Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
File:                     bOl89NjQvBezrx1ixNcUiGYb0hI.mft (raw, json)
Hash identifier:          HI2LU7xyHaB1aOa6UQC8K0R9hDPsN/TAeN70Sx7Hrns=
Subject key identifier:   28:DD:68:53:DE:DC:58:91:9C:49:3E:F9:11:7B:24:0E:03:61:99:0F
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Certificate issuer:       /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial:       01965A2742B545A7B921219206BF57874EFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
Manifest number:          150A
Signing time:             Mon 21 Apr 2025 21:00:44 +0000
Manifest this update:     Mon 21 Apr 2025 21:00:44 +0000
Manifest next update:     Tue 22 Apr 2025 21:00:44 +0000
Files and hashes:         1: Af8LoP7Lc3Ri1EjEl2aPSimN8N8.roa (hash: K3jq+ZPDX3ZWFw5k3Zz+FhB98xNgrxje9TzL4q7xQ84=)
                          2: F2A4Y0MrgEztwlWitJZvMyHSYcU.roa (hash: w50mpPDFrcclMXuIaVxZ4+xtSUk5AU18fPWu5EoX+LA=)
                          3: HDwNTyOMXjdcFIbI5Dg8ZGceIPc.roa (hash: xGqkyX+qZQ75xb5Nb+DtuxrBcbMbXYywOv/jqNzFE9U=)
                          4: J1CKtsXx9r_LHHrlYsJGTJF509U.roa (hash: Wy6xl+FAMDx5u89yFxnteVYqnAsEeBLLKMZFfJdUW6I=)
                          5: Uh2lETEq8E5x-jAu-VnjQrM5VGg.roa (hash: SoBuut5hx6X/4eMmfxkxmJvGDUdRqdsnwXxbmDCgQsE=)
                          6: V9Tcb7av_dVNBRfc9o8N4UA1rso.roa (hash: grBhVeV/JDROWekOKeK0iGvKNav3Jg9ZyJda99GGyG4=)
                          7: Vv7xuEIJNPkNiS2jgKXFiJ0hO5o.roa (hash: 0tBte5YJPRScKJDnL/xskQjq4j0+cjIuEo3Z5S4On/k=)
                          8: YY5vnq-WY3ttKAPBwWUwZDNoZ94.roa (hash: otf25hemgRYV3JPKjRYvJ8q5HrlB5I1ctES0TPSG1ck=)
                          9: _sq0c5GTAFHDkK0kB1xS-FJEkxE.roa (hash: 0/aQ7T6vcLRIStkXpDsfCFlQb8OkLcG1wf2/+Q//xZk=)
                          10: bOl89NjQvBezrx1ixNcUiGYb0hI.crl (hash: 7W1V/pTEY/Aj18NHWh9J8TNxDsQzRC0sGvdQnwUbZ3M=)
                          11: bgndW0CmBQuiHxQFDGV1p4kfQ0w.roa (hash: 69wNM6Nj33ysdv0n+TRiRf/aZRUnSe2bA4XmQXvr6Ug=)
                          12: nRXz0JWuVzTuqgJJowbVl480fPU.roa (hash: 8yilskVPxe2I/+785iQCSlJBQxLK7FQ+9fHJRaIbBIk=)
                          13: ok2coLlZfCNf012-KQnTYpk7lZE.roa (hash: jPQ1+YObpchvAlB5pc4INo3tzPPIYQQgACezxT56CVQ=)
                          14: s3CD24AurNDhU5l0KzX89OIgsIY.roa (hash: j74AELSwt2VeN/kZd/dKyAyFPFjNPOflv3KMrplCA7M=)
                          15: whbNPX7xpImhIktrpipKoQzAFZo.roa (hash: Jtvnk0ncEqCQ/ZQ9F0sCk3O4UoG6D0dlD2s9B3IWjbk=)
                          16: y2chyLi0MiNw5kPgCGuG_lAJm6E.roa (hash: aBY4sS6r8TuI74TUuwhLmDR0B3e0KyzhgW6eBiCSGXY=)
                          17: yCCs4shbMfXFkRbB-dbVm3aK1dE.roa (hash: ERGKfWwqWpDoNIV4hNRq6bDPGoH2AztZvrPKQ4MnRxU=)
                          18: yqrbohxedJqZYRfOM_ZbeFgbUDk.roa (hash: 5D+jOOYzSjHZwRxIJ5GcJlLwrz/EOLrzaFXp3+Dosvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:27:42:b5:45:a7:b9:21:21:92:06:bf:57:87:4e:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
        Validity
            Not Before: Apr 21 21:00:44 2025 GMT
            Not After : Apr 22 21:00:44 2025 GMT
        Subject: CN=28dd6853dedc58919c493ef9117b240e0361990f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c9:b6:e2:51:e8:c5:2e:5c:7b:7c:ca:2c:af:
                    5b:20:d1:90:0c:8d:b6:65:9f:f9:6f:c5:a7:fb:17:
                    a5:48:fd:0c:81:1b:4c:5a:0b:7c:3b:c3:db:51:cc:
                    ee:60:02:31:d5:1d:85:72:86:03:08:23:5a:29:a4:
                    49:1f:18:b5:0b:51:f8:d6:b7:0e:50:22:d2:28:21:
                    05:09:87:94:c2:79:60:20:21:8c:5e:8f:64:3d:80:
                    bb:6a:60:ef:b5:d2:a5:d7:e9:c2:a3:83:34:58:cb:
                    d7:57:49:bb:78:39:0d:9c:a5:48:3a:dc:c8:73:9a:
                    23:38:cb:d5:00:1c:67:61:53:fa:ea:88:09:9f:5a:
                    33:ee:a4:c8:85:fd:13:06:8e:3c:6f:c6:da:7f:ce:
                    90:f4:39:c6:e2:c8:1b:2d:3a:45:ec:ab:88:3c:b2:
                    5b:5f:37:47:ce:45:9d:87:3a:56:be:84:ed:5c:38:
                    56:77:66:55:9c:32:3c:62:71:fb:f9:7d:a8:ec:af:
                    3d:f3:e3:1b:54:2e:55:95:9c:cb:2c:51:8d:44:ea:
                    99:d4:13:8f:22:5d:5b:e0:9f:6b:b7:f6:6f:1d:28:
                    9c:cb:0b:5f:b0:e4:e6:1c:1d:0e:e6:7a:70:79:83:
                    42:ab:6a:27:65:81:3e:4d:e7:e1:0a:e1:ac:5c:7c:
                    2b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:DD:68:53:DE:DC:58:91:9C:49:3E:F9:11:7B:24:0E:03:61:99:0F
            X509v3 Authority Key Identifier:
                keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:fd:47:43:51:82:22:79:7a:bf:43:e2:3f:e4:57:ea:d7:07:
         f4:79:f2:98:a6:b3:57:51:97:fa:fa:0f:56:34:fe:0d:f7:0c:
         62:9a:e2:f0:fd:60:cd:e7:22:a1:c9:30:3d:29:77:e5:5c:f0:
         89:4b:32:6c:91:a1:71:b2:58:b5:f5:6e:06:80:9f:ca:76:7a:
         c3:a8:ac:5b:ef:b3:fa:63:53:dc:a1:10:13:0b:27:99:0c:f6:
         38:92:dc:50:2e:14:ff:47:d9:a7:5c:5a:ee:a5:43:fa:43:3d:
         d4:59:27:6b:59:d2:dc:ad:42:7d:2e:c6:cd:12:8d:0a:f6:78:
         e2:16:8c:2a:5b:dd:15:84:ee:fc:a8:3d:b0:9f:be:9b:90:86:
         33:2b:68:18:06:ca:3b:05:2e:dc:21:51:13:ad:86:c7:50:e5:
         20:57:84:58:78:22:e1:ce:f8:ab:62:7d:02:20:de:b0:6a:cd:
         26:b7:dc:f9:8d:e2:82:07:8d:69:ba:9a:3c:37:0f:b8:57:d7:
         c6:86:c8:ac:2b:90:d6:01:56:2c:ba:5f:c9:f3:1c:82:fa:39:
         ce:82:7e:27:c8:ca:f0:8c:d4:e7:0a:cd:f1:e4:f1:89:44:12:
         26:30:b6:c5:ee:54:32:9c:c8:9c:59:a9:fd:d7:42:0b:57:17:
         7a:6c:42:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaJ0K1Rae5ISGSBr9Xh076MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjUwNDIxMjEwMDQ0WhcNMjUwNDIyMjEwMDQ0WjAzMTEwLwYDVQQD
EygyOGRkNjg1M2RlZGM1ODkxOWM0OTNlZjkxMTdiMjQwZTAzNjE5OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcm24lHoxS5ce3zKLK9bINGQDI22
ZZ/5b8Wn+xelSP0MgRtMWgt8O8PbUczuYAIx1R2FcoYDCCNaKaRJHxi1C1H41rcO
UCLSKCEFCYeUwnlgICGMXo9kPYC7amDvtdKl1+nCo4M0WMvXV0m7eDkNnKVIOtzI
c5ojOMvVABxnYVP66ogJn1oz7qTIhf0TBo48b8baf86Q9DnG4sgbLTpF7KuIPLJb
XzdHzkWdhzpWvoTtXDhWd2ZVnDI8YnH7+X2o7K898+MbVC5VlZzLLFGNROqZ1BOP
Il1b4J9rt/ZvHSicywtfsOTmHB0O5npweYNCq2onZYE+TefhCuGsXHwrpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjdaFPe3FiRnEk++RF7JA4DYZkPMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/1HQ1GC
Inl6v0PiP+RX6tcH9HnymKazV1GX+voPVjT+DfcMYpri8P1gzeciockwPSl35Vzw
iUsybJGhcbJYtfVuBoCfynZ6w6isW++z+mNT3KEQEwsnmQz2OJLcUC4U/0fZp1xa
7qVD+kM91Fkna1nS3K1CfS7GzRKNCvZ44haMKlvdFYTu/Kg9sJ++m5CGMytoGAbK
OwUu3CFRE62Gx1DlIFeEWHgi4c74q2J9AiDesGrNJrfc+Y3iggeNabqaPDcPuFfX
xobIrCuQ1gFWLLpfyfMcgvo5zoJ+J8jK8IzU5wrN8eTxiUQSJjC2xe5UMpzInFmp
/ddCC1cXemxCdQ==
-----END CERTIFICATE-----