Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
File:                     orEujfOr1VWfnPloCvZd0WWJ3oY.mft (raw, json)
Hash identifier:          rlbq9zkwYsz2H0L0locMKVelnUpH/XTQR9TyRpFlgX0=
Subject key identifier:   C6:3E:94:C2:9F:D4:29:7F:55:F7:46:CF:92:8F:B5:37:CA:C4:C2:A1
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Certificate issuer:       /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial:       0198345E29E264F94735B6181020F0BB4563
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
Manifest number:          1611
Signing time:             Tue 22 Jul 2025 23:00:42 +0000
Manifest this update:     Tue 22 Jul 2025 23:00:42 +0000
Manifest next update:     Wed 23 Jul 2025 23:00:42 +0000
Files and hashes:         1: 6H2ixjNEU6xWtS5k25Z6ow_hm28.roa (hash: WyKqr9Z/axNFGGu/SIj1vw9U/izYrN+qm2C2NbleudI=)
                          2: 9_T4ve3Vthf_sxVX-bvK-FDdcPI.roa (hash: +9BxG2A7BButqI99ltuN1SNEGGXD/TwLV+TVparU+Bs=)
                          3: AqKvWWTw_o64vG6wltS0YN5kGbo.roa (hash: wL3oeGyNzvfXI7ZS8KLi9p3lvV7vG26Q40zHsSA75CY=)
                          4: IUtzJwVEl2eiZvQUWQo7jwMicqo.roa (hash: mx5eZUafZMl2cTWLPuWLAAi2UvAZbJ7kPWQe2Wchn18=)
                          5: NmvHQJaQ4JUQC6anntlzMvrL-Z8.roa (hash: YU+lvt/vIazw7vVVUGccAAia8UJtfpTF+Fji8oBXsm0=)
                          6: OcAvtCfGeHAKogvTrE4zVIYXhXs.roa (hash: ytTb8Vp57MsWC+qg8DRVK13nEW8nfvpJJgza5MGPgYA=)
                          7: ZgFUKtoAGiNjKUo9XcPEn1qeAFc.roa (hash: TDQBb/Bd8P97rUcBMKsWbYhMoJ4eNE0/rZeeqnamWwY=)
                          8: aEWr6-EqtkKVBn1aiC7rHdjKt8Y.roa (hash: crXyg1I0M6v1iZUeG0Vpk1mS5J8AlR2ziEDMO6PLwNs=)
                          9: bF_8NJgqhGDd71S2vgy3IqkGvl0.roa (hash: XI0FLazwz22XwXLOsRlYorwiIFueCN8y2cD+ycMq4eA=)
                          10: cZ35CSPr-e6s9ZzZ1cCpKSrcsxQ.roa (hash: Q+tgir+fUPA3KtG37Q+v+2DT+F3gXFs+ldjurtDdJms=)
                          11: dzR6au3FLXSUL6wnu3sGMtx5vuE.roa (hash: TycFADlFb4vyHMprwY7RZeMmn+iT/ePeH0EO+pcdo8k=)
                          12: hT48KCBTZZmgjWNR0omilLv1234.roa (hash: RA3O16mDot75n7YV1dkz8IBPV2SpMqJkQ3E7/vV2VHo=)
                          13: hnuqfuqQFfls7WsQI7eQEfSUik0.roa (hash: 4glBckXjWMe5XR/kJnErYQjsYivbggBDZAVbZrhZteQ=)
                          14: l0OkrdC46OXcFrAyK1efk-4Xsw0.roa (hash: e6GLkxVIdJGeVoL8lxi6pYki19y1uXIM73RCaOWJKXc=)
                          15: m30AM2TdwhKzdf1N10cQP_Viy_c.roa (hash: CM1Hu68gDxVweB/504GwCoDAaC8vSBSM1qlN7Xy5w+M=)
                          16: orEujfOr1VWfnPloCvZd0WWJ3oY.crl (hash: l0w8+Z8QPKAMuoVHfrbhIbnehdvKwj7YuwjfhKKTPFc=)
                          17: qKhGSn-anlVBbLwa8kuLCuYeIg4.roa (hash: GMbSoeO7Bt68N/Bj/6mj7uVPJ/WZKmJE6Cg5RyuDqEs=)
                          18: xY8O1HQcthonbf03hVZUJttA-3k.roa (hash: VnV3WEcdTaUx8HFdXjrg5qMNEOniv+q8hPyCeb+p72M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:34:5e:29:e2:64:f9:47:35:b6:18:10:20:f0:bb:45:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
        Validity
            Not Before: Jul 22 23:00:42 2025 GMT
            Not After : Jul 23 23:00:42 2025 GMT
        Subject: CN=c63e94c29fd4297f55f746cf928fb537cac4c2a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2f:a2:0a:5a:15:2b:51:f6:09:e1:f2:0f:9e:
                    26:42:f1:d2:18:a7:3c:58:af:4d:72:45:70:af:09:
