Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
File:                     bOl89NjQvBezrx1ixNcUiGYb0hI.mft (raw, json)
Hash identifier:          XOKh2YfsYAK/3uaEB6qC4n08seysE1+0EoZ65u/54UM=
Subject key identifier:   F6:8B:64:99:93:40:DF:07:56:2E:92:0E:3C:56:0F:71:D5:CD:DD:1B
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Certificate issuer:       /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial:       0194BAF283F1A547B73B5126DA3E1F148999
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
Manifest number:          1433
Signing time:             Fri 31 Jan 2025 06:00:43 +0000
Manifest this update:     Fri 31 Jan 2025 06:00:43 +0000
Manifest next update:     Sat 01 Feb 2025 06:00:43 +0000
Files and hashes:         1: Af8LoP7Lc3Ri1EjEl2aPSimN8N8.roa (hash: K3jq+ZPDX3ZWFw5k3Zz+FhB98xNgrxje9TzL4q7xQ84=)
                          2: F2A4Y0MrgEztwlWitJZvMyHSYcU.roa (hash: w50mpPDFrcclMXuIaVxZ4+xtSUk5AU18fPWu5EoX+LA=)
                          3: HDwNTyOMXjdcFIbI5Dg8ZGceIPc.roa (hash: xGqkyX+qZQ75xb5Nb+DtuxrBcbMbXYywOv/jqNzFE9U=)
                          4: J1CKtsXx9r_LHHrlYsJGTJF509U.roa (hash: Wy6xl+FAMDx5u89yFxnteVYqnAsEeBLLKMZFfJdUW6I=)
                          5: Uh2lETEq8E5x-jAu-VnjQrM5VGg.roa (hash: SoBuut5hx6X/4eMmfxkxmJvGDUdRqdsnwXxbmDCgQsE=)
                          6: V9Tcb7av_dVNBRfc9o8N4UA1rso.roa (hash: grBhVeV/JDROWekOKeK0iGvKNav3Jg9ZyJda99GGyG4=)
                          7: Vv7xuEIJNPkNiS2jgKXFiJ0hO5o.roa (hash: 0tBte5YJPRScKJDnL/xskQjq4j0+cjIuEo3Z5S4On/k=)
                          8: YY5vnq-WY3ttKAPBwWUwZDNoZ94.roa (hash: otf25hemgRYV3JPKjRYvJ8q5HrlB5I1ctES0TPSG1ck=)
                          9: _sq0c5GTAFHDkK0kB1xS-FJEkxE.roa (hash: 0/aQ7T6vcLRIStkXpDsfCFlQb8OkLcG1wf2/+Q//xZk=)
                          10: bOl89NjQvBezrx1ixNcUiGYb0hI.crl (hash: cCbhcBRihDK2Ny+Z5/5bPI5YijnuYfVYFZVXRMpfAok=)
                          11: bgndW0CmBQuiHxQFDGV1p4kfQ0w.roa (hash: 69wNM6Nj33ysdv0n+TRiRf/aZRUnSe2bA4XmQXvr6Ug=)
                          12: nRXz0JWuVzTuqgJJowbVl480fPU.roa (hash: 8yilskVPxe2I/+785iQCSlJBQxLK7FQ+9fHJRaIbBIk=)
                          13: ok2coLlZfCNf012-KQnTYpk7lZE.roa (hash: jPQ1+YObpchvAlB5pc4INo3tzPPIYQQgACezxT56CVQ=)
                          14: s3CD24AurNDhU5l0KzX89OIgsIY.roa (hash: j74AELSwt2VeN/kZd/dKyAyFPFjNPOflv3KMrplCA7M=)
                          15: whbNPX7xpImhIktrpipKoQzAFZo.roa (hash: Jtvnk0ncEqCQ/ZQ9F0sCk3O4UoG6D0dlD2s9B3IWjbk=)
                          16: y2chyLi0MiNw5kPgCGuG_lAJm6E.roa (hash: aBY4sS6r8TuI74TUuwhLmDR0B3e0KyzhgW6eBiCSGXY=)
                          17: yCCs4shbMfXFkRbB-dbVm3aK1dE.roa (hash: ERGKfWwqWpDoNIV4hNRq6bDPGoH2AztZvrPKQ4MnRxU=)
                          18: yqrbohxedJqZYRfOM_ZbeFgbUDk.roa (hash: 5D+jOOYzSjHZwRxIJ5GcJlLwrz/EOLrzaFXp3+Dosvg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 06:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:f2:83:f1:a5:47:b7:3b:51:26:da:3e:1f:14:89:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
        Validity
            Not Before: Jan 31 06:00:43 2025 GMT
            Not After : Feb  1 06:00:43 2025 GMT
        Subject: CN=f68b64999340df07562e920e3c560f71d5cddd1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:99:9a:1c:87:60:a7:86:0b:75:d1:6d:57:63:
                    7a:01:7c:d1:12:19:93:5d:4b:bd:f2:c7:0d:31:5d:
