Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
File:                     Kfp91j8uLYe194UAk8dDu_vhTkQ.mft (raw, json)
Hash identifier:          GTgYffECG/1hDzjC9HY0vOLQD7nURJ6IgZYJXKKJssQ=
Subject key identifier:   85:14:68:F1:2F:21:D9:B7:05:72:39:01:5F:E8:74:CE:22:90:13:AB
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Certificate issuer:       /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial:       0198349532F5AF1017617E7224DA766492B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
Manifest number:          04A7
Signing time:             Wed 23 Jul 2025 00:00:49 +0000
Manifest this update:     Wed 23 Jul 2025 00:00:49 +0000
Manifest next update:     Thu 24 Jul 2025 00:00:49 +0000
Files and hashes:         1: 05o0ilxpLPFj724SFa-brN8vzXk.roa (hash: CPN9MrS7MYDAN7zH2nr9vN3ZoOoKTAOXjde0z1Y3r4g=)
                          2: 5h88FMdyJ4BKxPsdcgHQyCeiggw.roa (hash: Owv+GMEcs1uONJHFnOZ4mKs3NxskXYOAjZpyCXtz47Y=)
                          3: 7HfOX3VXYMpd2AIPBc7-S-uMs_8.roa (hash: k5M6cr3ux0zaC3HrK4AQu/eEDnL7gIrijJy4BZ0Nw4M=)
                          4: 7OOt-MnHsX07hiPdKHIMZaJ8wrg.roa (hash: 7nZ90mtRGZWhPbm1Puw7IzZkWIgR1R3W35D51WFY05w=)
                          5: BT9PpbhARp2PKEupubiiio8TvBc.roa (hash: PoRHUsj11iEWOHUhXg6p185DLswF97IfYO5dpNwM+4k=)
                          6: F1OWe033_DuZ-JjrisCh6PYvi1s.roa (hash: bLONjsizRZ/N6QYxCW6KHMn5K6t8a7PJWP3/t57vEJk=)
                          7: K3PHjFr5iZQBePAHzZD7020H3CQ.roa (hash: cYqNDwyqOAThtjZwtvIGK4yhgMYUiG7kHacZddA60SQ=)
                          8: Kfp91j8uLYe194UAk8dDu_vhTkQ.crl (hash: BFDGpfpkiG5bMpbgCcfM5mzKwAMTLBB+mXRPsXvuw9o=)
                          9: PwDUcjqBkiIEULzXxKTVGmmTWG4.roa (hash: FRJ/j45X7Ib31MDYnkP96sRJLV09a4YTIEwHH8GRm+c=)
                          10: SGJaxM1tftN6eWW_JhWZIZdq6Hs.roa (hash: i3+GB/wkLsPOj8TleSkbJUTDI0kj7dMA6dFb0QRWP+8=)
                          11: X-V1c33BeHLMq6YPZ6efCsl3cMM.roa (hash: qD2GqEyAmd2okDBw6OR3DlzX+O8r0bDHBHVLHEg9U3g=)
                          12: X6A7ZOxQkF-N5TBF6hNZ0D-sPxQ.roa (hash: sOJamuYIhYJWJLrvAE1wd1xA2gh7NgXmer7n43KBLdc=)
                          13: Y68HM_eE8K1w4SS6fxm68_4816Q.roa (hash: j5XSBxx8t0t2IG8jaeix/JPoU5Vp2pcHE0yvoVN43nY=)
                          14: eM7RoSEq3C715iKtcwBUqsiVTDM.roa (hash: U7xNVv9g2fKrI4EOjzXQcIX1ekwna/aEJqfXxfKaR90=)
                          15: u-M1H4DlyfJcf3cI4KPf60AAf5E.roa (hash: rqvHkJ1B+GOatMUS6IQfjBMvmK91Ea22MfD3TS1yuVM=)
                          16: us6ukJjPwguMUHmhc8SpjnjeHOE.roa (hash: RuHDwxtF2zmik+S8Nhu0t8NrGvwHVQJraNmp1nORf/c=)
                          17: zvMqPtiLMOCgjOxqm6euJp83YNA.roa (hash: jIvx8RFgHAKB/kauSEcxDljiE/0sDn1/Jfcw3a0iCKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:34:95:32:f5:af:10:17:61:7e:72:24:da:76:64:92:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
        Validity
            Not Before: Jul 23 00:00:49 2025 GMT
            Not After : Jul 24 00:00:49 2025 GMT
        Subject: CN=851468f12f21d9b7057239015fe874ce229013ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b2:cf:0e:c6:28:b7:d8:c5:4d:b8:16:8d:7f:
                    9e:88:44:a2:d7:11:41:b5:27:be:28:1e:fe:35:7a:
                    ba:32:fe:25:70:27:cd:ad:10:c3:af:24:ac:a5:23:
                    95:05:23:6b:91:a2:55:64:7d:7f:4c:0c:62:e1:63:
                    54:82:e7:a0:c1:97:6d:e1:be:2b:17:f2:48:e1:ec:
                    51:b2:6b:1c:e1:6c:84:7d:1f:b9:86:13:e9:a1:e3:
                    6e:d7:99:0b:c5:60:8d:43:e1:50:08:7f:9d:26:00:
                    9c:71:94:ea:c4:54:3b:fe:13:0d:0c:2f:18:af:33:
                    b2:bb:e6:22:4e:24:7c:5d:2f:78:2b:a1:e7:46:0a:
                    c5:a3:48:cb:87:05:8a:25:ac:cd:41:2d:85:da:e6:
                    41:8a:f6:80:af:b3:6f:52:56:7a:f7:b4:7e:d1:8f:
                    d8:78:23:1f:fa:ae:f9:3d:6a:e5:1a:bc:bc:a3:de:
                    58:01:84:97:b0:95:c0:f3:dc:89:6a:fe:4d:5b:bf:
                    9e:99:8a:a0:1c:ce:df:79:f2:fd:7a:94:b2:6f:c9:
                    e3:4b:dc:4a:0f:43:30:4f:e2:e2:b5:c7:a4:0e:2b:
                    29:b2:57:c6:a5:44:bf:bc:0a:5c:81:96:c0:41:c5:
                    9c:33:db:90:b9:e8:60:7c:93:50:2f:5c:da:fd:3d:
                    41:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:14:68:F1:2F:21:D9:B7:05:72:39:01:5F:E8:74:CE:22:90:13:AB
            X509v3 Authority Key Identifier:
                keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:7a:ec:43:c0:de:c9:05:26:18:7f:98:3a:11:ad:c8:ea:5b:
         77:0d:ff:b7:43:42:9f:8a:44:94:89:76:b4:eb:4e:49:b8:11:
         41:da:ac:4b:09:00:41:7b:87:13:89:d9:be:0c:79:25:ac:e3:
         5e:f7:26:55:8a:c6:f9:62:fd:61:64:47:d1:70:f0:87:57:6d:
         e5:77:59:a2:bd:4e:d5:77:34:e2:5b:15:4e:4d:bf:7c:3d:25:
         bf:e4:51:60:17:ad:e7:f1:7b:2b:71:f4:29:5b:ba:a8:f5:70:
         f2:d0:7e:08:38:73:42:28:9c:b9:1e:99:a3:3f:9c:4f:c1:bb:
         79:3d:8a:be:11:54:6e:e8:4d:dc:18:03:de:13:26:ee:a8:3c:
         6c:f4:84:eb:2c:25:6f:e6:19:65:72:16:dd:a3:78:37:98:f9:
         7b:7d:35:39:9c:85:64:d7:12:6c:48:5a:f5:6b:a7:c6:b6:9a:
         6f:df:f2:8c:4e:c7:29:22:dc:8f:3a:fc:38:5d:a8:61:9d:7e:
         d0:92:90:24:46:d4:16:d5:c5:17:d5:1a:b0:d3:bb:71:e5:15:
         92:da:f2:f4:d9:03:92:bf:28:80:e0:7e:cc:42:22:37:10:46:
         69:0b:de:0b:80:41:28:34:6a:50:c1:c5:3c:66:9e:d2:69:c1:
         50:e3:ce:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg0lTL1rxAXYX5yJNp2ZJK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjUwNzIzMDAwMDQ5WhcNMjUwNzI0MDAwMDQ5WjAzMTEwLwYDVQQD
Eyg4NTE0NjhmMTJmMjFkOWI3MDU3MjM5MDE1ZmU4NzRjZTIyOTAxM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrLPDsYot9jFTbgWjX+eiESi1xFB
tSe+KB7+NXq6Mv4lcCfNrRDDrySspSOVBSNrkaJVZH1/TAxi4WNUguegwZdt4b4r
F/JI4exRsmsc4WyEfR+5hhPpoeNu15kLxWCNQ+FQCH+dJgCccZTqxFQ7/hMNDC8Y
rzOyu+YiTiR8XS94K6HnRgrFo0jLhwWKJazNQS2F2uZBivaAr7NvUlZ697R+0Y/Y
eCMf+q75PWrlGry8o95YAYSXsJXA89yJav5NW7+emYqgHM7fefL9epSyb8njS9xK
D0MwT+LitcekDispslfGpUS/vApcgZbAQcWcM9uQuehgfJNQL1za/T1BIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUUaPEvIdm3BXI5AV/odM4ikBOrMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATXrsQ8De
yQUmGH+YOhGtyOpbdw3/t0NCn4pElIl2tOtOSbgRQdqsSwkAQXuHE4nZvgx5Jazj
XvcmVYrG+WL9YWRH0XDwh1dt5XdZor1O1Xc04lsVTk2/fD0lv+RRYBet5/F7K3H0
KVu6qPVw8tB+CDhzQiicuR6Zoz+cT8G7eT2KvhFUbuhN3BgD3hMm7qg8bPSE6ywl
b+YZZXIW3aN4N5j5e301OZyFZNcSbEha9Wunxraab9/yjE7HKSLcjzr8OF2oYZ1+
0JKQJEbUFtXFF9UasNO7ceUVktry9NkDkr8ogOB+zEIiNxBGaQveC4BBKDRqUMHF
PGae0mnBUOPOjg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:55:08 2025 by rpki-client