                    a5:60:48:82:37:37:d8:b8:06:8a:3e:e5:df:13:da:
                    ff:35:ca:f9:aa:f8:33:05:9e:ac:49:49:5e:14:69:
                    b0:15:bb:a0:ba:bd:43:7f:9e:b1:45:c0:10:cf:9a:
                    f7:e7:d6:ec:ca:a5:84:0a:c9:53:f4:ec:83:b3:e6:
                    e7:2b:0c:d7:b1:88:15:c4:11:27:77:51:1a:9f:ac:
                    02:81:1c:8a:2f:97:8d:78:c2:de:f6:a3:13:3c:77:
                    fb:fe:a2:f9:12:a8:76:fc:2e:93:1f:c1:62:05:82:
                    26:41:ca:9b:8f:3d:cd:cc:a7:d8:22:90:54:33:f2:
                    de:f2:64:e9:2f:3d:1a:97:a7:c1:de:e1:d9:e7:10:
                    aa:4c:fc:49:30:73:19:48:3a:1a:80:f5:09:5b:38:
                    69:69:34:72:ce:88:3e:71:f4:b5:80:8c:f8:9e:51:
                    be:2f:1e:2b:83:f7:f0:d0:a5:a6:ae:2a:5e:9c:77:
                    bc:71:b3:0c:65:48:a0:12:db:2a:11:5f:b8:91:81:
                    f2:82:dd:0f:ad:f7:24:ee:2a:63:a0:96:28:43:0d:
                    b9:3f:15:91:13:66:84:7d:88:b9:0e:8e:5b:2b:3f:
                    a0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3E:94:C2:9F:D4:29:7F:55:F7:46:CF:92:8F:B5:37:CA:C4:C2:A1
            X509v3 Authority Key Identifier:
                keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:59:b5:be:02:21:99:dc:38:8c:ab:f6:25:b7:64:00:fe:4a:
         49:8e:e2:8d:48:75:5f:86:bc:df:24:bf:97:e0:f0:11:b7:81:
         39:24:4f:e3:0f:cd:58:d1:76:96:a1:24:56:49:01:d7:3c:56:
         6d:17:bc:23:6b:32:6f:0b:c9:20:c1:e0:f0:58:12:04:e4:fb:
         a4:d5:26:84:a9:00:16:6a:11:b0:a4:8a:d5:74:94:99:3f:9e:
         ad:b7:ea:c6:4b:7a:a9:ab:77:46:24:40:20:f2:71:11:a7:7e:
         ad:d0:81:35:dc:60:77:b1:f6:5e:5c:77:6b:75:55:ed:c5:1e:
         b5:48:4d:63:4e:49:df:af:8c:5f:aa:2b:84:dc:e3:d2:17:e0:
         f1:dc:a7:60:3c:dd:96:d6:64:ad:b0:0c:6f:38:68:99:52:cc:
         28:dc:5b:4c:f5:e4:fc:30:59:7a:1a:c2:dd:7b:d6:8b:ac:7d:
         9c:2c:34:f8:bc:34:2f:36:65:fc:4f:01:98:51:de:8d:53:a9:
         b5:d0:7b:25:36:49:97:30:a4:6a:69:f7:fb:5e:b6:98:bd:b2:
         10:e2:38:e7:81:07:22:e6:8d:05:1c:06:20:7f:ed:52:f3:b2:
         42:c9:e8:b1:da:ad:5c:a3:30:04:08:55:d3:b3:e3:47:3f:b7:
         07:f2:98:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg0XiniZPlHNbYYECDwu0VjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwNzIyMjMwMDQyWhcNMjUwNzIzMjMwMDQyWjAzMTEwLwYDVQQD
EyhjNjNlOTRjMjlmZDQyOTdmNTVmNzQ2Y2Y5MjhmYjUzN2NhYzRjMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS+iCloVK1H2CeHyD54mQvHSGKc8
WK9NckVwrwmlYEiCNzfYuAaKPuXfE9r/Ncr5qvgzBZ6sSUleFGmwFbugur1Df56x
RcAQz5r359bsyqWECslT9OyDs+bnKwzXsYgVxBEnd1Ean6wCgRyKL5eNeMLe9qMT
PHf7/qL5Eqh2/C6TH8FiBYImQcqbjz3NzKfYIpBUM/Le8mTpLz0al6fB3uHZ5xCq
TPxJMHMZSDoagPUJWzhpaTRyzog+cfS1gIz4nlG+Lx4rg/fw0KWmripenHe8cbMM
ZUigEtsqEV+4kYHygt0Prfck7ipjoJYoQw25PxWRE2aEfYi5Do5bKz+g+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMY+lMKf1Cl/VfdGz5KPtTfKxMKhMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArlm1vgIh
mdw4jKv2JbdkAP5KSY7ijUh1X4a83yS/l+DwEbeBOSRP4w/NWNF2lqEkVkkB1zxW
bRe8I2sybwvJIMHg8FgSBOT7pNUmhKkAFmoRsKSK1XSUmT+erbfqxkt6qat3RiRA
IPJxEad+rdCBNdxgd7H2Xlx3a3VV7cUetUhNY05J36+MX6orhNzj0hfg8dynYDzd
ltZkrbAMbzhomVLMKNxbTPXk/DBZehrC3XvWi6x9nCw0+Lw0LzZl/E8BmFHejVOp
tdB7JTZJlzCkamn3+162mL2yEOI454EHIuaNBRwGIH/tUvOyQsnosdqtXKMwBAhV
07PjRz+3B/KYlQ==
-----END CERTIFICATE-----