9ciEr0.roa (hash: cyM/FkQoj9xO06P7TCTTv/LOo2Xuut82u3dZZ39/U9g=)
                          2: E0AAy4jgV_BtY7GQELCxALV6Q5U.roa (hash: 0YEsF8nmeEujfyIIOFiGW6CDXyDY9JCTr+LXIKq+emU=)
                          3: IdgNYO8v_dEbdoPuHFTpsjA3l0U.roa (hash: rr4euxcMf4+ZXrKMACe3mGR+5zZFKDjuT9seOvH/4fA=)
                          4: R-lVU1XGsAeqzV1Fv0HjOD6ZFkE.cer (hash: fwCKuxtzzirqS8FvTIV+k7he6U4wthwt1LkI0CdYJKc=)
                          5: UDn6-ZD0WTj18D8nHih3D--ZO_s.roa (hash: E0/WsIxOejz2/RTbLMdD/5U9XX5PVXs0IPlP2v1u8tI=)
                          6: ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer (hash: Pft9iYjBesYTNht4g1UqgMiTx81vUwBXh8MKS/81v8U=)
                          7: bW-_qXU9uNhGQz21NR2ansB8lr0.crl (hash: +pG7QyI63JGAwss2F0cp9k1xWxpeG2AazY8eWiEBg6U=)
                          8: fDvN8JDIeg8h7b5wWCFK_F7J_SY.roa (hash: 3XTR+/4DackDLN++CL7fLb+4xpAjYp7KADxJhiiuXY4=)
                          9: fykdvBDNLvaFDLOeKcvquSaaNlM.roa (hash: 36Psre3MLHPEb3ezhbbE40C2QS1KDUyERdtNq15GTwU=)
                          10: lAN537Pqyt3IsX0kCwc4qs0Cejk.roa (hash: lXT5FVM7+7MTpRMcu84qhNRJxD2GNBRwCl7nT4luylk=)
                          11: laI1_vEYtlNzj-K0SXR_yGpd1TA.gbr (hash: UqQYG2z76G043/AlJNMTiXkQS0iMsC+J/mdxEEWdE3w=)
                          12: r-pLC2fDZMfxKp9PL1lylxFeQHs.roa (hash: NwnUQOTwUtYfhDg8EyWEkjuxKkBF9rlR8HB0QXbZKuA=)
                          13: xF8fZFbI8NRA4qk_N5CLpw6Nmj8.roa (hash: uVos6KXGCj74GgHG7sOPwpP0it60WyuUCM+9kzZw+Fw=)
Validation:               OK
Signature path:           rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
                          rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109229 (0x1aaad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
        Validity
            Not Before: Jul 24 11:01:35 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=C950BF2167383C4FF89588EDAE5194CEE6491FB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:da:45:0c:00:be:b7:58:e2:31:61:75:d9:6e:
                    04:a8:65:67:71:84:8a:4e:db:4d:b5:a2:66:87:4d:
                    84:8a:8e:56:71:f9:6e:4b:33:ec:8e:40:e1:3d:ea:
                    e0:69:36:97:fc:e4:d2:29:88:8b:45:10:47:24:02:
                    5d:b1:eb:3d:60:6e:31:d8:d1:76:69:04:da:fa:82:
                    0a:50:ba:4d:ee:fc:f6:3c:8a:88:d3:55:a3:30:43:
                    c2:fd:33:a1:fe:c9:42:84:87:8a:f9:48:89:ba:8e:
                    ad:30:04:3a:25:e3:04:a2:a5:16:ae:60:8f:e4:6c:
                    8d:d2:b7:5d:24:22:02:89:83:9e:d3:7b:1d:4c:d4:
                    d9:b0:29:c2:57:61:ec:48:f2:f4:9a:fa:dd:ab:34:
                    2e:c8:be:f9:c3:6a:ef:5b:a9:f4:18:88:6b:1c:35:
                    db:69:c7:a7:03:ad:64:76:6f:55:54:82:39:bf:51:
                    4b:3a:a1:9a:3e:8c:09:f2:45:3b:04:c2:a4:91:b4:
                    24:90:1c:61:64:c8:fb:1f:77:6e:e5:8b:e5:55:fc:
                    43:0f:73:bd:fe:a8:3d:31:8e:9f:9b:a2:50:ea:19:
                    70:40:0f:00:2e:50:87:3f:5f:53:50:af:19:dd:83:
                    f1:b5:55:fd:42:da:40:dd:00:66:db:63:1a:f6:50:
                    3e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:50:BF:21:67:38:3C:4F:F8:95:88:ED:AE:51:94:CE:E6:49:1F:B2
            X509v3 Authority Key Identifier:
                keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:5e:17:83:a4:f6:1e:22:aa:ea:a8:5b:05:4d:be:9f:03:22:
         dc:23:f1:e0:06:a1:3a:7d:0f:a2:fe:c5:0d:44:1a:18:de:29:
         0f:f0:13:55:90:c4:04:2b:ef:46:58:9e:23:c6:40:94:9b:b6:
         da:c1:e8:2f:63:b4:1f:f2:53:07:11:d0:16:bc:4c:04:a6:9e:
         db:81:23:a1:eb:14:a3:f3:c0:56:0e:bc:22:e9:54:52:5d:92:
         2f:35:13:70:61:86:88:9b:5e:46:1e:b3:d4:af:a8:09:4f:5e:
         e4:02:87:1b:d3:bd:23:73:a1:7c:1b:25:68:5a:da:39:f8:10:
         80:23:54:94:90:58:19:5f:ab:ed:04:b6:2c:c8:81:9f:ba:be:
         0b:b0:78:30:86:c9:8c:42:f4:0c:8a:e8:16:08:b2:28:4d:47:
         7c:a8:56:3b:6b:ba:9c:99:a1:13:10:84:e3:60:b5:66:b6:cc:
         09:df:54:1a:5a:99:7b:42:57:e7:5e:c6:54:ea:ab:49:18:e4:
         ad:e5:ba:cb:80:6c:68:92:2f:0a:cb:8e:17:2f:ee:c0:98:69:
         63:d7:81:8a:1c:17:1c:9d:e1:e5:4b:8d:a8:c5:3c:8d:1c:e6:
         e8:52:ce:ef:0a:02:f4:0e:8f:9f:ac:2c:4b:39:77:5f:f6:6a:
         14:9f:ff:54
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIDAaqtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjUwNzI0
MTEwMTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhDOTUwQkYyMTY3Mzgz
QzRGRjg5NTg4RURBRTUxOTRDRUU2NDkxRkIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAntpFDAC+t1jiMWF12W4EqGVncYSKTttNtaJmh02Eio5Wcflu
SzPsjkDhPergaTaX/OTSKYiLRRBHJAJdses9YG4x2NF2aQTa+oIKULpN7vz2PIqI
01WjMEPC/TOh/slChIeK+UiJuo6tMAQ6JeMEoqUWrmCP5GyN0rddJCICiYOe03sd
TNTZsCnCV2HsSPL0mvrdqzQuyL75w2rvW6n0GIhrHDXbacenA61kdm9VVII5v1FL
OqGaPowJ8kU7BMKkkbQkkBxhZMj7H3du5YvlVfxDD3O9/qg9MY6fm6JQ6hlwQA8A
LlCHP19TUK8Z3YPxtVX9QtpA3QBm22Ma9lA+FwIDAQABo4IB7TCCAekwHQYDVR0O
BBYEFMlQvyFnODxP+JWI7a5RlM7mSR+yMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL2JXLV9xWFU5dU5oR1F6MjFOUjJhbnNCOGxyMC5tZnQwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEF
BQcBCAEB/wQGMASgAgUAMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwDQYJKoZIhvcNAQELBQADggEBAE5eF4Ok9h4iquqoWwVNvp8DItwj8eAGoTp9
D6L+xQ1EGhjeKQ/wE1WQxAQr70ZYniPGQJSbttrB6C9jtB/yUwcR0Ba8TASmntuB
I6HrFKPzwFYOvCLpVFJdki81E3BhhoibXkYes9SvqAlPXuQChxvTvSNzoXwbJWha
2jn4EIAjVJSQWBlfq+0EtizIgZ+6vguweDCGyYxC9AyK6BYIsihNR3yoVjtrupyZ
oRMQhONgtWa2zAnfVBpamXtCV+dexlTqq0kY5K3lusuAbGiSLwrLjhcv7sCYaWPX
gYocFxyd4eVLjajFPI0c5uhSzu8KAvQOj5+sLEs5d1/2ahSf/1Q=
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:14:42 2025 by rpki-client