Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
File:                     bOl89NjQvBezrx1ixNcUiGYb0hI.mft (raw, json)
Hash identifier:          YT6JJRMLdn4JrozVVmyZhpGYg0yPFvb5CBfx9zmYdhY=
Subject key identifier:   98:D2:C0:91:FE:55:00:35:76:FF:BA:97:CB:57:9E:FB:71:42:15:F3
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Certificate issuer:       /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial:       019747B0D59A621F0EEBD724DE7621E90462
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
Manifest number:          1586
Signing time:             Sat 07 Jun 2025 00:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 00:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 00:01:00 +0000
Files and hashes:         1: Af8LoP7Lc3Ri1EjEl2aPSimN8N8.roa (hash: K3jq+ZPDX3ZWFw5k3Zz+FhB98xNgrxje9TzL4q7xQ84=)
                          2: F2A4Y0MrgEztwlWitJZvMyHSYcU.roa (hash: w50mpPDFrcclMXuIaVxZ4+xtSUk5AU18fPWu5EoX+LA=)
                          3: HDwNTyOMXjdcFIbI5Dg8ZGceIPc.roa (hash: xGqkyX+qZQ75xb5Nb+DtuxrBcbMbXYywOv/jqNzFE9U=)
                          4: J1CKtsXx9r_LHHrlYsJGTJF509U.roa (hash: Wy6xl+FAMDx5u89yFxnteVYqnAsEeBLLKMZFfJdUW6I=)
                          5: Uh2lETEq8E5x-jAu-VnjQrM5VGg.roa (hash: SoBuut5hx6X/4eMmfxkxmJvGDUdRqdsnwXxbmDCgQsE=)
                          6: XJb3trIMR2o2CfWTOuYiqHcFzws.roa (hash: BRkLNlJqve/L2aNsuMJ+5pqTXL5/kYQCmhET9weR1yA=)
                          7: YY5vnq-WY3ttKAPBwWUwZDNoZ94.roa (hash: otf25hemgRYV3JPKjRYvJ8q5HrlB5I1ctES0TPSG1ck=)
                          8: Z48A1_I47mYSHVTo4XpKWd1w_wY.roa (hash: NvJ6V/CehduL5Zgko7xVcI92EacH0CBv0m1gyVIWLQM=)
                          9: _sq0c5GTAFHDkK0kB1xS-FJEkxE.roa (hash: 0/aQ7T6vcLRIStkXpDsfCFlQb8OkLcG1wf2/+Q//xZk=)
                          10: bOl89NjQvBezrx1ixNcUiGYb0hI.crl (hash: m5p37lLhNJRNVzmqZTJpCc/ZLBQpjDYjUBYl4HzMRQc=)
                          11: bgndW0CmBQuiHxQFDGV1p4kfQ0w.roa (hash: 69wNM6Nj33ysdv0n+TRiRf/aZRUnSe2bA4XmQXvr6Ug=)
                          12: nRXz0JWuVzTuqgJJowbVl480fPU.roa (hash: 8yilskVPxe2I/+785iQCSlJBQxLK7FQ+9fHJRaIbBIk=)
                          13: ok2coLlZfCNf012-KQnTYpk7lZE.roa (hash: jPQ1+YObpchvAlB5pc4INo3tzPPIYQQgACezxT56CVQ=)
                          14: whbNPX7xpImhIktrpipKoQzAFZo.roa (hash: Jtvnk0ncEqCQ/ZQ9F0sCk3O4UoG6D0dlD2s9B3IWjbk=)
                          15: y2chyLi0MiNw5kPgCGuG_lAJm6E.roa (hash: aBY4sS6r8TuI74TUuwhLmDR0B3e0KyzhgW6eBiCSGXY=)
                          16: yCCs4shbMfXFkRbB-dbVm3aK1dE.roa (hash: ERGKfWwqWpDoNIV4hNRq6bDPGoH2AztZvrPKQ4MnRxU=)
                          17: yqrbohxedJqZYRfOM_ZbeFgbUDk.roa (hash: 5D+jOOYzSjHZwRxIJ5GcJlLwrz/EOLrzaFXp3+Dosvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:b0:d5:9a:62:1f:0e:eb:d7:24:de:76:21:e9:04:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
        Validity
            Not Before: Jun  7 00:01:00 2025 GMT
            Not After : Jun  8 00:01:00 2025 GMT
        Subject: CN=98d2c091fe55003576ffba97cb579efb714215f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:54:4c:5d:d7:f8:83:f4:b8:84:a5:b9:2a:2f:
                    94:9f:97:1d:b8:4e:02:d2:8f:1f:4d:bc:e4:49:0a:
                    09:88:b9:99:bb:a3:58:5b:f7:2e:9c:41:bc:65:bf:
                    3c:3d:23:c1:de:49:16:6b:d0:1b:ed:9e:1d:2e:8a:
                    77:c9:c9:64:3b:55:3e:6d:c7:52:cf:47:8a:41:c0:
                    1b:a3:22:b3:5b:8c:e9:3f:3d:df:8d:8c:1d:80:30:
                    f4:8f:49:af:83:2d:71:71:3c:1c:6e:1d:cc:0b:c1:
                    82:b2:18:a7:ac:76:26:eb:ff:8c:82:b7:51:78:3c:
                    0b:8c:ad:d6:81:53:36:38:c1:32:8c:79:d3:63:d3:
                    0e:92:2f:8d:0e:02:1b:df:89:13:47:9c:46:30:af:
                    ac:70:3b:6a:d4:f3:5d:ce:0f:fb:38:04:44:05:c3:
                    44:9a:86:45:8f:6f:c4:b4:a9:a4:ef:0d:a6:48:6c:
                    8d:5d:96:ab:64:d3:fb:26:5d:af:07:55:ee:60:ca:
                    9b:e1:8e:a5:2d:61:80:29:f6:be:16:24:10:14:99:
                    e1:b3:f2:cc:b8:b7:63:95:f4:85:07:5d:bf:62:bd:
                    ad:5c:7c:9b:b9:36:74:76:33:c9:28:e2:3c:dc:ec:
                    8c:4a:68:43:c6:08:b3:02:36:00:4c:3e:be:4a:b8:
                    15:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D2:C0:91:FE:55:00:35:76:FF:BA:97:CB:57:9E:FB:71:42:15:F3
            X509v3 Authority Key Identifier:
                keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:5a:30:ed:b1:77:fe:9b:d1:08:b2:bf:ca:22:7e:5d:7d:d1:
         cb:b4:c0:91:ed:05:37:d5:6d:69:d0:c9:34:5a:15:eb:fe:4b:
         51:1c:a1:d7:01:c6:57:46:e2:86:dd:d1:63:e1:6b:da:58:c4:
         4c:44:9f:96:ed:7c:51:1d:2a:6a:f6:ac:40:9b:c5:56:f5:35:
         01:3d:11:ba:78:15:9f:99:08:01:22:b9:6c:55:6a:8c:ce:aa:
         47:b9:da:d6:4b:d0:bb:64:27:e2:2b:08:82:74:3b:92:53:66:
         18:cc:5f:c7:b3:a6:22:8d:a0:64:68:96:3f:fc:fd:82:be:2a:
         27:32:7e:92:28:ac:11:eb:93:97:d1:78:a0:7c:d1:d2:5f:bb:
         56:7a:1a:14:79:a0:5f:f9:2a:9d:2c:ed:2b:6b:bb:82:7d:aa:
         c4:3f:48:36:7f:c5:87:b3:8b:30:4d:50:55:73:a1:10:34:45:
         f7:d0:5b:9e:1f:95:9e:3e:c2:c9:51:82:b2:90:7c:6b:dc:a2:
         a0:67:26:05:22:cc:5f:48:73:84:45:c6:16:55:a1:a7:85:1c:
         9c:48:ef:81:76:f5:00:bb:38:1e:b2:7e:82:5f:1a:46:b2:5f:
         f7:cb:8e:93:71:49:01:82:c7:67:39:28:f8:06:f7:70:94:1d:
         16:30:32:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHsNWaYh8O69ck3nYh6QRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjUwNjA3MDAwMTAwWhcNMjUwNjA4MDAwMTAwWjAzMTEwLwYDVQQD
Eyg5OGQyYzA5MWZlNTUwMDM1NzZmZmJhOTdjYjU3OWVmYjcxNDIxNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1RMXdf4g/S4hKW5Ki+Un5cduE4C
0o8fTbzkSQoJiLmZu6NYW/cunEG8Zb88PSPB3kkWa9Ab7Z4dLop3yclkO1U+bcdS
z0eKQcAboyKzW4zpPz3fjYwdgDD0j0mvgy1xcTwcbh3MC8GCshinrHYm6/+MgrdR
eDwLjK3WgVM2OMEyjHnTY9MOki+NDgIb34kTR5xGMK+scDtq1PNdzg/7OAREBcNE
moZFj2/EtKmk7w2mSGyNXZarZNP7Jl2vB1XuYMqb4Y6lLWGAKfa+FiQQFJnhs/LM
uLdjlfSFB12/Yr2tXHybuTZ0djPJKOI83OyMSmhDxgizAjYATD6+SrgVTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjSwJH+VQA1dv+6l8tXnvtxQhXzMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFow7bF3
/pvRCLK/yiJ+XX3Ry7TAke0FN9VtadDJNFoV6/5LURyh1wHGV0biht3RY+Fr2ljE
TESflu18UR0qavasQJvFVvU1AT0RungVn5kIASK5bFVqjM6qR7na1kvQu2Qn4isI
gnQ7klNmGMxfx7OmIo2gZGiWP/z9gr4qJzJ+kiisEeuTl9F4oHzR0l+7VnoaFHmg
X/kqnSztK2u7gn2qxD9INn/Fh7OLME1QVXOhEDRF99Bbnh+Vnj7CyVGCspB8a9yi
oGcmBSLMX0hzhEXGFlWhp4UcnEjvgXb1ALs4HrJ+gl8aRrJf98uOk3FJAYLHZzko
+Ab3cJQdFjAyvg==
-----END CERTIFICATE-----