Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File:                     CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier:          xL46LBl/lmcz08wZxkL+U6mwKEJJnA7c+2YNm025Gic=
Subject key identifier:   8A:D9:80:A6:97:E9:31:88:87:59:81:A1:63:93:9B:DE:E5:4A:CF:9D
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       0197C191CF84265569B3F3652F9D17F8DA8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number:          09D2
Signing time:             Mon 30 Jun 2025 16:00:47 +0000
Manifest this update:     Mon 30 Jun 2025 16:00:47 +0000
Manifest next update:     Tue 01 Jul 2025 16:00:47 +0000
Files and hashes:         1: BVbo9uh3-UvDvwSZi6BfXSBGPHU.roa (hash: Z8qyhH6viB+EEzaDtRv3WrjvxrAR7rKFv4csNYovB+g=)
                          2: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: oj0IDjsAmyKbp9QZKvqOGbJwDVNT2P8PwblOPmhVU+I=)
                          3: DN7cb2WxNWOTpycH6YaG66edbbs.roa (hash: xHRCbbCrWIHuruRPkilEuXWa24rKkDGqIeFboryKMwQ=)
                          4: Fiaoyzt87itbMDPQcRW3KUFZRqE.roa (hash: msw75zbRd9jVXLoPptdxNvS4cyBll5nFN6qdq2TWWOE=)
                          5: HHx5PgT40c8odAvxk1P-fxWePlA.roa (hash: zPsSrq/ptkyDcwkMCUxFQsAp1K70phIRO2z3d5q6bK8=)
                          6: Mo-GiiM2sNe-eBz_JyMl4sLvpMo.roa (hash: S6ZzEosIiFeiJ1KKDxx2F81o6c+HfdnMbY4tAkCKBFE=)
                          7: OEhLMwhGsj88kZ4FqVMVTfpqz-8.roa (hash: /KQ43a3fdsH0+xJZbYiIUJZNQ9G0ar1u4ierKXmEsMM=)
                          8: jMIl0-AsPbFxzuSdnTOvL0GZyZY.roa (hash: vp7N55mHbj1atM+G1AaTEaDl/C1DAcMrBbixu2jF2UI=)
                          9: m87-CXNBm5VwmmEvQBAI-p_8l98.roa (hash: vGGq9E7IPOkRddkapcYuXImJsPgw9f+HEWKjnAHtMCI=)
                          10: nMhyX7boXa--DjLfLdE1CijBszU.roa (hash: s95e1FJb6EuRsUkazwo7HJhOqZW3W1mabgyeLhjUIIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 16:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c1:91:cf:84:26:55:69:b3:f3:65:2f:9d:17:f8:da:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Jun 30 16:00:47 2025 GMT
            Not After : Jul  1 16:00:47 2025 GMT
        Subject: CN=8ad980a697e93188875981a163939bdee54acf9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:0d:56:37:bb:01:ba:c3:2c:fe:0e:ba:59:c9:
                    f0:c5:0b:e0:ca:da:c5:b4:13:c3:6d:79:89:f3:2d:
                    44:07:76:f5:42:22:a8:95:83:3d:18:c7:a0:d6:bf:
                    42:8f:da:f3:f0:8a:d3:a2:7c:b8:2e:9a:05:93:74:
                    ec:c0:cd:87:1d:fc:25:55:59:0f:7a:fc:08:5f:aa:
                    66:d8:31:65:14:30:fd:d5:e0:a0:12:95:d2:60:8d:
                    12:44:3d:07:a6:24:4c:de:ee:d2:78:bb:23:74:a1:
                    c6:f3:1d:21:6b:39:fe:65:04:db:0a:da:77:28:c4:
                    11:a5:97:2c:41:1b:21:7b:72:a8:05:9f:b1:e4:b3:
                    02:af:71:ea:f8:0d:91:db:b2:b0:06:ab:c3:f2:c6:
