Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File:                     68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier:          /H3XqhNIBH9Xpcxett287tUV/eGMQhmaweuD9bSjIZg=
Subject key identifier:   F4:43:24:94:6D:B3:7C:6C:52:77:41:36:EC:C2:00:06:F6:50:AC:3E
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer:       /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial:       05620D05BB79D261E60CA23F038F12418A36F788
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number:          02E3
Signing time:             Tue 22 Jul 2025 06:26:54 +0000
Manifest this update:     Tue 22 Jul 2025 06:21:54 +0000
Manifest next update:     Wed 23 Jul 2025 10:14:54 +0000
Files and hashes:         1: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: j4lHDEdXyqvse2Q93yGifPFu8b3omV7n7PquW1EK4eo=)
                          2: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: AMOOReO25pB/UyWle0jkXv+B6m1MTNWZ4+1w+73+7MY=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 08:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:62:0d:05:bb:79:d2:61:e6:0c:a2:3f:03:8f:12:41:8a:36:f7:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
        Validity
            Not Before: Jul 22 06:21:54 2025 GMT
            Not After : Jul 23 10:14:54 2025 GMT
        Subject: CN=F44324946DB37C6C52774136ECC20006F650AC3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:44:99:82:3a:f1:76:43:9a:ad:52:13:b2:2e:
                    01:7d:b9:59:b1:94:2a:e9:ca:d0:85:25:00:7b:e6:
                    42:75:97:e3:7b:aa:c5:f9:00:4b:0a:e4:c1:aa:32:
                    77:9d:48:44:81:51:4a:b3:93:f5:62:40:03:36:ae:
                    d6:56:92:46:b5:6b:34:42:2a:23:7d:b0:73:1c:cf:
                    ee:db:17:fb:be:2b:e1:b9:fd:e6:f7:3c:eb:f7:99:
                    d5:1d:6a:e2:17:08:e5:e4:c3:51:e0:19:b3:8f:71:
                    07:0d:70:28:01:9b:5a:6f:9b:0f:8d:1b:01:be:a6:
                    7e:86:58:ee:19:63:cc:7c:36:3f:50:79:e0:03:ec:
                    18:a0:9d:b1:86:50:fa:9e:2e:42:59:b6:3a:19:76:
                    14:b3:02:8f:c5:b7:57:9f:f3:0b:41:c2:4f:b3:6f:
                    23:74:3c:f1:d0:4a:d8:9b:ef:36:b9:33:fa:98:df:
                    99:39:fa:b7:3e:8a:68:66:93:ac:be:79:7f:96:25:
                    41:43:15:67:72:88:b5:63:14:32:78:f2:4a:f6:68:
                    c0:3c:bd:77:a6:b1:c2:58:cf:2d:a3:c8:ba:1d:8d:
                    0c:17:3e:ec:2f:a2:7f:48:b5:07:d8:80:20:e2:5a:
                    2b:b4:88:96:51:bc:f7:82:64:62:83:47:d9:3c:f2:
                    3f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:43:24:94:6D:B3:7C:6C:52:77:41:36:EC:C2:00:06:F6:50:AC:3E
            X509v3 Authority Key Identifier:
                keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:cf:f0:17:87:13:5d:9f:50:08:76:35:7a:f7:18:37:15:11:
         96:b5:ab:9a:47:e6:5f:4d:81:b8:42:59:94:80:92:3c:28:30:
         c6:ed:90:cc:cc:6f:bf:40:2c:8a:aa:ed:fe:c8:5d:5a:99:df:
         19:55:d2:75:b1:57:ff:dd:91:ae:36:4e:ce:3a:10:51:26:4c:
         05:5a:f5:3a:f7:4b:3e:1e:2c:a9:ac:96:d0:ec:5e:d1:52:6a:
         89:60:a9:44:c5:5a:83:6b:c0:f5:cc:79:e6:7a:41:9d:92:1a:
         e4:27:d3:71:6f:a8:fc:1c:44:3d:6b:65:7d:7c:ab:81:7a:30:
         6a:bd:1c:ac:c0:2f:35:80:f1:2a:42:25:6e:8d:c2:81:96:ac:
         c6:14:3b:bf:66:74:73:cb:c2:ac:49:92:12:47:9b:7a:15:1b:
         06:c3:9e:1c:9b:bc:ef:90:6f:56:77:aa:1e:56:f5:57:45:8a:
         a0:68:bb:d2:69:19:bf:ec:ff:3d:84:1b:a6:0f:43:6c:19:06:
         53:24:ed:eb:5d:4e:ae:4c:01:31:2d:b8:80:d3:94:8a:ab:d2:
         c0:17:6f:37:43:44:ad:17:fb:f9:3a:72:8d:4c:fc:bf:e5:c7:
         6c:e4:24:89:44:13:0a:59:f0:21:d6:51:ac:82:f0:70:f4:db:
         c6:84:21:6f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUBWINBbt50mHmDKI/A48SQYo294gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNTA3MjIwNjIxNTRaFw0yNTA3MjMxMDE0NTRaMDMxMTAvBgNV
BAMTKEY0NDMyNDk0NkRCMzdDNkM1Mjc3NDEzNkVDQzIwMDA2RjY1MEFDM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQRJmCOvF2Q5qtUhOyLgF9uVmx
lCrpytCFJQB75kJ1l+N7qsX5AEsK5MGqMnedSESBUUqzk/ViQAM2rtZWkka1azRC
KiN9sHMcz+7bF/u+K+G5/eb3POv3mdUdauIXCOXkw1HgGbOPcQcNcCgBm1pvmw+N
GwG+pn6GWO4ZY8x8Nj9QeeAD7BignbGGUPqeLkJZtjoZdhSzAo/Ft1ef8wtBwk+z
byN0PPHQStib7za5M/qY35k5+rc+imhmk6y+eX+WJUFDFWdyiLVjFDJ48kr2aMA8
vXemscJYzy2jyLodjQwXPuwvon9ItQfYgCDiWiu0iJZRvPeCZGKDR9k88j+bAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU9EMklG2zfGxSd0E27MIABvZQrD4wHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUc/wF4cTXZ9QCHY1evcY
NxURlrWrmkfmX02BuEJZlICSPCgwxu2QzMxvv0Asiqrt/shdWpnfGVXSdbFX/92R
rjZOzjoQUSZMBVr1OvdLPh4sqayW0Oxe0VJqiWCpRMVag2vA9cx55npBnZIa5CfT
cW+o/BxEPWtlfXyrgXowar0crMAvNYDxKkIlbo3CgZasxhQ7v2Z0c8vCrEmSEkeb
ehUbBsOeHJu875BvVneqHlb1V0WKoGi70mkZv+z/PYQbpg9DbBkGUyTt611OrkwB
MS24gNOUiqvSwBdvN0NErRf7+TpyjUz8v+XHbOQkiUQTClnwIdZRrILwcPTbxoQh
bw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:54:06 2025 by rpki-client