Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File:                     XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier:          AkFdrdwC04ePwEYP6qmsBH+wDs92MIAHKnR/Cij41jI=
Subject key identifier:   22:89:F0:B6:56:89:56:9A:58:41:32:5F:23:8D:83:95:C3:72:5E:76
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer:       /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial:       0198402B66EB5FB5151399380419082A1F5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number:          0531
Signing time:             Fri 25 Jul 2025 06:00:42 +0000
Manifest this update:     Fri 25 Jul 2025 06:00:42 +0000
Manifest next update:     Sat 26 Jul 2025 06:00:42 +0000
Files and hashes:         1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
                          2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: Iz2+6K0aua4nW6VgBSn/kdeICKFZqSu/99KyiVaT+jg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 26 Jul 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:40:2b:66:eb:5f:b5:15:13:99:38:04:19:08:2a:1f:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
        Validity
            Not Before: Jul 25 06:00:42 2025 GMT
            Not After : Jul 26 06:00:42 2025 GMT
        Subject: CN=2289f0b65689569a5841325f238d8395c3725e76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ae:be:2c:30:71:4c:e1:a2:d3:a4:f7:83:66:
                    85:96:34:5d:26:1b:79:0b:ce:9c:db:94:fa:19:0f:
                    1f:a8:45:af:61:49:40:3f:5c:6f:63:b9:aa:9e:79:
                    b7:25:d4:b6:65:05:31:14:43:e4:67:f5:35:ca:f3:
                    55:43:8e:c9:6a:fd:6f:1a:b7:8e:9e:85:31:f7:3d:
                    5b:40:5f:a0:19:bc:b1:37:3e:67:d3:98:63:1a:66:
                    42:c0:95:93:f1:37:69:1e:02:4a:82:95:12:d8:8f:
                    a4:91:a4:9c:f7:5e:a8:9f:b2:46:35:4b:f8:b5:76:
                    22:9f:a6:c0:db:cb:56:b4:fe:2a:83:bb:0b:6d:36:
                    5b:cb:35:6c:b2:43:b1:ce:8f:4c:37:b7:28:0b:69:
                    87:9c:01:9f:85:30:e5:12:01:9e:72:3f:52:25:60:
                    2d:93:20:07:2d:13:b9:d7:6d:f5:e8:3b:d2:52:bd:
                    55:a9:c8:bb:4d:d3:29:22:b4:86:55:be:4a:fe:83:
                    90:f2:59:81:c2:b0:eb:a3:65:3f:19:64:bc:9e:85:
                    49:da:c1:b8:dd:e7:78:a9:ca:05:19:20:32:bb:b8:
                    69:1c:0d:1b:9c:ff:37:e9:55:33:da:fb:12:7d:fc:
                    72:12:ce:32:53:d7:85:1f:e7:20:74:e9:1a:af:75:
                    6a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:89:F0:B6:56:89:56:9A:58:41:32:5F:23:8D:83:95:C3:72:5E:76
            X509v3 Authority Key Identifier:
                keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:f6:82:7b:54:99:e8:07:c4:77:fa:b2:42:7e:3b:6a:87:a3:
         50:25:2b:5c:c5:a0:6c:82:12:87:bf:93:8f:dd:31:c6:18:17:
         96:78:a9:d4:2e:3d:4d:c3:f0:4b:e7:26:84:a3:14:3e:26:f6:
         9f:3e:b6:72:6d:6a:c9:f3:72:8f:ae:dd:b1:80:28:9c:30:4d:
         47:a0:d2:31:0b:c9:f3:a4:2f:7e:f2:cf:7d:6e:56:27:c1:d7:
         46:76:34:e5:74:8e:7b:64:9b:47:98:73:2e:77:da:d6:e7:e2:
         57:3d:d4:8c:14:e7:de:4e:fb:78:19:01:03:d3:55:28:83:33:
         a8:01:d3:bc:99:cb:26:3f:8c:17:75:31:37:db:f2:3a:e7:24:
         1f:84:2d:38:32:63:f6:12:45:82:b4:97:21:8c:9e:a8:65:c1:
         58:0e:df:9f:af:22:e9:e5:7b:dc:26:a2:fb:7e:07:34:7b:1e:
         c9:41:85:00:b4:17:c9:94:0a:11:70:fc:73:f2:56:9a:dc:10:
         ff:21:53:b5:71:e0:c9:b5:ee:4f:b4:c1:15:79:0f:84:f5:cd:
         f9:3e:81:81:b4:60:2c:07:4b:47:be:94:14:d4:38:0c:29:4e:
         0b:9e:5e:d7:ec:a6:76:76:3f:36:af:31:50:75:0d:b3:32:cd:
         e3:6d:ba:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhAK2brX7UVE5k4BBkIKh9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUwNzI1MDYwMDQyWhcNMjUwNzI2MDYwMDQyWjAzMTEwLwYDVQQD
EygyMjg5ZjBiNjU2ODk1NjlhNTg0MTMyNWYyMzhkODM5NWMzNzI1ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K6+LDBxTOGi06T3g2aFljRdJht5
C86c25T6GQ8fqEWvYUlAP1xvY7mqnnm3JdS2ZQUxFEPkZ/U1yvNVQ47Jav1vGreO
noUx9z1bQF+gGbyxNz5n05hjGmZCwJWT8TdpHgJKgpUS2I+kkaSc916on7JGNUv4
tXYin6bA28tWtP4qg7sLbTZbyzVsskOxzo9MN7coC2mHnAGfhTDlEgGecj9SJWAt
kyAHLRO512316DvSUr1Vqci7TdMpIrSGVb5K/oOQ8lmBwrDro2U/GWS8noVJ2sG4
3ed4qcoFGSAyu7hpHA0bnP836VUz2vsSffxyEs4yU9eFH+cgdOkar3VqYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKJ8LZWiVaaWEEyXyONg5XDcl52MB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/aCe1SZ
6AfEd/qyQn47aoejUCUrXMWgbIISh7+Tj90xxhgXlnip1C49TcPwS+cmhKMUPib2
nz62cm1qyfNyj67dsYAonDBNR6DSMQvJ86QvfvLPfW5WJ8HXRnY05XSOe2SbR5hz
Lnfa1ufiVz3UjBTn3k77eBkBA9NVKIMzqAHTvJnLJj+MF3UxN9vyOuckH4QtODJj
9hJFgrSXIYyeqGXBWA7fn68i6eV73Cai+34HNHseyUGFALQXyZQKEXD8c/JWmtwQ
/yFTtXHgybXuT7TBFXkPhPXN+T6BgbRgLAdLR76UFNQ4DClOC55e1+ymdnY/Nq8x
UHUNszLN4226og==
-----END CERTIFICATE-----
Generated at Fri Jul 25 11:09:16 2025 by rpki-client