Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File:                     68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier:          YSlQCOSC4/89W4tCTRKGWrBSvZWoZvxubuaqZEl3pMo=
Subject key identifier:   73:99:F1:2D:D2:28:80:C4:E1:F6:88:CD:78:5C:3A:DE:0D:CB:77:E5
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer:       /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial:       0AA586847267CC8B50B1193965CE8CB2A7277275
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number:          02E5
Signing time:             Wed 23 Jul 2025 22:07:05 +0000
Manifest this update:     Wed 23 Jul 2025 22:02:05 +0000
Manifest next update:     Fri 25 Jul 2025 00:19:05 +0000
Files and hashes:         1: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: AMOOReO25pB/UyWle0jkXv+B6m1MTNWZ4+1w+73+7MY=)
                          2: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: zrPc9uwjM0zumMW+5wVR7dwa7uqMQHD5ayvKNUu2WTE=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 24 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:a5:86:84:72:67:cc:8b:50:b1:19:39:65:ce:8c:b2:a7:27:72:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
        Validity
            Not Before: Jul 23 22:02:05 2025 GMT
            Not After : Jul 25 00:19:05 2025 GMT
        Subject: CN=7399F12DD22880C4E1F688CD785C3ADE0DCB77E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3c:04:c8:76:32:bf:5d:26:47:5c:31:cb:da:
                    36:f4:11:93:ca:4e:2f:33:4c:3b:57:7d:89:5f:c3:
                    e4:4b:8f:62:f4:59:03:3d:8b:10:5d:be:3f:e0:43:
                    30:f0:c2:de:fe:dc:10:bc:d7:b1:7a:91:f7:99:fb:
                    dd:26:85:5d:8c:b4:f6:f2:35:8a:ea:0b:e4:40:a5:
                    be:37:55:91:13:83:02:dd:be:57:01:af:53:f6:4d:
                    70:22:f7:6b:b9:7e:73:06:a1:b8:2e:bb:54:bf:d3:
                    0c:0f:d9:c3:20:65:09:97:dc:22:66:18:77:ef:5b:
                    a0:79:9c:20:90:b2:d6:00:c7:41:d6:04:0f:93:c0:
                    3b:60:a6:58:9e:90:10:ef:e8:d5:ee:ed:7c:a2:3f:
                    22:57:53:95:d7:2e:a0:cc:2f:fc:e5:ee:72:83:83:
                    e2:b4:5d:c4:4a:1a:4a:9e:40:cf:eb:e2:40:6b:6e:
                    2f:0c:11:98:b3:62:01:ca:a0:88:c8:be:62:92:5f:
                    72:ed:6f:e4:d5:3d:38:c5:65:fe:dd:35:9d:fc:d9:
                    fb:67:ef:4c:f7:18:42:a1:fe:12:67:e6:82:89:e5:
                    fb:21:a9:86:03:32:cc:49:61:1e:f2:2a:fa:0b:c5:
                    85:b0:c4:da:22:39:cd:6a:6f:ba:ab:77:6f:99:ed:
                    d3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:99:F1:2D:D2:28:80:C4:E1:F6:88:CD:78:5C:3A:DE:0D:CB:77:E5
            X509v3 Authority Key Identifier:
                keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:6b:b5:41:d9:1e:e1:39:b0:3f:29:6c:01:24:67:24:5e:5b:
         78:b7:21:1f:23:3e:36:2c:7f:07:93:66:78:73:e9:31:6b:46:
         7d:1b:8f:30:c5:68:bf:ad:43:0e:0d:3d:e1:cd:8d:37:e2:0d:
         ea:1e:13:cf:47:03:cf:03:0c:5f:c2:da:72:02:f8:07:be:3e:
         9e:2a:26:d6:e1:51:88:01:24:8d:bf:da:ee:35:5a:62:04:46:
         09:ea:0a:ca:c4:5b:e5:0a:fd:bf:df:45:55:02:3f:50:2f:0e:
         3b:18:a8:fa:9d:30:8f:52:93:d3:9e:01:6d:97:d1:a8:2a:8a:
         95:d0:e7:a5:ae:08:dc:85:ee:03:03:d9:3f:06:6b:82:39:2d:
         e4:9f:04:02:88:83:3a:f5:5d:dd:63:2f:82:6f:f7:9c:a1:96:
         5f:49:44:fe:73:a0:67:fa:0f:ff:19:d8:13:e5:4a:ec:0e:31:
         54:99:9b:35:73:57:7e:d7:b7:64:5b:32:b2:02:5b:e2:7f:2b:
         73:86:50:7b:e3:2b:33:50:22:70:0a:fc:5a:0a:1e:ef:cb:7c:
         75:dd:03:77:a2:dc:03:12:2f:a7:e7:d2:71:a2:bd:b2:52:7e:
         7b:bc:74:8b:b1:fc:35:93:21:4f:cb:7b:78:b5:96:4b:e8:d9:
         34:b9:e5:5b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUCqWGhHJnzItQsRk5Zc6MsqcncnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNTA3MjMyMjAyMDVaFw0yNTA3MjUwMDE5MDVaMDMxMTAvBgNV
BAMTKDczOTlGMTJERDIyODgwQzRFMUY2ODhDRDc4NUMzQURFMERDQjc3RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEPATIdjK/XSZHXDHL2jb0EZPK
Ti8zTDtXfYlfw+RLj2L0WQM9ixBdvj/gQzDwwt7+3BC817F6kfeZ+90mhV2MtPby
NYrqC+RApb43VZETgwLdvlcBr1P2TXAi92u5fnMGobguu1S/0wwP2cMgZQmX3CJm
GHfvW6B5nCCQstYAx0HWBA+TwDtgpliekBDv6NXu7XyiPyJXU5XXLqDML/zl7nKD
g+K0XcRKGkqeQM/r4kBrbi8MEZizYgHKoIjIvmKSX3Ltb+TVPTjFZf7dNZ382ftn
70z3GEKh/hJn5oKJ5fshqYYDMsxJYR7yKvoLxYWwxNoiOc1qb7qrd2+Z7dPNAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUc5nxLdIogMTh9ojNeFw63g3Ld+UwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2u1Qdke4TmwPylsASRn
JF5beLchHyM+Nix/B5NmeHPpMWtGfRuPMMVov61DDg094c2NN+IN6h4Tz0cDzwMM
X8LacgL4B74+niom1uFRiAEkjb/a7jVaYgRGCeoKysRb5Qr9v99FVQI/UC8OOxio
+p0wj1KT054BbZfRqCqKldDnpa4I3IXuAwPZPwZrgjkt5J8EAoiDOvVd3WMvgm/3
nKGWX0lE/nOgZ/oP/xnYE+VK7A4xVJmbNXNXfte3ZFsysgJb4n8rc4ZQe+MrM1Ai
cAr8Wgoe78t8dd0Dd6LcAxIvp+fScaK9slJ+e7x0i7H8NZMhT8t7eLWWS+jZNLnl
Ww==
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:55:00 2025 by rpki-client