Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
File:                     gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json)
Hash identifier:          qsE9xHUD4FOvRkvbBm8vwssnYFpJLg8Xy9NzkhDOVxU=
Subject key identifier:   B1:A7:8E:F5:80:0D:A2:9A:B1:0B:DD:B4:C4:6D:8F:E0:E7:93:0F:95
Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
Certificate issuer:       /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Certificate serial:       0197605D866BAC3CF7EA0A41A6E8A02509E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
Manifest number:          099F
Signing time:             Wed 11 Jun 2025 19:00:31 +0000
Manifest this update:     Wed 11 Jun 2025 19:00:31 +0000
Manifest next update:     Thu 12 Jun 2025 19:00:31 +0000
Files and hashes:         1: 5QlNV7-3Q34zZfQ5XbNLc8wKA40.roa (hash: T1GmpANOUDoxZLUDnHoNMN2ENMK9C/xESzMwTNL0s2Y=)
                          2: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: 4QwmCg1Q9f+IVn1EQbkiZ/K9T0Kz2/qJcPugW2VUF5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:5d:86:6b:ac:3c:f7:ea:0a:41:a6:e8:a0:25:09:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
        Validity
            Not Before: Jun 11 19:00:31 2025 GMT
            Not After : Jun 12 19:00:31 2025 GMT
        Subject: CN=b1a78ef5800da29ab10bddb4c46d8fe0e7930f95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:3f:08:60:69:ce:88:de:03:a1:6e:03:1d:2e:
                    2d:0a:e8:31:41:e0:1a:e9:f5:0a:60:ca:0b:91:de:
                    cd:4c:d3:c9:1a:ca:bf:88:f5:8e:96:e7:6d:9c:7a:
                    dd:47:09:be:87:36:37:1d:b0:68:f9:71:9f:7a:9f:
                    5e:b7:3d:84:b8:a2:c6:16:26:0a:d5:fb:4c:23:03:
                    52:a8:24:6e:1f:49:e7:f6:9d:c6:42:52:59:54:f2:
                    f5:78:06:d1:8b:8e:4d:f8:5d:49:5b:e8:13:53:10:
                    15:8b:4a:c3:b3:5d:92:08:15:e5:9e:24:ec:05:54:
                    9d:ee:e4:28:9d:0b:4c:07:a1:cb:28:7d:31:64:7d:
                    51:bd:47:42:d8:ee:7d:9b:aa:b2:68:6e:20:a5:3f:
                    9c:6f:a1:72:f5:ce:0d:6f:5f:ac:1d:30:9a:c8:bf:
                    53:2e:a1:57:27:55:e5:86:cf:84:b0:60:24:c7:63:
                    1a:33:07:5a:cf:71:de:94:31:c3:b6:1c:b1:37:f8:
                    ff:0b:21:e4:7a:0f:48:54:05:1f:da:d0:e4:0f:fb:
                    51:19:d6:c5:7a:00:22:ba:37:78:38:d1:ba:3a:50:
                    3e:44:7f:3e:ae:bc:37:a2:0b:a7:c4:59:f9:ed:5e:
                    1e:54:7c:04:c2:a2:66:cc:1b:ff:1c:33:41:35:4e:
                    9e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A7:8E:F5:80:0D:A2:9A:B1:0B:DD:B4:C4:6D:8F:E0:E7:93:0F:95
            X509v3 Authority Key Identifier:
                keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:90:85:70:a9:71:30:b6:dd:0f:74:14:24:ad:ee:37:22:e0:
         93:76:84:d0:48:8d:6f:4b:e5:c8:b1:15:c2:bc:3c:30:f2:80:
         a6:3c:a1:c4:a6:ca:f5:8c:53:79:03:e1:d1:e3:95:cd:1b:cd:
         1c:5a:57:e0:16:39:b8:e4:4c:9d:12:d7:5c:40:38:d9:b9:76:
         4b:07:a2:f0:8f:02:cb:97:ca:8b:99:cf:05:67:e5:13:78:1f:
         f0:a0:8e:f9:18:db:dc:b0:c4:8b:89:51:a7:03:b0:d6:12:f3:
         71:dd:12:dd:79:87:35:80:55:25:26:24:2d:ea:3c:ce:a0:34:
         89:e5:4b:5e:aa:bb:42:03:5d:96:1b:5d:1e:e3:52:18:ef:54:
         ea:e7:5b:ec:54:5e:e8:df:d7:cb:bd:2c:50:f5:23:89:d7:88:
         ae:c7:d7:dd:25:b9:7b:52:73:a9:6c:8d:8a:64:5b:0a:b7:9d:
         c0:62:73:1b:dc:b5:f4:56:46:23:bb:7d:30:b2:27:5f:2a:b3:
         21:c7:a9:46:04:b0:eb:37:12:dd:55:db:ae:45:e9:32:d9:55:
         be:e2:16:69:93:78:70:0e:86:8c:5b:4d:31:63:e1:b3:da:fd:
         34:b8:ec:f2:f7:e2:3e:a5:32:0a:6a:48:14:6f:6d:72:96:0d:
         8c:77:4e:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgXYZrrDz36gpBpuigJQnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk
YTJmY2YwHhcNMjUwNjExMTkwMDMxWhcNMjUwNjEyMTkwMDMxWjAzMTEwLwYDVQQD
EyhiMWE3OGVmNTgwMGRhMjlhYjEwYmRkYjRjNDZkOGZlMGU3OTMwZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3D8IYGnOiN4DoW4DHS4tCugxQeAa
6fUKYMoLkd7NTNPJGsq/iPWOludtnHrdRwm+hzY3HbBo+XGfep9etz2EuKLGFiYK
1ftMIwNSqCRuH0nn9p3GQlJZVPL1eAbRi45N+F1JW+gTUxAVi0rDs12SCBXlniTs
BVSd7uQonQtMB6HLKH0xZH1RvUdC2O59m6qyaG4gpT+cb6Fy9c4Nb1+sHTCayL9T
LqFXJ1Xlhs+EsGAkx2MaMwdaz3HelDHDthyxN/j/CyHkeg9IVAUf2tDkD/tRGdbF
egAiujd4ONG6OlA+RH8+rrw3ogunxFn57V4eVHwEwqJmzBv/HDNBNU6eIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGnjvWADaKasQvdtMRtj+Dnkw+VMB8GA1UdIwQY
MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt
ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2
LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZCFcKlx
MLbdD3QUJK3uNyLgk3aE0EiNb0vlyLEVwrw8MPKApjyhxKbK9YxTeQPh0eOVzRvN
HFpX4BY5uORMnRLXXEA42bl2Swei8I8Cy5fKi5nPBWflE3gf8KCO+Rjb3LDEi4lR
pwOw1hLzcd0S3XmHNYBVJSYkLeo8zqA0ieVLXqq7QgNdlhtdHuNSGO9U6udb7FRe
6N/Xy70sUPUjideIrsfX3SW5e1JzqWyNimRbCredwGJzG9y19FZGI7t9MLInXyqz
IcepRgSw6zcS3VXbrkXpMtlVvuIWaZN4cA6GjFtNMWPhs9r9NLjs8vfiPqUyCmpI
FG9tcpYNjHdOJQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:51:19 2025 by rpki-client