                    eb:88:9b:1a:33:09:02:bb:bc:b5:a8:ec:62:7a:28:
                    37:45:ec:0b:a5:64:1f:f9:84:c5:5c:95:a9:8a:3e:
                    14:35:a0:f9:1c:df:e0:38:0f:88:21:05:7f:59:3d:
                    d9:b0:b4:4e:1b:02:ee:29:59:fb:b7:43:4e:78:c1:
                    5f:f4:45:9d:4f:1e:20:bf:1b:78:ba:e7:f1:ed:14:
                    ee:81:ca:3d:92:b6:9c:21:c6:b4:ae:16:76:81:c7:
                    04:0c:9c:c5:0d:b3:82:6c:64:7d:69:a8:b5:08:49:
                    71:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:D9:80:A6:97:E9:31:88:87:59:81:A1:63:93:9B:DE:E5:4A:CF:9D
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:96:00:bb:d2:a0:0e:04:af:08:4a:d9:6b:6d:e4:20:4f:26:
         b8:63:8a:ff:a0:fc:4f:a1:b1:4c:8f:dd:3a:33:6d:dc:43:c1:
         59:a7:61:ed:ed:73:d5:2d:39:fb:ae:34:4e:5f:ee:1f:ef:be:
         9b:0c:7c:69:5f:c5:19:3e:b3:3d:44:bd:ab:51:4c:7b:2c:8f:
         72:d8:c3:3b:e6:b1:eb:0f:a3:ba:1d:3d:c0:78:89:76:8c:c7:
         66:7c:a4:a6:c8:35:ed:0b:df:d5:db:37:71:9f:f0:e0:49:1b:
         c5:59:a2:a4:b9:6d:2c:f8:81:ab:d2:a3:1a:55:10:9d:81:8e:
         48:c2:c4:7f:a0:72:c9:dd:8a:4f:f5:93:da:d2:0a:ca:c1:a0:
         88:96:c2:73:09:91:af:00:38:a0:6a:eb:07:2f:05:36:f7:e4:
         be:6f:d6:ec:2d:47:57:ea:20:44:9c:95:91:f2:c0:43:be:86:
         86:15:0d:12:f0:1e:9c:39:c5:68:8e:36:a3:c2:79:d3:bc:ee:
         8b:6a:95:58:6b:fa:60:d9:fe:3c:e4:e6:e2:1b:8d:d6:4e:b9:
         c1:53:47:02:97:45:f8:9a:58:aa:bf:40:91:c3:6e:fc:72:5a:
         65:2c:c6:f8:53:d2:20:8d:17:b9:98:79:d3:f4:6f:40:e7:9d:
         f9:7d:49:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfBkc+EJlVps/NlL50X+NqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUwNjMwMTYwMDQ3WhcNMjUwNzAxMTYwMDQ3WjAzMTEwLwYDVQQD
Eyg4YWQ5ODBhNjk3ZTkzMTg4ODc1OTgxYTE2MzkzOWJkZWU1NGFjZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzA1WN7sBusMs/g66WcnwxQvgytrF
tBPDbXmJ8y1EB3b1QiKolYM9GMeg1r9Cj9rz8IrTony4LpoFk3TswM2HHfwlVVkP
evwIX6pm2DFlFDD91eCgEpXSYI0SRD0HpiRM3u7SeLsjdKHG8x0hazn+ZQTbCtp3
KMQRpZcsQRshe3KoBZ+x5LMCr3Hq+A2R27KwBqvD8sbriJsaMwkCu7y1qOxieig3
RewLpWQf+YTFXJWpij4UNaD5HN/gOA+IIQV/WT3ZsLROGwLuKVn7t0NOeMFf9EWd
Tx4gvxt4uufx7RTugco9kracIca0rhZ2gccEDJzFDbOCbGR9aai1CElx3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrZgKaX6TGIh1mBoWOTm97lSs+dMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOpYAu9Kg
DgSvCErZa23kIE8muGOK/6D8T6GxTI/dOjNt3EPBWadh7e1z1S05+640Tl/uH+++
mwx8aV/FGT6zPUS9q1FMeyyPctjDO+ax6w+juh09wHiJdozHZnykpsg17Qvf1ds3
cZ/w4EkbxVmipLltLPiBq9KjGlUQnYGOSMLEf6Byyd2KT/WT2tIKysGgiJbCcwmR
rwA4oGrrBy8FNvfkvm/W7C1HV+ogRJyVkfLAQ76GhhUNEvAenDnFaI42o8J507zu
i2qVWGv6YNn+POTm4huN1k65wVNHApdF+JpYqr9AkcNu/HJaZSzG+FPSII0XuZh5
0/RvQOed+X1JDg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:10:41 2025 by rpki-client