Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
File:                     xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json)
Hash identifier:          PVwBzl/H9V40TSl4MGbWx1sWQAZzFVzi56gUmQCl6Uo=
Subject key identifier:   37:82:E2:83:AC:0F:38:08:CD:61:24:D4:48:D9:6B:F2:51:8F:B0:2E
Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
Certificate issuer:       /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Certificate serial:       019902CC8AE15D31E534DD92EB5B75A7D838
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
Manifest number:          15F4
Signing time:             Mon 01 Sep 2025 01:03:03 +0000
Manifest this update:     Mon 01 Sep 2025 01:03:03 +0000
Manifest next update:     Tue 02 Sep 2025 01:03:03 +0000
Files and hashes:         1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=)
                          2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: sCRRZnXNE0yQRFfPiTSlJ51qA9pCELbzntZmhtz/uHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 01 Sep 2025 22:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:02:cc:8a:e1:5d:31:e5:34:dd:92:eb:5b:75:a7:d8:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
        Validity
            Not Before: Sep  1 01:03:03 2025 GMT
            Not After : Sep  2 01:03:03 2025 GMT
        Subject: CN=3782e283ac0f3808cd6124d448d96bf2518fb02e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:ea:20:7e:b4:cf:d3:42:05:ac:86:7d:27:
                    66:50:2d:8f:c5:26:9f:d7:42:7c:95:26:d6:74:c7:
                    62:c5:50:cb:06:8f:cc:45:0f:83:03:55:fd:27:dd:
                    35:19:a1:a8:52:6f:94:c8:98:04:19:44:9a:fd:37:
                    a1:f2:be:3d:dd:81:67:36:9a:52:0f:3d:35:d4:b0:
                    f4:81:71:03:36:e3:79:0a:7a:9f:36:08:d0:d1:d1:
                    26:27:ef:c1:20:c2:30:3a:ca:e6:38:33:e0:0e:85:
                    73:dd:27:20:36:86:3f:9d:6b:47:76:3c:bb:7b:0c:
                    40:1c:19:37:ae:45:89:3b:f1:db:4e:18:20:81:1a:
                    60:6c:a3:64:92:01:95:4a:6d:e9:31:99:f6:a4:04:
                    c5:b4:b5:4d:4d:94:75:57:12:8c:a4:0a:c1:29:55:
                    e1:37:66:ab:f0:8a:c7:ac:8a:75:2b:86:b0:42:2d:
                    ee:43:d9:23:26:cd:27:d9:07:c0:a5:7b:19:8a:a8:
                    ca:e6:c1:72:97:1c:ec:e0:1b:3d:5c:fe:3c:f2:8c:
                    76:2a:db:69:fa:69:0b:05:49:95:ff:4c:22:96:08:
                    e9:69:ae:7c:41:8b:25:26:bb:3d:b6:a2:25:5b:41:
                    99:eb:96:8e:ce:c4:ff:dd:64:b5:8c:57:52:c1:97:
                    41:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:82:E2:83:AC:0F:38:08:CD:61:24:D4:48:D9:6B:F2:51:8F:B0:2E
            X509v3 Authority Key Identifier:
                keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:51:79:2d:b9:1f:fc:a2:48:1a:54:bc:43:0f:a5:ae:54:5c:
         68:ea:12:71:eb:73:13:2d:46:24:53:7e:01:40:1d:73:ac:91:
         47:9b:5b:19:34:95:d7:fa:6d:26:fc:73:1d:07:cf:54:c7:bf:
         b4:c8:ac:f4:de:fb:f6:06:1c:31:fb:e2:f9:5a:e8:da:8d:c4:
         56:33:d4:75:9e:ca:d3:1c:1f:35:1a:55:d3:cb:65:f5:77:dc:
         8c:20:77:1d:e2:98:b5:aa:e1:62:ae:08:6d:e7:91:aa:f7:8a:
         03:61:b4:c0:cd:6f:fc:73:57:0c:f0:86:a9:a7:b6:dd:c8:11:
         12:d7:9e:ef:d2:2f:90:80:0f:86:f2:79:be:a1:88:2a:1f:15:
         99:ef:f5:7d:e7:95:6d:c4:29:3e:31:73:18:5b:07:d6:23:f8:
         bf:26:e2:c1:8d:e3:99:e9:d1:87:e7:62:74:d2:d3:6a:c6:22:
         02:c4:70:c6:8c:40:58:8b:75:30:34:40:be:e1:a5:00:1a:09:
         e9:f2:ea:73:18:9a:d6:98:c6:9f:aa:a6:f6:11:82:65:8e:94:
         02:a9:5f:28:7a:f2:f8:64:15:c3:6b:bd:58:55:a1:de:cc:08:
         bd:2e:2f:c0:45:b5:bc:d1:85:96:fd:11:98:68:57:ce:c7:14:
         7c:03:cb:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkCzIrhXTHlNN2S61t1p9g4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl
YTU3YmIwHhcNMjUwOTAxMDEwMzAzWhcNMjUwOTAyMDEwMzAzWjAzMTEwLwYDVQQD
EygzNzgyZTI4M2FjMGYzODA4Y2Q2MTI0ZDQ0OGQ5NmJmMjUxOGZiMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM3qIH60z9NCBayGfSdmUC2PxSaf
10J8lSbWdMdixVDLBo/MRQ+DA1X9J901GaGoUm+UyJgEGUSa/Teh8r493YFnNppS
Dz011LD0gXEDNuN5CnqfNgjQ0dEmJ+/BIMIwOsrmODPgDoVz3ScgNoY/nWtHdjy7
ewxAHBk3rkWJO/HbThgggRpgbKNkkgGVSm3pMZn2pATFtLVNTZR1VxKMpArBKVXh
N2ar8IrHrIp1K4awQi3uQ9kjJs0n2QfApXsZiqjK5sFylxzs4Bs9XP488ox2Kttp
+mkLBUmV/0wilgjpaa58QYslJrs9tqIlW0GZ65aOzsT/3WS1jFdSwZdB8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDeC4oOsDzgIzWEk1EjZa/JRj7AuMB8GA1UdIwQY
MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt
MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2
LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFF5Lbkf
/KJIGlS8Qw+lrlRcaOoScetzEy1GJFN+AUAdc6yRR5tbGTSV1/ptJvxzHQfPVMe/
tMis9N779gYcMfvi+Vro2o3EVjPUdZ7K0xwfNRpV08tl9XfcjCB3HeKYtarhYq4I
beeRqveKA2G0wM1v/HNXDPCGqae23cgREtee79IvkIAPhvJ5vqGIKh8Vme/1feeV
bcQpPjFzGFsH1iP4vybiwY3jmenRh+didNLTasYiAsRwxoxAWIt1MDRAvuGlABoJ
6fLqcxia1pjGn6qm9hGCZY6UAqlfKHry+GQVw2u9WFWh3swIvS4vwEW1vNGFlv0R
mGhXzscUfAPLUg==
-----END CERTIFICATE-----
Generated at Mon Sep 1 04:12:45 2025 by rpki-client