                    dc:6e:23:99:7a:67:fa:e5:93:40:97:af:fe:0a:f2:
                    fa:b4:11:eb:e5:08:25:30:06:79:df:cd:21:08:c9:
                    7a:0d:c0:74:b9:fd:60:f2:d6:4e:7a:b9:1d:66:2d:
                    23:16:5a:c7:1f:ad:27:5d:5a:4e:73:c4:c1:af:2e:
                    9c:85:b3:c0:a2:9b:22:5c:62:de:f0:05:95:bc:cb:
                    7f:e5:6f:d5:63:b5:f8:4c:8c:06:c6:d9:7a:9a:93:
                    42:d3:d3:78:9a:76:43:68:ec:09:8a:63:37:8d:60:
                    e7:42:06:fb:33:6b:d9:8f:af:4f:75:d5:bd:4f:68:
                    5d:45:6b:2c:53:99:a5:7d:b0:a1:e8:81:3a:48:8e:
                    6b:59:8b:f8:5b:dd:87:d7:dd:6c:a1:8a:c9:18:93:
                    75:47:d3:1f:ec:c1:2e:d2:17:46:69:be:48:a8:6a:
                    2f:f0:d7:af:e8:ab:76:19:64:69:11:39:73:3c:6d:
                    85:fc:64:13:5f:44:32:12:a4:70:bb:f8:7f:94:d5:
                    ee:4d:74:dd:fd:d5:c2:65:74:3f:63:f9:a4:65:a2:
                    2c:3a:3e:a0:53:71:c9:92:9a:f6:c3:ee:5f:64:e5:
                    90:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:8B:64:99:93:40:DF:07:56:2E:92:0E:3C:56:0F:71:D5:CD:DD:1B
            X509v3 Authority Key Identifier:
                keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:11:ef:de:7b:65:25:c7:4c:43:23:21:4b:36:9b:91:ee:7b:
         1b:51:c8:70:5d:68:e7:bb:5a:3a:52:1c:6e:28:1e:00:6a:96:
         1f:74:b5:d7:63:11:98:d6:11:7d:f9:a2:c2:b0:21:c6:f3:46:
         f3:8a:96:94:81:d2:4c:ff:e9:27:fb:d9:66:46:75:13:40:07:
         bc:4f:02:77:8a:b8:b1:dd:40:7b:c4:f8:79:31:10:e9:a0:04:
         11:34:1a:16:0d:f0:0d:0a:29:54:e9:d5:58:c7:7c:17:a6:63:
         e8:66:96:14:75:79:72:6e:57:e1:6b:20:42:3f:0a:41:a1:ba:
         81:5f:5e:8d:31:2a:a6:ff:da:f4:13:bf:8d:67:f8:29:ea:b2:
         b4:c5:84:24:78:05:d8:2d:c3:57:09:f4:79:91:14:b2:58:32:
         32:f3:26:76:47:ea:dd:a5:18:62:e6:89:31:4b:3e:5c:82:3c:
         38:a6:82:b1:df:db:1b:5a:87:02:41:88:d3:8b:c9:81:11:92:
         ec:a5:99:65:a6:c3:a1:b1:8a:81:f4:c5:78:1c:6a:e7:d5:9a:
         24:cb:64:03:10:9b:f8:39:2d:ba:84:f4:b8:64:36:d6:49:0f:
         88:2d:20:96:fb:f6:74:5a:84:14:9e:87:7d:ca:8f:b0:7c:eb:
         49:82:e8:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68oPxpUe3O1Em2j4fFImZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjUwMTMxMDYwMDQzWhcNMjUwMjAxMDYwMDQzWjAzMTEwLwYDVQQD
EyhmNjhiNjQ5OTkzNDBkZjA3NTYyZTkyMGUzYzU2MGY3MWQ1Y2RkZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5maHIdgp4YLddFtV2N6AXzREhmT
XUu98scNMV3cbiOZemf65ZNAl6/+CvL6tBHr5QglMAZ5380hCMl6DcB0uf1g8tZO
erkdZi0jFlrHH60nXVpOc8TBry6chbPAopsiXGLe8AWVvMt/5W/VY7X4TIwGxtl6
mpNC09N4mnZDaOwJimM3jWDnQgb7M2vZj69PddW9T2hdRWssU5mlfbCh6IE6SI5r
WYv4W92H191soYrJGJN1R9Mf7MEu0hdGab5IqGov8Nev6Kt2GWRpETlzPG2F/GQT
X0QyEqRwu/h/lNXuTXTd/dXCZXQ/Y/mkZaIsOj6gU3HJkpr2w+5fZOWQGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaLZJmTQN8HVi6SDjxWD3HVzd0bMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARxHv3ntl
JcdMQyMhSzabke57G1HIcF1o57taOlIcbigeAGqWH3S112MRmNYRffmiwrAhxvNG
84qWlIHSTP/pJ/vZZkZ1E0AHvE8Cd4q4sd1Ae8T4eTEQ6aAEETQaFg3wDQopVOnV
WMd8F6Zj6GaWFHV5cm5X4WsgQj8KQaG6gV9ejTEqpv/a9BO/jWf4KeqytMWEJHgF
2C3DVwn0eZEUslgyMvMmdkfq3aUYYuaJMUs+XII8OKaCsd/bG1qHAkGI04vJgRGS
7KWZZabDobGKgfTFeBxq59WaJMtkAxCb+DktuoT0uGQ21kkPiC0glvv2dFqEFJ6H
fcqPsHzrSYLoIQ==
-----END CERTIFICATE-----