Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
File:                     Kfp91j8uLYe194UAk8dDu_vhTkQ.mft (raw, json)
Hash identifier:          wo8pAv3kmNqzTJTNRACzzv1jb7Pbmk9x7vJPn9ol9pI=
Subject key identifier:   1D:99:88:0E:E2:4B:E5:6E:CC:3C:FC:98:71:A5:40:25:A2:E8:1A:00
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Certificate issuer:       /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial:       01983E3CA97F323C430A03DC5AFDA9EB3646
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
Manifest number:          04AC
Signing time:             Thu 24 Jul 2025 21:00:19 +0000
Manifest this update:     Thu 24 Jul 2025 21:00:19 +0000
Manifest next update:     Fri 25 Jul 2025 21:00:19 +0000
Files and hashes:         1: 05o0ilxpLPFj724SFa-brN8vzXk.roa (hash: CPN9MrS7MYDAN7zH2nr9vN3ZoOoKTAOXjde0z1Y3r4g=)
                          2: 5h88FMdyJ4BKxPsdcgHQyCeiggw.roa (hash: Owv+GMEcs1uONJHFnOZ4mKs3NxskXYOAjZpyCXtz47Y=)
                          3: 7HfOX3VXYMpd2AIPBc7-S-uMs_8.roa (hash: k5M6cr3ux0zaC3HrK4AQu/eEDnL7gIrijJy4BZ0Nw4M=)
                          4: 7OOt-MnHsX07hiPdKHIMZaJ8wrg.roa (hash: 7nZ90mtRGZWhPbm1Puw7IzZkWIgR1R3W35D51WFY05w=)
                          5: BT9PpbhARp2PKEupubiiio8TvBc.roa (hash: PoRHUsj11iEWOHUhXg6p185DLswF97IfYO5dpNwM+4k=)
                          6: F1OWe033_DuZ-JjrisCh6PYvi1s.roa (hash: bLONjsizRZ/N6QYxCW6KHMn5K6t8a7PJWP3/t57vEJk=)
                          7: K3PHjFr5iZQBePAHzZD7020H3CQ.roa (hash: cYqNDwyqOAThtjZwtvIGK4yhgMYUiG7kHacZddA60SQ=)
                          8: Kfp91j8uLYe194UAk8dDu_vhTkQ.crl (hash: BzNDxg6LFqY35QGnTr0FvjmxhIDXo9iLBYoIDsAeE/U=)
                          9: PwDUcjqBkiIEULzXxKTVGmmTWG4.roa (hash: FRJ/j45X7Ib31MDYnkP96sRJLV09a4YTIEwHH8GRm+c=)
                          10: SGJaxM1tftN6eWW_JhWZIZdq6Hs.roa (hash: i3+GB/wkLsPOj8TleSkbJUTDI0kj7dMA6dFb0QRWP+8=)
                          11: X-V1c33BeHLMq6YPZ6efCsl3cMM.roa (hash: qD2GqEyAmd2okDBw6OR3DlzX+O8r0bDHBHVLHEg9U3g=)
                          12: X6A7ZOxQkF-N5TBF6hNZ0D-sPxQ.roa (hash: sOJamuYIhYJWJLrvAE1wd1xA2gh7NgXmer7n43KBLdc=)
                          13: Y68HM_eE8K1w4SS6fxm68_4816Q.roa (hash: j5XSBxx8t0t2IG8jaeix/JPoU5Vp2pcHE0yvoVN43nY=)
                          14: eM7RoSEq3C715iKtcwBUqsiVTDM.roa (hash: U7xNVv9g2fKrI4EOjzXQcIX1ekwna/aEJqfXxfKaR90=)
                          15: u-M1H4DlyfJcf3cI4KPf60AAf5E.roa (hash: rqvHkJ1B+GOatMUS6IQfjBMvmK91Ea22MfD3TS1yuVM=)
                          16: us6ukJjPwguMUHmhc8SpjnjeHOE.roa (hash: RuHDwxtF2zmik+S8Nhu0t8NrGvwHVQJraNmp1nORf/c=)
                          17: zvMqPtiLMOCgjOxqm6euJp83YNA.roa (hash: jIvx8RFgHAKB/kauSEcxDljiE/0sDn1/Jfcw3a0iCKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 25 Jul 2025 21:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:3e:3c:a9:7f:32:3c:43:0a:03:dc:5a:fd:a9:eb:36:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
        Validity
            Not Before: Jul 24 21:00:19 2025 GMT
            Not After : Jul 25 21:00:19 2025 GMT
        Subject: CN=1d99880ee24be56ecc3cfc9871a54025a2e81a00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:65:67:5f:fe:df:82:e1:83:f1:e6:2d:29:df:
                    73:59:11:fa:b1:14:61:91:ed:44:8d:a1:8a:44:c5:
                    ed:a5:7d:84:bc:38:15:e1:cb:da:68:22:bd:8a:01:
                    36:5d:47:bc:52:ca:b5:ba:1d:75:6e:0a:12:88:f5:
                    c8:f1:fd:9d:93:93:da:0d:cf:c9:45:2a:04:95:29:
                    18:86:87:98:a9:e3:07:8f:01:b7:45:af:87:d8:d7:
                    2b:87:8c:38:92:c7:13:02:82:ca:5b:04:22:1f:41:
                    40:59:cc:8e:bf:c4:98:77:9d:56:17:e7:e2:d7:66:
                    bb:f4:16:b1:05:1b:db:12:d2:84:21:cd:9a:77:b1:
                    4e:91:d2:d7:d0:47:2b:f0:6a:3d:51:2c:d6:bc:41:
                    82:12:c9:15:80:17:77:f0:da:bf:c1:40:00:2e:b2:
                    13:42:4c:9b:01:15:56:a4:e9:cc:66:99:50:11:df:
                    4f:e2:0b:8e:18:37:35:79:8f:71:a7:0e:08:d7:4a:
                    06:7f:29:e8:46:6b:28:e0:0f:0e:1f:c0:7a:3d:a3:
                    62:ef:c4:db:b6:8f:5e:e8:5d:59:8d:a1:31:3d:00:
                    a7:df:f4:71:19:b3:ec:df:a0:b8:50:9e:b7:82:7f:
                    33:15:45:36:69:26:70:2d:88:8f:32:98:1d:16:38:
                    39:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:99:88:0E:E2:4B:E5:6E:CC:3C:FC:98:71:A5:40:25:A2:E8:1A:00
            X509v3 Authority Key Identifier:
                keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:52:8f:25:25:21:43:dc:51:79:3c:7e:10:cb:51:2a:a4:57:
         b5:2c:10:6b:82:70:d0:86:45:ad:77:87:63:bd:eb:13:4c:49:
         c1:e4:2b:b9:50:74:2b:f1:cb:46:0f:c9:85:72:75:f9:6a:44:
         62:14:5d:4c:5a:f1:ba:22:0a:85:95:bf:95:03:45:29:b9:54:
         32:24:39:c6:68:2d:65:dd:bc:da:f5:af:be:b8:83:51:b1:44:
         88:ec:b9:29:88:ba:32:30:da:f4:37:f9:0b:08:cc:ef:23:cc:
         92:b5:1e:c1:96:13:51:58:96:87:ab:c9:54:83:4c:0d:da:56:
         75:c2:78:80:c9:20:27:ec:da:aa:ed:a7:3b:70:82:74:37:da:
         21:3f:ae:0a:a9:bd:33:ad:3a:45:43:2a:37:21:84:22:28:fc:
         a0:6c:bf:ed:b1:92:71:4c:8d:93:67:1a:cc:6e:f4:ed:48:19:
         3a:66:4c:25:e6:9a:2f:df:40:6c:1e:9d:7d:42:dc:7d:51:0c:
         33:24:f2:45:92:5d:62:91:49:17:0d:f1:8f:be:36:63:d3:77:
         c3:7e:ac:05:4e:3b:a4:55:1a:bf:02:65:6a:26:ca:74:bb:a6:
         65:e3:cf:f1:d8:30:85:44:4a:b2:56:07:c7:e1:ca:fb:51:f8:
         dd:94:83:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg+PKl/MjxDCgPcWv2p6zZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjUwNzI0MjEwMDE5WhcNMjUwNzI1MjEwMDE5WjAzMTEwLwYDVQQD
EygxZDk5ODgwZWUyNGJlNTZlY2MzY2ZjOTg3MWE1NDAyNWEyZTgxYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GVnX/7fguGD8eYtKd9zWRH6sRRh
ke1EjaGKRMXtpX2EvDgV4cvaaCK9igE2XUe8Usq1uh11bgoSiPXI8f2dk5PaDc/J
RSoElSkYhoeYqeMHjwG3Ra+H2Ncrh4w4kscTAoLKWwQiH0FAWcyOv8SYd51WF+fi
12a79BaxBRvbEtKEIc2ad7FOkdLX0Ecr8Go9USzWvEGCEskVgBd38Nq/wUAALrIT
QkybARVWpOnMZplQEd9P4guOGDc1eY9xpw4I10oGfynoRmso4A8OH8B6PaNi78Tb
to9e6F1ZjaExPQCn3/RxGbPs36C4UJ63gn8zFUU2aSZwLYiPMpgdFjg5RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2ZiA7iS+VuzDz8mHGlQCWi6BoAMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAalKPJSUh
Q9xReTx+EMtRKqRXtSwQa4Jw0IZFrXeHY73rE0xJweQruVB0K/HLRg/JhXJ1+WpE
YhRdTFrxuiIKhZW/lQNFKblUMiQ5xmgtZd282vWvvriDUbFEiOy5KYi6MjDa9Df5
CwjM7yPMkrUewZYTUViWh6vJVINMDdpWdcJ4gMkgJ+zaqu2nO3CCdDfaIT+uCqm9
M606RUMqNyGEIij8oGy/7bGScUyNk2cazG707UgZOmZMJeaaL99AbB6dfULcfVEM
MyTyRZJdYpFJFw3xj742Y9N3w36sBU47pFUavwJlaibKdLumZePP8dgwhURKslYH
x+HK+1H43ZSDTA==
-----END CERTIFICATE-----
Generated at Fri Jul 25 06:12:34 2025 by rpki-client