Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
File:                     orEujfOr1VWfnPloCvZd0WWJ3oY.mft (raw, json)
Hash identifier:          oEZ7OrdtVPcD5If+MaJsdvficTLJp35UzX2NER/sktg=
Subject key identifier:   CC:57:91:A6:32:11:4F:C7:B7:D9:A0:AC:55:3D:42:01:4D:07:8F:8A
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Certificate issuer:       /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial:       01983A28F7C93E80AE845BA8F603B296BB15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
Manifest number:          1614
Signing time:             Thu 24 Jul 2025 02:00:20 +0000
Manifest this update:     Thu 24 Jul 2025 02:00:20 +0000
Manifest next update:     Fri 25 Jul 2025 02:00:20 +0000
Files and hashes:         1: 6H2ixjNEU6xWtS5k25Z6ow_hm28.roa (hash: WyKqr9Z/axNFGGu/SIj1vw9U/izYrN+qm2C2NbleudI=)
                          2: 9_T4ve3Vthf_sxVX-bvK-FDdcPI.roa (hash: +9BxG2A7BButqI99ltuN1SNEGGXD/TwLV+TVparU+Bs=)
                          3: AqKvWWTw_o64vG6wltS0YN5kGbo.roa (hash: wL3oeGyNzvfXI7ZS8KLi9p3lvV7vG26Q40zHsSA75CY=)
                          4: IUtzJwVEl2eiZvQUWQo7jwMicqo.roa (hash: mx5eZUafZMl2cTWLPuWLAAi2UvAZbJ7kPWQe2Wchn18=)
                          5: NmvHQJaQ4JUQC6anntlzMvrL-Z8.roa (hash: YU+lvt/vIazw7vVVUGccAAia8UJtfpTF+Fji8oBXsm0=)
                          6: OcAvtCfGeHAKogvTrE4zVIYXhXs.roa (hash: ytTb8Vp57MsWC+qg8DRVK13nEW8nfvpJJgza5MGPgYA=)
                          7: ZgFUKtoAGiNjKUo9XcPEn1qeAFc.roa (hash: TDQBb/Bd8P97rUcBMKsWbYhMoJ4eNE0/rZeeqnamWwY=)
                          8: aEWr6-EqtkKVBn1aiC7rHdjKt8Y.roa (hash: crXyg1I0M6v1iZUeG0Vpk1mS5J8AlR2ziEDMO6PLwNs=)
                          9: bF_8NJgqhGDd71S2vgy3IqkGvl0.roa (hash: XI0FLazwz22XwXLOsRlYorwiIFueCN8y2cD+ycMq4eA=)
                          10: cZ35CSPr-e6s9ZzZ1cCpKSrcsxQ.roa (hash: Q+tgir+fUPA3KtG37Q+v+2DT+F3gXFs+ldjurtDdJms=)
                          11: dzR6au3FLXSUL6wnu3sGMtx5vuE.roa (hash: TycFADlFb4vyHMprwY7RZeMmn+iT/ePeH0EO+pcdo8k=)
                          12: hT48KCBTZZmgjWNR0omilLv1234.roa (hash: RA3O16mDot75n7YV1dkz8IBPV2SpMqJkQ3E7/vV2VHo=)
                          13: hnuqfuqQFfls7WsQI7eQEfSUik0.roa (hash: 4glBckXjWMe5XR/kJnErYQjsYivbggBDZAVbZrhZteQ=)
                          14: l0OkrdC46OXcFrAyK1efk-4Xsw0.roa (hash: e6GLkxVIdJGeVoL8lxi6pYki19y1uXIM73RCaOWJKXc=)
                          15: m30AM2TdwhKzdf1N10cQP_Viy_c.roa (hash: CM1Hu68gDxVweB/504GwCoDAaC8vSBSM1qlN7Xy5w+M=)
                          16: orEujfOr1VWfnPloCvZd0WWJ3oY.crl (hash: gXOqBTAAF7xGbnGSGtm4SzC+dmDWDA5e8yWtE1Rvm1E=)
                          17: qKhGSn-anlVBbLwa8kuLCuYeIg4.roa (hash: GMbSoeO7Bt68N/Bj/6mj7uVPJ/WZKmJE6Cg5RyuDqEs=)
                          18: xY8O1HQcthonbf03hVZUJttA-3k.roa (hash: VnV3WEcdTaUx8HFdXjrg5qMNEOniv+q8hPyCeb+p72M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 25 Jul 2025 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:3a:28:f7:c9:3e:80:ae:84:5b:a8:f6:03:b2:96:bb:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
        Validity
            Not Before: Jul 24 02:00:20 2025 GMT
            Not After : Jul 25 02:00:20 2025 GMT
        Subject: CN=cc5791a632114fc7b7d9a0ac553d42014d078f8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:8c:ab:74:b0:ef:7f:f4:a3:9b:6b:4c:53:2f:
                    50:53:9b:da:f9:c5:94:71:55:8d:eb:eb:96:b3:ed:
                    76:23:03:3e:f6:d0:5b:9b:14:5c:b1:d9:3b:25:26:
                    8c:16:30:13:c4:9f:da:bc:cf:4d:8a:4c:8a:26:95:
                    b9:66:ca:38:c4:e7:fc:66:ae:6f:02:fa:d9:1a:71:
                    7c:bd:3a:71:7e:c6:5d:5d:90:21:29:82:ac:4a:45:
                    77:19:f2:4b:70:04:a5:74:30:e4:4b:14:2e:96:0c:
                    59:4d:4e:83:06:48:d6:4b:98:ef:be:e3:90:4f:47:
                    de:fc:98:ed:63:4d:7e:1a:c3:0c:85:f7:c9:2d:4d:
                    18:8c:67:83:c3:4b:90:04:c4:f4:1a:5e:c2:f2:f7:
                    1a:e7:bb:60:7c:09:c3:7b:46:b8:9a:62:b7:81:25:
                    b8:18:f4:f4:02:a3:df:9c:51:9b:b7:54:ba:e9:fe:
                    2a:ac:f6:42:f4:f2:63:18:92:85:db:a5:7c:28:4c:
                    95:89:20:24:7b:25:16:8e:36:29:33:dd:43:29:be:
                    d1:fc:67:0d:2e:ce:6a:51:8a:77:3a:a3:03:8b:bb:
                    68:ca:8e:14:52:74:18:11:1e:e3:9f:45:9c:79:f1:
                    bf:a9:9d:b8:23:27:4a:e9:33:3b:9b:e5:27:76:32:
                    22:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:57:91:A6:32:11:4F:C7:B7:D9:A0:AC:55:3D:42:01:4D:07:8F:8A
            X509v3 Authority Key Identifier:
                keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:cc:2b:04:a3:91:ef:b9:8a:5b:e4:a7:15:c5:85:12:b3:ef:
         4d:96:de:58:cf:d5:68:f4:eb:66:71:91:c5:7e:15:b4:a7:84:
         09:02:6e:4a:4e:53:4e:4d:bb:7f:2c:8f:ba:7b:c9:79:03:a2:
         52:d8:75:da:13:a9:c4:73:cc:e3:58:67:83:8d:c2:6c:40:61:
         3e:52:63:30:72:b4:0d:d4:72:d9:5a:72:0e:e4:b6:22:bc:49:
         83:41:4a:17:82:0d:15:a5:53:39:39:40:a3:5e:da:4f:b6:b9:
         76:7e:5b:1c:ff:e4:ef:90:db:77:1d:2f:09:b0:68:6e:46:e2:
         74:38:7b:78:f6:41:b5:31:ab:52:43:01:12:31:9d:25:eb:7c:
         6f:21:5a:71:e5:d9:20:c7:b3:c3:03:8f:72:a0:04:93:06:cd:
         29:dd:98:c4:17:10:5e:17:76:2a:07:ec:06:6d:47:1b:87:8c:
         39:35:da:bb:27:9e:88:e6:74:0e:f0:61:51:87:9e:74:2a:b2:
         89:8c:12:bd:c0:a3:83:02:af:d6:c5:66:11:1e:e9:72:23:f0:
         b0:bc:49:56:35:97:57:34:22:74:df:e5:f5:1f:a4:1b:c6:de:
         d3:f8:9c:bd:cc:f2:db:ab:6d:4f:c8:51:ef:7a:53:01:0b:db:
         87:d1:b3:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg6KPfJPoCuhFuo9gOylrsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwNzI0MDIwMDIwWhcNMjUwNzI1MDIwMDIwWjAzMTEwLwYDVQQD
EyhjYzU3OTFhNjMyMTE0ZmM3YjdkOWEwYWM1NTNkNDIwMTRkMDc4ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IyrdLDvf/Sjm2tMUy9QU5va+cWU
cVWN6+uWs+12IwM+9tBbmxRcsdk7JSaMFjATxJ/avM9NikyKJpW5Zso4xOf8Zq5v
AvrZGnF8vTpxfsZdXZAhKYKsSkV3GfJLcASldDDkSxQulgxZTU6DBkjWS5jvvuOQ
T0fe/JjtY01+GsMMhffJLU0YjGeDw0uQBMT0Gl7C8vca57tgfAnDe0a4mmK3gSW4
GPT0AqPfnFGbt1S66f4qrPZC9PJjGJKF26V8KEyViSAkeyUWjjYpM91DKb7R/GcN
Ls5qUYp3OqMDi7toyo4UUnQYER7jn0WcefG/qZ24IydK6TM7m+UndjIiUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxXkaYyEU/Ht9mgrFU9QgFNB4+KMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANswrBKOR
77mKW+SnFcWFErPvTZbeWM/VaPTrZnGRxX4VtKeECQJuSk5TTk27fyyPunvJeQOi
Uth12hOpxHPM41hng43CbEBhPlJjMHK0DdRy2VpyDuS2IrxJg0FKF4INFaVTOTlA
o17aT7a5dn5bHP/k75Dbdx0vCbBobkbidDh7ePZBtTGrUkMBEjGdJet8byFaceXZ
IMezwwOPcqAEkwbNKd2YxBcQXhd2KgfsBm1HG4eMOTXauyeeiOZ0DvBhUYeedCqy
iYwSvcCjgwKv1sVmER7pciPwsLxJVjWXVzQidN/l9R+kG8be0/icvczy26ttT8hR
73pTAQvbh9Gzog==
-----END CERTIFICATE-----